Set -fpcc-struct-return only for gcc compiler.

I went through all the names mentioned as authors and in commit messages
since 7.21.3, and this list inserted now is sorted on first name.

CMake/CheckTypeSize.c.in

@@ -1,44 +0,0 @@
-#cmakedefine CHECK_TYPE_SIZE_TYPE @CHECK_TYPE_SIZE_TYPE@
-#ifdef CHECK_TYPE_SIZE_TYPE
-
-@CHECK_TYPE_SIZE_PREINCLUDE@
-#ifdef HAVE_SYS_TYPES_H
-#  include <sys/types.h>
-#endif /* HAVE_SYS_TYPES_H */
-
-#ifdef HAVE_SYS_SOCKET_H
-#  include <sys/socket.h>
-#endif
-
-#ifdef _WIN32
-#  include <winsock2.h>
-#  include <ws2tcpip.h>
-#endif
-
-
-#ifdef HAVE_STDINT_H
-#  include <stdint.h>
-#endif /* HAVE_STDINT_H */
-
-#ifdef HAVE_STDDEF_H
-#  include <stddef.h>
-#endif /* HAVE_STDDEF_H */
-
-@CHECK_TYPE_SIZE_PREMAIN@
-
-#ifdef __CLASSIC_C__
-int main(){
-  int ac;
-  char*av[];
-#else
-int main(int ac, char*av[]){
-#endif
-  if(ac > 1000){return *av[0];}
-  return sizeof(CHECK_TYPE_SIZE_TYPE);
-}
-
-#else  /* CHECK_TYPE_SIZE_TYPE */
-
-#  error "CHECK_TYPE_SIZE_TYPE has to specify the type"
-
-#endif /* CHECK_TYPE_SIZE_TYPE */

CMake/CheckTypeSize.cmake

@@ -1,57 +0,0 @@
-# - Check sizeof a type
-#  CHECK_TYPE_SIZE(TYPE VARIABLE)
-# Check if the type exists and determine size of type.  if the type
-# exists, the size will be stored to the variable.
-#
-#  VARIABLE - variable to store size if the type exists.
-#  HAVE_${VARIABLE} - does the variable exists or not
-
-macro(CHECK_TYPE_SIZE TYPE VARIABLE)
-  set(CMAKE_ALLOW_UNKNOWN_VARIABLE_READ_ACCESS 1)
-  if(NOT DEFINED ${VARIABLE})
-    if("HAVE_${VARIABLE}" MATCHES "^HAVE_${VARIABLE}$")
-      set(CHECK_TYPE_SIZE_TYPE "${TYPE}")
-      set(MACRO_CHECK_TYPE_SIZE_FLAGS
-        "${CMAKE_REQUIRED_FLAGS}")
-      foreach(def HAVE_SYS_TYPES_H 
-         HAVE_STDINT_H HAVE_STDDEF_H HAVE_SYS_SOCKET_H)
-        if("${def}")
-          set(MACRO_CHECK_TYPE_SIZE_FLAGS
-            "${MACRO_CHECK_TYPE_SIZE_FLAGS} -D${def}")
-        endif("${def}")
-      endforeach(def)
-      set(CHECK_TYPE_SIZE_PREMAIN)
-      foreach(def ${CMAKE_EXTRA_INCLUDE_FILES})
-        set(CHECK_TYPE_SIZE_PREMAIN "${CHECK_TYPE_SIZE_PREMAIN}#include \"${def}\"\n")
-      endforeach(def)
-      configure_file(
-        "${CMAKE_CURRENT_SOURCE_DIR}/CMake/CheckTypeSize.c.in"
-        "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/CheckTypeSize.c"
-        IMMEDIATE @ONLY)
-      file(READ
-        "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/CheckTypeSize.c"
-        CHECK_TYPE_SIZE_FILE_CONTENT)
-      message(STATUS "Check size of ${TYPE}")
-      if(CMAKE_REQUIRED_LIBRARIES)
-        set(CHECK_TYPE_SIZE_ADD_LIBRARIES
-          "-DLINK_LIBRARIES:STRING=${CMAKE_REQUIRED_LIBRARIES}")
-      endif(CMAKE_REQUIRED_LIBRARIES)
-      try_run(${VARIABLE} HAVE_${VARIABLE}
-        ${CMAKE_BINARY_DIR}
-        "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/CheckTypeSize.c"
-        CMAKE_FLAGS -DCOMPILE_DEFINITIONS:STRING=${MACRO_CHECK_TYPE_SIZE_FLAGS}
-        "${CHECK_TYPE_SIZE_ADD_LIBRARIES}"
-        OUTPUT_VARIABLE OUTPUT)
-      if(HAVE_${VARIABLE})
-        message(STATUS "Check size of ${TYPE} - done")
-        file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeOutput.log
-          "Determining size of ${TYPE} passed with the following output:\n${OUTPUT}\n\n")
-      else(HAVE_${VARIABLE})
-        message(STATUS "Check size of ${TYPE} - failed")
-        file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log
-          "Determining size of ${TYPE} failed with the following output:\n${OUTPUT}\nCheckTypeSize.c:\n${CHECK_TYPE_SIZE_FILE_CONTENT}\n\n")
-      endif(HAVE_${VARIABLE})
-    endif("HAVE_${VARIABLE}" MATCHES "^HAVE_${VARIABLE}$")
-  endif(NOT DEFINED ${VARIABLE})
-  set(CMAKE_ALLOW_UNKNOWN_VARIABLE_READ_ACCESS )
-endmacro(CHECK_TYPE_SIZE)

CMakeLists.txt

@@ -183,13 +183,7 @@ include (CheckIncludeFile)
 include (CheckIncludeFiles)
 include (CheckLibraryExists)
 include (CheckSymbolExists)
-# if crosscompiling is on, the CHECK_TYPE_SIZE macro coming with cmake uses
-# TRY_COMPILE instead of TRY_RUN which makes crosscompiling easier, Alex
-if(CMAKE_CROSSCOMPILING)
-  include ("${CMAKE_MODULE_PATH}/CheckTypeSize.cmake")
-else(CMAKE_CROSSCOMPILING)
-  include (CheckTypeSize)
-endif(CMAKE_CROSSCOMPILING)
+include (CheckTypeSize)
 
 # On windows preload settings
 if(WIN32)
@@ -781,7 +775,13 @@ endif(CMAKE_COMPILER_IS_GNUCC AND APPLE)
 
 if(HAVE_SOCKLEN_T)
   set(CURL_TYPEOF_CURL_SOCKLEN_T "socklen_t")
+  if(WIN32)
+    set(CMAKE_EXTRA_INCLUDE_FILES "winsock2.h;ws2tcpip.h")
+  elseif(HAVE_SYS_SOCKET_H)
+    set(CMAKE_EXTRA_INCLUDE_FILES "sys/socket.h")
+  endif()
   check_type_size("socklen_t" CURL_SIZEOF_CURL_SOCKLEN_T)
+  set(CMAKE_EXTRA_INCLUDE_FILES)
   if(NOT HAVE_CURL_SIZEOF_CURL_SOCKLEN_T)
     message(FATAL_ERROR 
      "Check for sizeof socklen_t failed, see CMakeFiles/CMakerror.log")

COPYING

@@ -1,6 +1,6 @@
 COPYRIGHT AND PERMISSION NOTICE
 
-Copyright (c) 1996 - 2010, Daniel Stenberg, <daniel@haxx.se>.
+Copyright (c) 1996 - 2011, Daniel Stenberg, <daniel@haxx.se>.
 
 All rights reserved.
 

Makefile.am

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -24,15 +24,19 @@ AUTOMAKE_OPTIONS = foreign
 
 ACLOCAL_AMFLAGS = -I m4
 
-CMAKE_DIST = CMakeLists.txt CMake/CheckTypeSize.c.in CMake/CheckTypeSize.cmake \
-CMake/CMakeConfigurableFile.in CMake/CurlCheckCSourceCompiles.cmake	       \
-CMake/CurlCheckCSourceRuns.cmake CMake/CurlTests.c CMake/FindOpenSSL.cmake     \
-CMake/FindZLIB.cmake CMake/OtherTests.cmake CMake/Platforms/WindowsCache.cmake \
+CMAKE_DIST = CMakeLists.txt CMake/CMakeConfigurableFile.in		\
+CMake/CurlCheckCSourceCompiles.cmake CMake/CurlCheckCSourceRuns.cmake	\
+CMake/CurlTests.c CMake/FindOpenSSL.cmake CMake/FindZLIB.cmake		\
+CMake/OtherTests.cmake CMake/Platforms/WindowsCache.cmake		\
 CMake/Utilities.cmake include/curl/curlbuild.h.cmake
 
+WINBUILD_DIST = winbuild/BUILD.WINDOWS.txt winbuild/gen_resp_file.bat	\
+winbuild/MakefileBuild.vc winbuild/Makefile.vc
+
 EXTRA_DIST = CHANGES COPYING maketgz Makefile.dist curl-config.in	\
  curl-style.el sample.emacs RELEASE-NOTES buildconf 	\
- libcurl.pc.in vc6curl.dsw MacOSX-Framework Android.mk $(CMAKE_DIST)
+ libcurl.pc.in vc6curl.dsw MacOSX-Framework Android.mk $(CMAKE_DIST)	\
+ Makefile.msvc.names $(WINBUILD_DIST)
 
 bin_SCRIPTS = curl-config
 

Makefile.dist

@@ -32,45 +32,39 @@ ssl:
 
 borland:
 	cd lib
-	make -f Makefile.b32
+	$(MAKE) -f Makefile.b32
 	cd ..\src
-	make -f Makefile.b32
+	$(MAKE) -f Makefile.b32
 
 borland-ssl:
 	cd lib
-	make -f Makefile.b32 WITH_SSL=1
+	$(MAKE) -f Makefile.b32 WITH_SSL=1
 	cd ..\src
-	make -f Makefile.b32 WITH_SSL=1
+	$(MAKE) -f Makefile.b32 WITH_SSL=1
 
 borland-ssl-zlib:
 	cd lib
-	make -f Makefile.b32 WITH_SSL=1 WITH_ZLIB=1
+	$(MAKE) -f Makefile.b32 WITH_SSL=1 WITH_ZLIB=1
 	cd ..\src
-	make -f Makefile.b32 WITH_SSL=1 WITH_ZLIB=1
+	$(MAKE) -f Makefile.b32 WITH_SSL=1 WITH_ZLIB=1
 
 borland-clean:
 	cd lib
-	make -f Makefile.b32 clean
+	$(MAKE) -f Makefile.b32 clean
 	cd ..\src
-	make -f Makefile.b32 clean
+	$(MAKE) -f Makefile.b32 clean
 
 watcom: .SYMBOLIC
-	cd lib
-	wmake -u -f Makefile.Watcom
-	cd ..\src
-	wmake -u -f Makefile.Watcom
+	cd lib && $(MAKE) -u -f Makefile.Watcom
+	cd src && $(MAKE) -u -f Makefile.Watcom
 
 watcom-clean: .SYMBOLIC
-	cd lib
-	wmake -u -f Makefile.Watcom clean
-	cd ..\src
-	wmake -u -f Makefile.Watcom clean
+	cd lib && $(MAKE) -u -f Makefile.Watcom clean
+	cd src && $(MAKE) -u -f Makefile.Watcom clean
 
 watcom-vclean: .SYMBOLIC
-	cd lib
-	wmake -u -f Makefile.Watcom vclean
-	cd ..\src
-	wmake -u -f Makefile.Watcom vclean
+	cd lib && $(MAKE) -u -f Makefile.Watcom vclean
+	cd src && $(MAKE) -u -f Makefile.Watcom vclean
 
 mingw32:
 	$(MAKE) -C lib -f Makefile.m32
@@ -92,6 +86,10 @@ mingw32-ssh2-ssl-sspi-zlib:
 	$(MAKE) -C lib -f Makefile.m32 SSH2=1 SSL=1 SSPI=1 ZLIB=1
 	$(MAKE) -C src -f Makefile.m32 SSH2=1 SSL=1 SSPI=1 ZLIB=1
 
+mingw32-rtmp-ssh2-ssl-sspi-zlib:
+	$(MAKE) -C lib -f Makefile.m32 RTMP=1 SSH2=1 SSL=1 SSPI=1 ZLIB=1
+	$(MAKE) -C src -f Makefile.m32 RTMP=1 SSH2=1 SSL=1 SSPI=1 ZLIB=1
+
 mingw32-clean:
 	$(MAKE) -C lib -f Makefile.m32 clean
 	$(MAKE) -C src -f Makefile.m32 clean

Makefile.msvc.names

@@ -0,0 +1,81 @@
+#***************************************************************************
+#                                  _   _ ____  _
+#  Project                     ___| | | |  _ \| |
+#                             / __| | | | |_) | |
+#                            | (__| |_| |  _ <| |___
+#                             \___|\___/|_| \_\_____|
+#
+# Copyright (C) 1999 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at http://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+#***************************************************************************
+
+#
+# This file is included from MSVC makefiles located in lib and src,
+# providing libcurl common file names required by these makefiles.
+#
+
+# ------------------
+# libcurl base name
+# ------------------
+
+!IF !DEFINED(LIB_NAME) || "$(LIB_NAME)" == ""
+LIB_NAME = libcurl
+!ENDIF
+
+# -------------------------------------------------
+# libcurl static and dynamic libraries common base
+# file names for release and debug configurations
+# -------------------------------------------------
+
+!IF !DEFINED(LIB_NAME_STA_REL) || "$(LIB_NAME_STA_REL)" == ""
+LIB_NAME_STA_REL = $(LIB_NAME)
+!ENDIF
+
+!IF !DEFINED(LIB_NAME_STA_DBG) || "$(LIB_NAME_STA_DBG)" == ""
+LIB_NAME_STA_DBG = $(LIB_NAME_STA_REL)d
+!ENDIF
+
+!IF !DEFINED(LIB_NAME_DYN_REL) || "$(LIB_NAME_DYN_REL)" == ""
+LIB_NAME_DYN_REL = $(LIB_NAME)
+!ENDIF
+
+!IF !DEFINED(LIB_NAME_DYN_DBG) || "$(LIB_NAME_DYN_DBG)" == ""
+LIB_NAME_DYN_DBG = $(LIB_NAME_DYN_REL)d
+!ENDIF
+
+# --------------------------------------------
+# Base names for libcurl DLL import libraries
+# --------------------------------------------
+
+!IF !DEFINED(LIB_NAME_IMP_REL) || "$(LIB_NAME_IMP_REL)" == ""
+LIB_NAME_IMP_REL = $(LIB_NAME_DYN_REL)_imp
+!ENDIF
+
+!IF !DEFINED(LIB_NAME_IMP_DBG) || "$(LIB_NAME_IMP_DBG)" == ""
+LIB_NAME_IMP_DBG = $(LIB_NAME_DYN_DBG)_imp
+!ENDIF
+
+# --------------------------------------
+# File names with extension and no path
+# --------------------------------------
+
+LIBCURL_STA_LIB_REL = $(LIB_NAME_STA_REL).lib
+LIBCURL_STA_LIB_DBG = $(LIB_NAME_STA_DBG).lib
+LIBCURL_DYN_LIB_REL = $(LIB_NAME_DYN_REL).dll
+LIBCURL_DYN_LIB_DBG = $(LIB_NAME_DYN_DBG).dll
+LIBCURL_IMP_LIB_REL = $(LIB_NAME_IMP_REL).lib
+LIBCURL_IMP_LIB_DBG = $(LIB_NAME_IMP_DBG).lib
+LIBCURL_DYN_LIB_PDB = $(LIB_NAME_IMP_DBG).pdb
+
+# End of Makefile.msvc.names

RELEASE-NOTES

@@ -1,61 +1,54 @@
-Curl and libcurl 7.21.2
+Curl and libcurl 7.21.4
 
- Public curl releases:         118
- Command line options:         138
- curl_easy_setopt() options:   180
+ Public curl releases:         120
+ Command line options:         143
+ curl_easy_setopt() options:   185
  Public functions in libcurl:  58
  Known libcurl bindings:       39
- Contributors:                 817
+ Contributors:                 834
 
 This release includes the following changes:
 
- o curl -T: ignore file size of special files
- o Added GOPHER protocol support
- o Added mk-ca-bundle.vbs script
- o c-ares build now requires c-ares >= 1.6.0
+ o CURLINFO_FTP_ENTRY_PATH now supports SFTP
+ o introduced new framework for unit-testing
+ o IDN: use win32 API if told to
+ o ares: ask for both IPv4 and IPv6 addresses
+ o HTTP: do Negotiate authentication using SSPI on windows
+ o Windows build: alternative makefile
+ o TLS-SRP: support added when using GnuTLS
 
 This release includes the following bugfixes:
 
- o --remote-header-name security vulnerability fixed:
-   http://curl.haxx.se/docs/adv_20101013.html
-
- o multi: support the timeouts correctly, fixes known bug #62
- o multi: use timeouts properly for MAX_RECV/SEND_SPEED
- o negotiation: Wrong proxy authorization
- o multi: avoid sending multiple complete messages
- o cmdline: make -F type= accept ;charset=
- o RESUME_FROM: clarify what ftp uploads do
- o http: handle trailer headers in all chunked responses
- o Curl_is_connected: use correct errno
- o Added SSPI build to Watcom makefile
- o progress: callback for POSTs less than MAX_INITIAL_POST_SIZE
- o linking problem on Fedora 13
- o Link curl and the test apps with -lrt explicitly when necessary
- o chunky parser: only rewind stream internally if needed
- o remote-header-name: don't output filename when NULL
- o Curl_timeleft: avoid returning "no timeout" by mistake
- o timeout: use the correct start value as offset
- o FTP: fix wrong timeout trigger
- o buildconf got better output on failures
- o rtsp: avoid SIGSEGV on malformed header
- o LDAP: Support for tunnelling queries through HTTP proxy
- o configure's --enable-werror had a bashism
- o test565: Don't hardcode IP:PORT
- o configure: check for gcrypt if using GnuTLS
- o configure: don't enable RTMP if the lib detect fails
- o curl_easy_duphandle: clone the c-ares handle correctly
- o MacOSX-Framework: updates for Snowleopard
- o support URL containing colon without trailing port number
- o parsedate: allow time specified without seconds
- o curl_easy_escape: don't escape "unreserved" characters
- o SFTP: avoid downloading negative sizes
- o Lots of GSS/KRB FTP fixes
- o TFTP: Work around tftpd-hpa upload bug
- o libcurl.m4: several fixes
- o HTTP: remove special case for 416
- o examples: use example.com in example URLs
- o globbing: fix crash on unballanced open brace
- o cmake: build fixed
+ o SMTP: add brackets for MAIL FROM
+ o ossl_seed: no more RAND_screen (on Windows)
+ o multi: connect fail => use next IP address
+ o use the timeout when using multiple IP addresses similar to how
+   the easy interface does it
+ o cookies: tricked dotcounter fixed
+ o pubkey_show: allocate buffer to fit any-size result
+ o Curl_nss_connect: avoid PATH_MAX
+ o Curl_do: avoid using stale conn pointer
+ o tftpd test server: avoid buffer overflow report from glibc
+ o nss: avoid CURLE_OUT_OF_MEMORY given a file name without any slash
+ o nss: fix a bug in handling of CURLOPT_CAPATH
+ o CMake: Use upstream CheckTypeSize module
+ o OpenSSL get_cert_chain: support larger data sets
+ o SCP/SFTP transfers: acknowledge speedcheck
+ o GnuTLS builds: fix memory leak
+ o connect problem: use UDP correctly
+ o Borland C++ makefile tweaks
+ o OpenSSL: improved error message on SSL_CTX_new failures
+ o HTTP: memory leak on multiple Location:
+ o ares_query_completed_cb: don't touch invalid data
+ o ares: memory leak fix
+ o mk-ca-bundle: use new cacert url
+ o Curl_gmtime: added a portable gmtime and check for NULL
+ o curl.1: typo in -v description
+ o CURLOPT_SOCKOPTFUNCTION: return proper error code
+ o --keepalive-time: warn if not supported properly
+ o file: add support for CURLOPT_TIMECONDITION
+ o nss: avoid memory leaks and failure of NSS shutdown
+ o multi: fix CURLM_STATE_TOOFAST for multi_socket
 
 This release includes the following known bugs:
 
@@ -64,10 +57,11 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
- Kamil Dudka, Ben Greear, Cameron Kaiser, Dan Fandrich, Dirk Manske,
- Guenter Knauf, Julien Chaffraix, Quanah Gibson-Mount, Tor Arntsen,
- Peter Pentchev, James Bursa, Fabian Keil, Michal Gorny, Mauro Iorio,
- Hendrik Visage, Ning Dong, David McCreedy, Patrick Monnerat,
- Tim Newsome, Dan Locks, Vlad Ureche, Dimitre Dimitrov
+ Amr Shahin, Andreas Olsson, Bjoern Sikora, Brad Hards, Brad King,
+ Dan Fandrich, Daniel Mentz, Darshan Mody, Dave Reisner, Eric Hu,
+ Guenter Knauf, Ian D Allen, John Bradshaw, Julien Chaffraix, Kamil Dudka,
+ Luke Amery, Marcel Roelofs, Martin Lemke, Nicholas Maniscalco,
+ Pasha Kuznetsov, Patrick Monnerat, Paul Howarth, Pedro Larroy, Pierre Joye,
+ Quinn Slack, Samuel Thibault, Tommie Gannert, Vsevolod Novikov, Yang Tse
 
         Thanks! (and sorry if I forgot to mention someone)

TODO-RELEASE

@@ -1,17 +1,10 @@
-To be addressed in 7.21.2
-=========================
-
-268 - 3076430 SFTP resume with 4GB file does not work
-
-271 -
-
 To be addressed in 7.21.3
 =========================
 
-262 - Manual setting of TLS Server Name Indication - use Host:
-
 263 - Support binding DNS to local interface/IP
 
 265 - 1. FTP cmd channel and data channel validation
 
 267 - 2. Cert chain for data channel
+
+271 -

acinclude.m4

@@ -3181,7 +3181,7 @@ AC_DEFUN([CURL_CHECK_WIN32_LARGEFILE], [
       ;;
     win32_small_files)
       AC_MSG_RESULT([yes (large file disabled)])
-      AC_DEFINE_UNQUOTED(USE_WIN32_LARGE_FILES, 1,
+      AC_DEFINE_UNQUOTED(USE_WIN32_SMALL_FILES, 1,
         [Define to 1 if you are building a Windows target without large file support.])
       ;;
     *)
@@ -3246,3 +3246,44 @@ AC_DEFUN([CURL_CHECK_PKGCONFIG], [
       fi
     fi
 ])
+
+
+dnl CURL_GENERATE_CONFIGUREHELP_PM
+dnl -------------------------------------------------
+dnl Generate test harness configurehelp.pm module, defining and
+dnl initializing some perl variables with values which are known
+dnl when the configure script runs. For portability reasons, test
+dnl harness needs information on how to run the C preprocessor.
+
+AC_DEFUN([CURL_GENERATE_CONFIGUREHELP_PM], [
+  AC_REQUIRE([AC_PROG_CPP])dnl
+  tmp_cpp=`eval echo "$ac_cpp" 2>/dev/null`
+  if test -z "$tmp_cpp"; then
+    tmp_cpp='cpp'
+  fi
+  cat >./tests/configurehelp.pm <<_EOF
+[@%:@] This is a generated file.  Do not edit.
+
+package configurehelp;
+
+use strict;
+use warnings;
+use Exporter;
+
+use vars qw(
+    @ISA
+    @EXPORT_OK
+    \$Cpreprocessor
+    );
+
+@ISA = qw(Exporter);
+
+@EXPORT_OK = qw(
+    \$Cpreprocessor
+    );
+
+\$Cpreprocessor = '$tmp_cpp';
+
+1;
+_EOF
+])

buildconf

@@ -293,6 +293,7 @@ for fname in .deps \
     config.status \
     config.sub \
     configure \
+    configurehelp.pm \
     curl-config \
     curlbuild.h \
     depcomp \
@@ -364,6 +365,12 @@ if test ! -f ./config.guess; then
 else
   buildhost=`./config.guess 2>/dev/null|head -n 1`
   case $buildhost in
+    *-*-darwin*)
+      need_lt_major=1
+      need_lt_minor=5
+      need_lt_patch=26
+      need_lt_check="yes"
+      ;;
     *-*-hpux*)
       need_lt_major=1
       need_lt_minor=5

configure.ac

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -140,12 +140,13 @@ AC_SUBST(PKGADD_VENDOR)
 
 dnl
 dnl initialize all the info variables
-    curl_ssl_msg="no      (--with-{ssl,gnutls,nss,polarssl} )"
+    curl_ssl_msg="no      (--with-{ssl,gnutls,nss,polarssl,axtls} )"
     curl_ssh_msg="no      (--with-libssh2)"
    curl_zlib_msg="no      (--with-zlib)"
    curl_krb4_msg="no      (--with-krb4*)"
     curl_gss_msg="no      (--with-gssapi)"
  curl_spnego_msg="no      (--with-spnego)"
+curl_tls_srp_msg="no      (--enable-tls-srp)"
     curl_res_msg="default (--enable-ares / --enable-threaded-resolver)"
    curl_ipv6_msg="no      (--enable-ipv6)"
     curl_idn_msg="no      (--with-libidn)"
@@ -156,6 +157,7 @@ curl_verbose_msg="enabled (--disable-verbose)"
   curl_ldaps_msg="no      (--enable-ldaps)"
    curl_rtsp_msg="no      (--enable-rtsp)"
    curl_rtmp_msg="no      (--with-librtmp)"
+    init_ssl_msg=${curl_ssl_msg}
 
 dnl
 dnl Save anything in $LIBS for later
@@ -955,16 +957,19 @@ dnl Check if the operating system allows programs to write to their own argv[]
 dnl **********************************************************************
 
 AC_MSG_CHECKING([if argv can be written to])
-AC_CACHE_VAL(curl_cv_writable_argv, [
-AC_RUN_IFELSE([[
+AC_RUN_IFELSE([
+  AC_LANG_SOURCE([[
 int main(int argc, char ** argv) {
-        argv[0][0] = ' ';
-        return (argv[0][0] == ' ')?0:1;
+    argv[0][0] = ' ';
+    return (argv[0][0] == ' ')?0:1;
 }
-        ]],
-        curl_cv_writable_argv=yes,
-        curl_cv_writable_argv=no,
-        curl_cv_writable_argv=cross)
+  ]])
+],[
+  curl_cv_writable_argv=yes
+],[
+  curl_cv_writable_argv=no
+],[
+  curl_cv_writable_argv=cross
 ])
 case $curl_cv_writable_argv in
 yes)
@@ -1750,6 +1755,17 @@ if test "$GNUTLS_ENABLED" = "1"; then
     ])
 fi
 
+dnl ---
+dnl We require GnuTLS with SRP support.
+dnl ---
+if test "$GNUTLS_ENABLED" = "1"; then
+  AC_CHECK_LIB(gnutls, gnutls_srp_verifier,
+   [
+     AC_DEFINE(HAVE_GNUTLS_SRP, 1, [if you have the function gnutls_srp_verifier])
+     AC_SUBST(HAVE_GNUTLS_SRP, [1])
+   ])
+fi
+
 dnl ----------------------------------------------------
 dnl check for PolarSSL
 dnl ----------------------------------------------------
@@ -1930,9 +1946,64 @@ if test "$OPENSSL_ENABLED" != "1" -a "$GNUTLS_ENABLED" != "1"; then
 
 fi dnl OPENSSL != 1 -a GNUTLS_ENABLED != 1
 
-if test "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$POLARSSL_ENABLED" = "x"; then
+OPT_AXTLS=off
+
+AC_ARG_WITH(axtls,dnl
+AC_HELP_STRING([--with-axtls=PATH],[Where to look for axTLS, PATH points to the axTLS installation prefix (default: /usr/local).  Ignored if another SSL engine is selected.])
+AC_HELP_STRING([--without-axtls], [disable axTLS]),
+  OPT_AXTLS=$withval)
+
+if test "$curl_ssl_msg" = "$init_ssl_msg"; then
+  if test X"$OPT_AXTLS" != Xno; then
+    dnl backup the pre-axtls variables
+    CLEANLDFLAGS="$LDFLAGS"
+    CLEANCPPFLAGS="$CPPFLAGS"
+    CLEANLIBS="$LIBS"
+
+    case "$OPT_AXTLS" in
+    yes)
+      dnl --with-axtls (without path) used
+      PREFIX_AXTLS=/usr/local
+      LIB_AXTLS="$PREFIX_AXTLS/lib"
+      LDFLAGS="$LDFLAGS -L$LIB_AXTLS"
+      CPPFLAGS="$CPPFLAGS -I$PREFIX_AXTLS/include"
+      ;;
+    off)
+      dnl no --with-axtls option given, just check default places
+      PREFIX_AXTLS=
+      ;;
+    *)
+      dnl check the given --with-axtls spot
+      PREFIX_AXTLS=$OPT_AXTLS
+      LIB_AXTLS="$PREFIX_AXTLS/lib"
+      LDFLAGS="$LDFLAGS -L$LIB_AXTLS"
+      CPPFLAGS="$CPPFLAGS -I$PREFIX_AXTLS/include"
+      ;;
+    esac
+
+    AC_CHECK_LIB(axtls, ssl_version,[
+      LIBS="-laxtls $LIBS"
+      AC_DEFINE(USE_AXTLS, 1, [if axTLS is enabled])
+      AC_SUBST(USE_AXTLS, [1])
+      AXTLS_ENABLED=1
+      USE_AXTLS="yes"
+      curl_ssl_msg="enabled (axTLS)"
+
+
+      LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$LIB_AXTLS"
+      export LD_LIBRARY_PATH
+      AC_MSG_NOTICE([Added $LIB_AXTLS to LD_LIBRARY_PATH])
+      ],[
+      LDFLAGS="$CLEANLDFLAGS"
+      CPPFLAGS="$CLEANCPPFLAGS"
+      LIBS="$CLEANLIBS"
+    ])
+  fi
+fi
+
+if test "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$POLARSSL_ENABLED$AXTLS_ENABLED" = "x"; then
   AC_MSG_WARN([SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more.])
-  AC_MSG_WARN([Use --with-ssl, --with-gnutls, --with-polarssl or --with-nss to address this.])
+  AC_MSG_WARN([Use --with-ssl, --with-gnutls, --with-polarssl, --with-nss or --with-axtls to address this.])
 else
   # SSL is enabled, genericly
   AC_SUBST(SSL_ENABLED)
@@ -2019,8 +2090,9 @@ if test X"$OPT_LIBSSH2" != Xno; then
        dnl libssh2_version is a post 1.0 addition
        dnl libssh2_init and libssh2_exit were added in 1.2.5
        dnl libssh2_scp_send64 was added in 1.2.6
+       dnl libssh2_session_handshake was added in 1.2.8
        AC_CHECK_FUNCS( libssh2_version libssh2_init libssh2_exit \
-                       libssh2_scp_send64 )
+                       libssh2_scp_send64 libssh2_session_handshake)
 
        LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$DIR_SSH2"
        export LD_LIBRARY_PATH
@@ -2062,6 +2134,10 @@ if test X"$OPT_LIBRTMP" != Xno; then
       CPP_RTMP=`$PKGCONFIG --cflags-only-I librtmp`
       version=`$PKGCONFIG --modversion librtmp`
       DIR_RTMP=`echo $LD_RTMP | $SED -e 's/-L//'`
+    else
+      dnl To avoid link errors, we do not allow --librtmp without
+      dnl a pkgconfig file
+      AC_MSG_ERROR([--librtmp was specified but could not find librtmp pkgconfig file.])
     fi
 
     ;;
@@ -2277,11 +2353,17 @@ AC_CHECK_TYPE(long long,
 
 if test "xyes" = "x$longlong"; then
   AC_MSG_CHECKING([if numberLL works])
-  AC_COMPILE_IFELSE([long long val = 1000LL;],
-   [AC_DEFINE(HAVE_LL, 1, [if your compiler supports LL])]
-   AC_MSG_RESULT(yes),
-   AC_MSG_RESULT(no)
-  )
+  AC_COMPILE_IFELSE([
+    AC_LANG_PROGRAM([[
+    ]],[[
+      long long val = 1000LL;
+    ]])
+  ],[
+    AC_MSG_RESULT([yes])
+    AC_DEFINE(HAVE_LL, 1, [if your compiler supports LL])
+  ],[
+    AC_MSG_RESULT([no])
+  ])
 fi
 
 
@@ -2328,6 +2410,7 @@ CURL_CHECK_FUNC_FCNTL
 CURL_CHECK_FUNC_FDOPEN
 CURL_CHECK_FUNC_FREEADDRINFO
 CURL_CHECK_FUNC_FREEIFADDRS
+CURL_CHECK_FUNC_FSETXATTR
 CURL_CHECK_FUNC_FTRUNCATE
 CURL_CHECK_FUNC_GETADDRINFO
 CURL_CHECK_FUNC_GETHOSTBYADDR
@@ -2368,10 +2451,6 @@ CURL_CHECK_FUNC_STRTOK_R
 CURL_CHECK_FUNC_STRTOLL
 CURL_CHECK_FUNC_WRITEV
 
-dnl Checks for library functions.
-dnl AC_PROG_GCC_TRADITIONAL
-
-dnl AC_FUNC_VPRINTF
 case $host in
   *msdosdjgpp)
      ac_cv_func_pipe=no
@@ -2494,7 +2573,8 @@ AM_CONDITIONAL(USE_MANUAL, test x"$USE_MANUAL" = x1)
 CURL_CHECK_LIB_ARES
 AM_CONDITIONAL(USE_EMBEDDED_ARES, test x$embedded_ares = xyes)
 
-if test "x$enable_shared" = "xyes"; then
+if test "x$ac_cv_native_windows" != "xyes" &&
+   test "x$enable_shared" = "xyes"; then
   build_libhostname=yes
 else
   build_libhostname=no
@@ -2586,6 +2666,33 @@ AC_HELP_STRING([--disable-crypto-auth],[Disable cryptographic authentication]),
        AC_MSG_RESULT(yes)
 )
 
+dnl ************************************************************
+dnl disable TLS-SRP authentication
+dnl
+AC_MSG_CHECKING([whether to enable TLS-SRP authentication])
+AC_ARG_ENABLE(tls-srp,
+AC_HELP_STRING([--enable-tls-srp],[Enable TLS-SRP authentication])
+AC_HELP_STRING([--disable-tls-srp],[Disable TLS-SRP authentication]),
+[ case "$enableval" in
+  no)
+       AC_MSG_RESULT(no)
+       AC_DEFINE(CURL_DISABLE_TLS_SRP, 1, [to disable TLS-SRP authentication])
+       want_tls_srp=no
+       ;;
+  *)   AC_MSG_RESULT(yes)
+       want_tls_srp=yes
+       ;;
+  esac ],
+       AC_MSG_RESULT(yes)
+       want_tls_srp=yes
+)
+
+if test "$want_tls_srp" = "yes" && test "x$HAVE_GNUTLS_SRP" = "x1"; then
+   AC_DEFINE(USE_TLS_SRP, 1, [Use TLS-SRP authentication])
+   USE_TLS_SRP=1
+   curl_tls_srp_msg="enabled"
+fi
+
 dnl ************************************************************
 dnl disable cookies support
 dnl
@@ -2734,6 +2841,9 @@ if test "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
     -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
 fi
+if test "x$USE_TLS_SRP" = "x1"; then
+  SUPPORT_FEATURES="$SUPPORT_FEATURES TLS-SRP"
+fi
 
 AC_SUBST(SUPPORT_FEATURES)
 
@@ -2843,6 +2953,7 @@ AC_CONFIG_FILES([Makefile \
            tests/data/Makefile \
            tests/server/Makefile \
            tests/libtest/Makefile \
+           tests/unit/Makefile \
            packages/Makefile \
            packages/Win32/Makefile \
            packages/Win32/cygwin/Makefile \
@@ -2862,6 +2973,8 @@ AC_CONFIG_FILES([Makefile \
 ])
 AC_OUTPUT
 
+CURL_GENERATE_CONFIGUREHELP_PM
+
 AC_MSG_NOTICE([Configured to build curl/libcurl:
 
   curl version:    ${VERSION}
@@ -2874,6 +2987,7 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
   krb4 support:    ${curl_krb4_msg}
   GSSAPI support:  ${curl_gss_msg}
   SPNEGO support:  ${curl_spnego_msg}
+  TLS-SRP support: ${curl_tls_srp_msg}
   resolver:        ${curl_res_msg}
   ipv6 support:    ${curl_ipv6_msg}
   IDN support:     ${curl_idn_msg}

docs/CONTRIBUTE

@@ -189,7 +189,7 @@
 
 3.2 How To Make a Patch with git
 
- You need to first checkout the respository:
+ You need to first checkout the repository:
 
      git clone git://github.com/bagder/curl.git
 

docs/FAQ

@@ -1,4 +1,4 @@
-Updated: October 6, 2010 (http://curl.haxx.se/docs/faq.html)
+Updated: January 29, 2011 (http://curl.haxx.se/docs/faq.html)
                                   _   _ ____  _
                               ___| | | |  _ \| |
                              / __| | | | |_) | |
@@ -446,10 +446,10 @@ FAQ
 
   2.2 Does curl work/build with other SSL libraries?
 
-  Curl has been written to use OpenSSL, GnuTLS, yassl, NSS or PolarSSL,
-  although there should not be many problems using a different library. If
-  anyone does "port" curl to use a different SSL library, we are of course
-  very interested in getting the patch!
+  Curl has been written to use OpenSSL, GnuTLS, yassl, NSS, PolarSSL, axTLS or
+  qssl, although there should not be many problems using a different
+  library. If anyone does "port" curl to use a different SSL library, we are
+  of course very interested in getting the patch!
 
   2.3 Where can I find a copy of LIBEAY32.DLL?
 
@@ -1224,16 +1224,18 @@ FAQ
 
   5.13 How do I stop an ongoing transfer?
 
-  There are several ways, but none of them are instant. There is no function
-  you can call from another thread or similar that will stop it immediately.
+  With the easy interface you make sure to return the correct error code from
+  one of the callbacks, but none of them are instant. There is no function you
+  can call from another thread or similar that will stop it immediately.
   Instead you need to make sure that one of the callbacks you use return an
   appropriate value that will stop the transfer.
 
   Suitable callbacks that you can do this with include the progress callback,
   the read callback and the write callback.
 
-  If you're using the multi interface, you also stop a transfer by removing
-  the particular easy handle from the multi stack.
+  If you're using the multi interface, you can also stop a transfer by
+  removing the particular easy handle from the multi stack. At any moment you
+  think the transfer is done.
 
   5.14 Using C++ non-static functions for callbacks?
 
@@ -1284,7 +1286,10 @@ FAQ
   this section was much enhanced by Bjorn Reese.)
 
   We are not lawyers and this is not legal advice. You should probably consult
-  one if you want true and accurate legal insights without our prejudice.
+  one if you want true and accurate legal insights without our prejudice. Note
+  especially that this section concerns the libcurl license only; compiling in
+  features of libcurl that depend on other libraries (e.g. OpenSSL) may affect
+  the licensing obligations of your application.
 
   6.1 I have a GPL program, can I use the libcurl library?
 
@@ -1342,12 +1347,16 @@ FAQ
   You do not have to reveal or make public any changes to the libcurl source
   code.
 
-  You do not have to reveal or make public that you are using libcurl within
+  You do not have to broadcast to the world that you are using libcurl within
   your app.
 
-  As can be seen here: http://curl.haxx.se/docs/companies.html and
-  elsewhere, more and more companies are discovering the power
-  of libcurl and take advantage of it even in commercial environments.
+  All we ask is that you disclose "the copyright notice and this permission
+  notice" somewhere. Most probably like in the documentation or in the section
+  where other third party dependencies already are mentioned and acknowledged.
+
+  As can be seen here: http://curl.haxx.se/docs/companies.html and elsewhere,
+  more and more companies are discovering the power of libcurl and take
+  advantage of it even in commercial environments.
 
 
 7. PHP/CURL Issues

docs/FEATURES

@@ -125,7 +125,7 @@ FILE
 FOOTNOTES
 =========
 
-  *1 = requires OpenSSL, GnuTLS, NSS, yassl or PolarSSL
+  *1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS or PolarSSL
   *2 = requires OpenLDAP
   *3 = requires a GSSAPI-compliant library, such as Heimdal or similar.
   *4 = requires FBopenssl

docs/INSTALL

@@ -142,6 +142,9 @@ UNIX
      To build with PolarSSL support instead of OpenSSL for SSL/TLS, note that
      you need to use both --without-ssl and --with-polarssl.
 
+     To build with axTLS support instead of OpenSSL for TLS, note that you
+     need to use both --without-ssl and --with-axtls.
+
      To get GSSAPI support, build with --with-gssapi and have the MIT or
      Heimdal Kerberos 5 packages installed.
 
@@ -208,9 +211,9 @@ Win32
    adjust as necessary. It is also possible to override these paths with
    environment variables, for example:
 
-     set ZLIB_PATH=c:\zlib-1.2.3
-     set OPENSSL_PATH=c:\openssl-0.9.8k
-     set LIBSSH2_PATH=c:\libssh2-1.1
+     set ZLIB_PATH=c:\zlib-1.2.5
+     set OPENSSL_PATH=c:\openssl-0.9.8r
+     set LIBSSH2_PATH=c:\libssh2-1.2.7
 
    ATTENTION: if you want to build with libssh2 support you have to use latest
    version 0.17 - previous versions will NOT work with 7.17.0 and later!
@@ -229,7 +232,7 @@ Win32
 
    If you want to enable LDAPS support then set LDAPS=1.
 
-   - optional MingW32-built OpenlDAP SDK available from:
+   - optional MingW32-built OpenLDAP SDK available from:
      http://www.gknw.net/mirror/openldap/
    - optional recent Novell CLDAP SDK available from:
      http://developer.novell.com/ndk/cldap.htm
@@ -311,7 +314,7 @@ Win32
    documentation on how to compile zlib. Define the ZLIB_PATH environment
    variable to the location of zlib.h and zlib.lib, for example:
 
-     set ZLIB_PATH=c:\zlib-1.2.3
+     set ZLIB_PATH=c:\zlib-1.2.5
 
    Then run 'nmake vc-zlib' in curl's root directory.
 
@@ -325,7 +328,7 @@ Win32
    Before running nmake define the OPENSSL_PATH environment variable with
    the root/base directory of OpenSSL, for example:
 
-     set OPENSSL_PATH=c:\openssl-0.9.8k
+     set OPENSSL_PATH=c:\openssl-0.9.8q
 
    Then run 'nmake vc-ssl' or 'nmake vc-ssl-dll' in curl's root
    directory.  'nmake vc-ssl' will create a libcurl static and dynamic
@@ -374,30 +377,49 @@ Win32
    Borland C++ compiler
    ---------------------
 
-   compile openssl
+   Ensure that your build environment is properly set up to use the compiler
+   and associated tools. PATH environment variable must include the path to
+   bin subdirectory of your compiler installation, eg: c:\Borland\BCC55\bin
 
-   Make sure you include the paths to curl/include and openssl/inc32 in
-   your bcc32.cnf file
+   It is advisable to set environment variable BCCDIR to the base path of
+   the compiler installation.
 
-   eg : -I"c:\Bcc55\include;c:\path_curl\include;c:\path_openssl\inc32"
+     set BCCDIR=c:\Borland\BCC55
 
-   Check to make sure that all of the sources listed in lib/Makefile.b32
-   are present in the /path_to_curl/lib directory. (Check the src
-   directory for missing ones.)
+   In order to build a plain vanilla version of curl and libcurl run the 
+   following command from curl's root directory:
 
-   Make sure the environment variable "BCCDIR" is set to the install
-   location for the compiler eg : c:\Borland\BCC55
+     make borland
 
-   command line:
-   make -f /path_to_curl/lib/Makefile-ssl.b32
+   To build curl and libcurl with zlib and OpenSSL support set environment
+   variables ZLIB_PATH and OPENSSL_PATH to the base subdirectories of the
+   already built zlib and OpenSSL libraries and from curl's root directory
+   run command:
 
-   compile simplessl.c with appropriate links
+     make borland-ssl-zlib
+
+   libcurl library will be built in 'lib' subdirectory while curl tool
+   is built in 'src' subdirectory. In order to use libcurl library it is
+   advisable to modify compiler's configuration file bcc32.cfg located
+   in c:\Borland\BCC55\bin to reflect the location of libraries include
+   paths for example the '-I' line could result in something like:
+
+     -I"c:\Borland\BCC55\include;c:\curl\include;c:\openssl\inc32"
+
+   bcc3.cfg '-L' line could also be modified to reflect the location of
+   of libcurl library resulting for example:
+
+     -L"c:\Borland\BCC55\lib;c:\curl\lib;c:\openssl\out32"
+
+   In order to build sample program 'simple.c' from the docs\examples
+   subdirectory run following command from mentioned subdirectory:
+
+     bcc32 simple.c libcurl.lib cw32mt.lib
+
+   In order to build sample program simplessl.c an SSL enabled libcurl
+   is required, as well as the OpenSSL libeay32.lib and ssleay32.lib
+   libraries.
 
-   c:\curl\docs\examples\> bcc32 -L c:\path_to_curl\lib\libcurl.lib
-                                 -L c:\borland\bcc55\lib\psdk\ws2_32.lib
-                                 -L c:\openssl\out32\libeay32.lib
-                                 -L c:\openssl\out32\ssleay32.lib
-                                 simplessl.c
 
    OTHER MSVC IDEs
    ---------------
@@ -638,7 +660,7 @@ NetWare
    Builds automatically created 8 times a day from current git are here:
    http://www.gknw.net/mirror/curl/autobuilds/
    the status of these builds can be viewed at the autobuild table:
-   http://curl.haxx.se/auto/
+   http://curl.haxx.se/dev/builds.html
 
 
 eCos
@@ -980,17 +1002,21 @@ PORTS
 Useful URLs
 ===========
 
-c-ares    http://daniel.haxx.se/projects/c-ares/license.html
-GNU GSS   http://www.gnu.org/software/gss/
-GnuTLS    http://www.gnu.org/software/gnutls/
-Heimdal   http://www.pdc.kth.se/heimdal/
-libidn    http://www.gnu.org/software/libidn/
-libssh2   http://www.libssh2.org
-MingW     http://www.mingw.org
+axTLS        http://axtls.sourceforge.net/
+c-ares       http://c-ares.haxx.se/
+GNU GSS      http://www.gnu.org/software/gss/
+GnuTLS       http://www.gnu.org/software/gnutls/
+Heimdal      http://www.pdc.kth.se/heimdal/
+libidn       http://www.gnu.org/software/libidn/
+libssh2      http://www.libssh2.org/
 MIT Kerberos http://web.mit.edu/kerberos/www/dist/
-NSS       http://www.mozilla.org/projects/security/pki/nss/
-OpenLDAP  http://www.openldap.org
-OpenSSL   http://www.openssl.org
-PolarSSL  http://polarssl.org
-yassl     http://www.yassl.com/
-Zlib      http://www.gzip.org/zlib/
+NSS          http://www.mozilla.org/projects/security/pki/nss/
+OpenLDAP     http://www.openldap.org/
+OpenSSL      http://www.openssl.org/
+PolarSSL     http://polarssl.org/
+yassl        http://www.yassl.com/
+Zlib         http://www.zlib.net/
+
+MingW        http://www.mingw.org/
+MinGW-w64    http://mingw-w64.sourceforge.net/
+OpenWatcom   http://www.openwatcom.org/

docs/INTERNALS

@@ -15,7 +15,7 @@ INTERNALS
 GIT
 ===
  All changes to the sources are committed to the git repository as soon as
- they're somewhat verified to work. Changes shall be commited as independently
+ they're somewhat verified to work. Changes shall be committed as independently
  as possible so that individual changes can be easier spotted and tracked
  afterwards.
 
@@ -44,6 +44,7 @@ Portability
  MIT krb5 lib 1.2.4
  qsossl       V5R2M0
  NSS          3.11.x
+ axTLS        1.2.7
  Heimdal      ?
 
  * = only partly functional, but that's due to bugs in the third party lib, not
@@ -90,7 +91,7 @@ Windows vs Unix
    do it etc there might be reasons for applications to alter that behaviour.
 
  3. The file descriptors for network communication and file operations are
-    not easily interchangable as in unix.
+    not easily interchangeable as in unix.
 
    We avoid this by not trying any funny tricks on file descriptors.
 
@@ -182,7 +183,7 @@ Library
 
    Some time during the DO function, the Curl_setup_transfer() function must
    be called with some basic info about the upcoming transfer: what socket(s)
-   to read/write and the expected file tranfer sizes (if known).
+   to read/write and the expected file transfer sizes (if known).
 
  o Transfer()
 
@@ -224,15 +225,15 @@ Library
  A quick roundup on internal function sequences (many of these call
  protocol-specific function-pointers):
 
-  curl_connect - connects to a remote site and does initial connect fluff
+  Curl_connect - connects to a remote site and does initial connect fluff
    This also checks for an existing connection to the requested site and uses
    that one if it is possible.
 
-   curl_do - starts a transfer
-    curl_transfer() - transfers data
-   curl_done - ends a transfer
+   Curl_do - starts a transfer
+    Curl_handler::do_it() - transfers data
+   Curl_done - ends a transfer
 
-  curl_disconnect - disconnects from a remote site. This is called when the
+  Curl_disconnect - disconnects from a remote site. This is called when the
    disconnect is really requested, which doesn't necessarily have to be
    exactly after curl_done in case we want to keep the connection open for
    a while.
@@ -249,13 +250,13 @@ Library
  HTTPS uses in almost every means the same procedure as HTTP, with only two
  exceptions: the connect procedure is different and the function used to read
  or write from the socket is different, although the latter fact is hidden in
- the source by the use of curl_read() for reading and curl_write() for writing
+ the source by the use of Curl_read() for reading and Curl_write() for writing
  data to the remote server.
 
  http_chunks.c contains functions that understands HTTP 1.1 chunked transfer
  encoding.
 
- An interesting detail with the HTTP(S) request, is the add_buffer() series of
+ An interesting detail with the HTTP(S) request, is the Curl_add_buffer() series of
  functions we use. They append data to one single buffer, and when the
  building is done the entire request is sent off in one single write. This is
  done this way to overcome problems with flawed firewalls and lame servers.
@@ -291,7 +292,7 @@ Library
  URL encoding and decoding, called escaping and unescaping in the source code,
  is found in lib/escape.c.
 
- While transfering data in Transfer() a few functions might get used.
+ While transferring data in Transfer() a few functions might get used.
  curl_getdate() in lib/parsedate.c is for HTTP date comparisons (and more).
 
  lib/getenv.c offers curl_getenv() which is for reading environment variables
@@ -303,7 +304,7 @@ Library
  lib/netrc.c holds the .netrc parser
 
  lib/timeval.c features replacement functions for systems that don't have
- gettimeofday() and a few support functions for timeval convertions.
+ gettimeofday() and a few support functions for timeval conversions.
 
  A function named curl_version() that returns the full curl version string is
  found in lib/version.c.
@@ -356,8 +357,10 @@ multi interface/non-blocking
 
  The FTP and the SFTP/SCP protocols are thus perfect examples of how we adapt
  and adjust the code to allow non-blocking operations even on multi-stage
- protocols. The DICT, LDAP and TELNET are crappy examples and they are subject
- for rewrite in the future to better fit the libcurl protocol family.
+ protocols. They are built around state machines that return when they could
+ block waiting for data.  The DICT, LDAP and TELNET protocols are crappy
+ examples and they are subject for rewrite in the future to better fit the
+ libcurl protocol family.
 
 SSL libraries
 =============
@@ -379,7 +382,9 @@ Library Symbols
  All symbols used internally in libcurl must use a 'Curl_' prefix if they're
  used in more than a single file. Single-file symbols must be made static.
  Public ("exported") symbols must use a 'curl_' prefix. (There are exceptions,
- but they are to be changed to follow this pattern in future versions.)
+ but they are to be changed to follow this pattern in future versions.) Public
+ API functions are marked with CURL_EXTERN in the public header files so that
+ all others can be hidden on platforms where this is possible.
 
 Return Codes and Informationals
 ===============================
@@ -462,15 +467,15 @@ Test Suite
  subdirectory directly off the root in the curl archive tree, and it contains
  a bunch of scripts and a lot of test case data.
 
- The main test script is runtests.pl that will invoke the two servers
+ The main test script is runtests.pl that will invoke test servers like
  httpserver.pl and ftpserver.pl before all the test cases are performed. The
  test suite currently only runs on unix-like platforms.
 
- You'll find a complete description of the test case data files in the
- tests/README file.
+ You'll find a description of the test suite in the tests/README file, and the
+ test case data files in the tests/FILEFORMAT file.
 
  The test suite automatically detects if curl was built with the memory
- debugging enabled, and if it was it will detect memory leaks too.
+ debugging enabled, and if it was it will detect memory leaks, too.
 
 Building Releases
 =================

docs/LICENSE-MIXING

@@ -55,6 +55,10 @@ NSS     http://www.mozilla.org/projects/security/pki/nss/
         grant you different permissions and impose different obligations. You
         should select the license that best meets your needs.
 
+axTLS   http://axtls.sourceforge.net/
+
+        (May be used for SSL/TLS support) Uses a Modified BSD-style license.
+
 c-ares  http://daniel.haxx.se/projects/c-ares/license.html
 
         (Used for asynchronous name resolves) Uses an MIT license that is very

docs/THANKS

@@ -30,6 +30,7 @@ Alexey Borzov
 Alexey Pesternikov
 Alexey Simak
 Alexis Carvalho
+Alfred Gebert
 Allen Pulsifer
 Amol Pattekar
 Anatoli Tubman
@@ -102,6 +103,7 @@ Brock Noland
 Bruce Mitchener
 Bryan Henderson
 Bryan Kemp
+Cameron Kaiser
 Camille Moncelier
 Caolan McNamara
 Carsten Lange
@@ -147,6 +149,7 @@ Damien Adant
 Dan Becker
 Dan C
 Dan Fandrich
+Dan Locks
 Dan Nelson
 Dan Petitt
 Dan Torop
@@ -192,10 +195,12 @@ Detlef Schmier
 Didier Brisebourg
 Diego Casorran
 Dima Barsky
+Dimitre Dimitrov
 Dimitris Sarris
 Dinar
 Dirk Eddelbuettel
 Dirk Manske
+Dmitri Shubin
 Dmitriy Sergeyev
 Dmitry Bartsevich
 Dmitry Kurochkin
@@ -304,9 +309,12 @@ Hardeep Singh
 Harshal Pradhan
 Hauke Duden
 Heikki Korpela
+Heinrich Ko
+Hendrik Visage
 Henrik Storner
 Hidemoto Nakada
 Hoi-Ho Chan
+Hongli Lai
 Howard Chu
 Hzhijun
 Ian Ford
@@ -518,7 +526,9 @@ Matt Witherspoon
 Matt Wixson
 Matthew Blain
 Matthew Clarke
+Matthias Bolte
 Maurice Barnum
+Mauro Iorio
 Max Katsev
 Maxim Ivanov
 Maxim Perenesenko
@@ -536,6 +546,7 @@ Michael Smith
 Michael Stillwell
 Michael Wallner
 Michal Bonino
+Michal Gorny
 Michal Marek
 Michele Bini
 Mihai Ionescu
@@ -572,6 +583,7 @@ Nikita Schmidt
 Nikitinskit Dmitriy
 Niklas Angebrand
 Nikolai Kondrashov
+Ning Dong
 Nir Soffer
 Nis Jorgensen
 Nodak Sodak
@@ -632,6 +644,7 @@ Pooyan McSporran
 Pramod Sharma
 Puneet Pawaia
 Quagmire
+Quanah Gibson-Mount
 Rafa Muyo
 Rafael Sagula
 Rainer Canavan
@@ -687,6 +700,7 @@ Rosimildo da Silva
 Roy Shan
 Rune Kleveland
 Ruslan Gazizov
+Rutger Hofman
 Ryan Chan
 Ryan Nelson
 S. Moonesamy
@@ -727,6 +741,7 @@ Stan van de Burgt
 Stefan Esser
 Stefan Krause
 Stefan Teleman
+Stefan Tomanek
 Stefan Ulrich
 Stephan Bergmann
 Stephen Collyer
@@ -761,6 +776,7 @@ Tim Baker
 Tim Bartley
 Tim Chen
 Tim Costello
+Tim Newsome
 Tim Sneddon
 Tobias Rundstr<74>m
 Toby Peterson
@@ -799,6 +815,7 @@ Vincent Le Normand
 Vincent Penquerc'h
 Vincent Sanders
 Vlad Grachov
+Vlad Ureche
 Vladimir Lazarenko
 Vojtech Janota
 Vojtech Minarik

docs/TODO

@@ -16,6 +16,7 @@
  1.2 More data sharing
  1.3 struct lifreq
  1.4 signal-based resolver timeouts
+ 1.5 get rid of PATH_MAX
 
  2. libcurl - multi interface
  2.1 More non-blocking
@@ -134,6 +135,15 @@
  Also, alarm() provides timeout resolution only to the nearest second. alarm
  ought to be replaced by setitimer on systems that support it.
 
+1.5 get rid of PATH_MAX
+
+ Having code use and rely on PATH_MAX is not nice:
+ http://insanecoding.blogspot.com/2007/11/pathmax-simply-isnt.html
+
+ Currently the SSH based code uses it a bit, but to remove PATH_MAX from there
+ we need libssh2 to properly tell us when we pass in a too small buffer and
+ its current API (as of libssh2 1.2.7) doesn't.
+
 2. libcurl - multi interface
 
 2.1 More non-blocking

docs/TheArtOfHttpScripting

@@ -1,5 +1,5 @@
 Online:  http://curl.haxx.se/docs/httpscripting.html
-Date:    May 28, 2008
+Date:    Jan 19, 2011
 
                 The Art Of Scripting HTTP Requests Using Curl
                 =============================================
@@ -38,10 +38,26 @@ Date:    May 28, 2008
  request a particular action, and then the server replies a few text lines
  before the actual requested content is sent to the client.
 
- Using curl's option --verbose (-v as a short option) will display what kind of
- commands curl sends to the server, as well as a few other informational texts. 
- --verbose is the single most useful option when it comes to debug or even
- understand the curl<->server interaction.
+ The client, curl, sends a HTTP request. The request contains a method (like
+ GET, POST, HEAD etc), a number of request headers and sometimes a request
+ body. The HTTP server responds with a status line (indicating if things went
+ well), response headers and most often also a response body. The "body" part
+ is the plain data you requested, like the actual HTML or the image etc.
+
+ 1.1 See the Protocol
+
+  Using curl's option --verbose (-v as a short option) will display what kind
+  of commands curl sends to the server, as well as a few other informational
+  texts.
+
+  --verbose is the single most useful option when it comes to debug or even
+  understand the curl<->server interaction.
+
+  Sometimes even --verbose is not enough. Then --trace and --trace-ascii offer
+  even more details as they show EVERYTHING curl sends and receives. Use it
+  like this:
+
+      curl --trace-ascii debugdump.txt http://www.example.com/
 
 2. URL
 
@@ -61,10 +77,10 @@ Date:    May 28, 2008
  you get a web page returned in your terminal window. The entire HTML document
  that that URL holds.
 
- All HTTP replies contain a set of headers that are normally hidden, use
- curl's --include (-i) option to display them as well as the rest of the
- document. You can also ask the remote server for ONLY the headers by using the
- --head (-I) option (which will make curl issue a HEAD request).
+ All HTTP replies contain a set of response headers that are normally hidden,
+ use curl's --include (-i) option to display them as well as the rest of the
+ document. You can also ask the remote server for ONLY the headers by using
+ the --head (-I) option (which will make curl issue a HEAD request).
 
 4. Forms
 
@@ -127,7 +143,8 @@ Date:    May 28, 2008
   And to use curl to post this form with the same data filled in as before, we
   could do it like:
 
-        curl --data "birthyear=1905&press=%20OK%20" http://www.hotmail.com/when/junk.cgi
+        curl --data "birthyear=1905&press=%20OK%20" \
+        http://www.example.com/when.cgi
 
   This kind of POST will use the Content-Type
   application/x-www-form-urlencoded and is the most widely used POST kind.
@@ -204,7 +221,7 @@ Date:    May 28, 2008
 
  Put a file to a HTTP server with curl:
 
-        curl --upload-file uploadfile http://www.uploadhttp.com/receive.cgi
+        curl --upload-file uploadfile http://www.example.com/receive.cgi
 
 6. HTTP Authentication
 
@@ -217,7 +234,7 @@ Date:    May 28, 2008
 
  To tell curl to use a user and password for authentication:
 
-        curl --user name:password http://www.secrets.com
+        curl --user name:password http://www.example.com
 
  The site might require a different authentication method (check the headers
  returned by the server), and then --ntlm, --digest, --negotiate or even
@@ -257,7 +274,7 @@ Date:    May 28, 2008
 
  Use curl to set the referer field with:
 
-        curl --referer http://curl.haxx.se http://daniel.haxx.se
+        curl --referer http://www.example.come http://www.example.com
 
 8. User Agent
 
@@ -273,13 +290,13 @@ Date:    May 28, 2008
  is time to set the User Agent field to fool the server into thinking you're
  one of those browsers.
 
- To make curl look like Internet Explorer on a Windows 2000 box:
+ To make curl look like Internet Explorer 5 on a Windows 2000 box:
 
-        curl --user-agent "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" [URL]
+  curl --user-agent "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" [URL]
 
- Or why not look like you're using Netscape 4.73 on a Linux (PIII) box:
+ Or why not look like you're using Netscape 4.73 on an old Linux box:
 
-        curl --user-agent "Mozilla/4.73 [en] (X11; U; Linux 2.2.15 i686)" [URL]
+  curl --user-agent "Mozilla/4.73 [en] (X11; U; Linux 2.2.15 i686)" [URL]
 
 9. Redirects
 
@@ -294,7 +311,7 @@ Date:    May 28, 2008
 
  To tell curl to follow a Location:
 
-        curl --location http://www.sitethatredirects.com
+        curl --location http://www.example.com
 
  If you use curl to POST to a site that immediately redirects you to another
  page, you can safely use --location (-L) and --data/--form together. Curl will
@@ -321,13 +338,13 @@ Date:    May 28, 2008
  The simplest way to send a few cookies to the server when getting a page with
  curl is to add them on the command line like:
 
-        curl --cookie "name=Daniel" http://www.cookiesite.com
+        curl --cookie "name=Daniel" http://www.example.com
 
  Cookies are sent as common HTTP headers. This is practical as it allows curl
  to record cookies simply by recording headers. Record cookies with curl by
  using the --dump-header (-D) option like:
 
-        curl --dump-header headers_and_cookies http://www.cookiesite.com
+        curl --dump-header headers_and_cookies http://www.example.com
 
  (Take note that the --cookie-jar option described below is a better way to
  store cookies.)
@@ -338,24 +355,25 @@ Date:    May 28, 2008
  believing you had a previous connection). To use previously stored cookies,
  you run curl like:
 
-        curl --cookie stored_cookies_in_file http://www.cookiesite.com
+        curl --cookie stored_cookies_in_file http://www.example.com
 
  Curl's "cookie engine" gets enabled when you use the --cookie option. If you
  only want curl to understand received cookies, use --cookie with a file that
- doesn't exist. Example, if you want to let curl understand cookies from a page 
- and follow a location (and thus possibly send back cookies it received), you
- can invoke it like:
+ doesn't exist. Example, if you want to let curl understand cookies from a
+ page and follow a location (and thus possibly send back cookies it received),
+ you can invoke it like:
 
-        curl --cookie nada --location http://www.cookiesite.com
+        curl --cookie nada --location http://www.example.com
 
  Curl has the ability to read and write cookie files that use the same file
  format that Netscape and Mozilla do. It is a convenient way to share cookies
- between browsers and automatic scripts. The --cookie (-b) switch automatically
- detects if a given file is such a cookie file and parses it, and by using the
- --cookie-jar (-c) option you'll make curl write a new cookie file at the end of
- an operation:
+ between browsers and automatic scripts. The --cookie (-b) switch
+ automatically detects if a given file is such a cookie file and parses it,
+ and by using the --cookie-jar (-c) option you'll make curl write a new cookie
+ file at the end of an operation:
 
-        curl --cookie cookies.txt --cookie-jar newcookies.txt http://www.cookiesite.com
+        curl --cookie cookies.txt --cookie-jar newcookies.txt \
+        http://www.example.com
 
 11. HTTPS
 
@@ -371,7 +389,7 @@ Date:    May 28, 2008
  Curl supports encrypted fetches thanks to the freely available OpenSSL
  libraries. To get a page from a HTTPS server, simply run curl like:
 
-        curl https://that.secure.server.com
+        curl https://secure.example.com
 
  11.1 Certificates
 
@@ -382,7 +400,7 @@ Date:    May 28, 2008
   can be specified on the command line or if not, entered interactively when
   curl queries for it. Use a certificate with curl on a HTTPS server like:
 
-        curl --cert mycert.pem https://that.secure.server.com
+        curl --cert mycert.pem https://secure.example.com
 
   curl also tries to verify that the server is who it claims to be, by
   verifying the server's certificate against a locally stored CA cert
@@ -403,17 +421,18 @@ Date:    May 28, 2008
  For example, you can change the POST request to a PROPFIND and send the data
  as "Content-Type: text/xml" (instead of the default Content-Type) like this:
 
-        curl --data "<xml>" --header "Content-Type: text/xml" --request PROPFIND url.com
+         curl --data "<xml>" --header "Content-Type: text/xml" \
+              --request PROPFIND url.com
 
  You can delete a default header by providing one without content. Like you
  can ruin the request by chopping off the Host: header:
 
-        curl --header "Host:" http://mysite.com
+        curl --header "Host:" http://www.example.com
 
  You can add headers the same way. Your server may want a "Destination:"
  header, and you can add it:
 
-        curl --header "Destination: http://moo.com/nowhere" http://url.com
+        curl --header "Destination: http://nowhere" http://example.com
 
 13. Web Login
 
@@ -444,7 +463,6 @@ Date:    May 28, 2008
  to do a proper login POST. Remember that the contents need to be URL encoded
  when sent in a normal POST.
 
-
 14. Debug
 
  Many times when you run curl on a site, you'll notice that the site doesn't
@@ -480,12 +498,10 @@ Date:    May 28, 2008
  RFC 2616 is a must to read if you want in-depth understanding of the HTTP
  protocol.
 
- RFC 2396 explains the URL syntax.
+ RFC 3986 explains the URL syntax.
 
  RFC 2109 defines how cookies are supposed to work.
 
  RFC 1867 defines the HTTP post upload format.
 
- http://www.openssl.org is the home of the OpenSSL project
-
  http://curl.haxx.se is the home of the cURL project

docs/curl.1

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -20,7 +20,7 @@
 .\" *
 .\" **************************************************************************
 .\"
-.TH curl 1 "28 November 2009" "Curl 7.20.0" "Curl Manual"
+.TH curl 1 "28 November 2009" "Curl 7.21.4" "Curl Manual"
 .SH NAME
 curl \- transfer a URL
 .SH SYNOPSIS
@@ -358,11 +358,12 @@ this option assumes a \&"certificate" file that is the private key and the
 private certificate concatenated! See \fI--cert\fP and \fI--key\fP to specify
 them independently.
 
-If curl is built against the NSS SSL library then this option tells
+If curl is built against the NSS SSL library then this option can tell
 curl the nickname of the certificate to use within the NSS database defined
 by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the
 NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be
-loaded.
+loaded. If you want to use a file from the current directory, please precede
+it with "./" prefix, in order to avoid confusion with a nickname.
 
 If this option is used several times, the last one will be used.
 .IP "--cert-type <type>"
@@ -393,11 +394,11 @@ may be loaded.
 If this option is used several times, the last one will be used.
 .IP "--capath <CA certificate directory>"
 (SSL) Tells curl to use the specified certificate directory to verify the
-peer. The certificates must be in PEM format, and the directory must have been
-processed using the c_rehash utility supplied with openssl. Using
-\fI--capath\fP can allow curl to make SSL-connections much more efficiently
-than using \fI--cacert\fP if the \fI--cacert\fP file contains many CA
-certificates.
+peer. The certificates must be in PEM format, and if curl is built against
+OpenSSL, the directory must have been processed using the c_rehash utility
+supplied with OpenSSL. Using \fI--capath\fP can allow OpenSSL-powered curl to
+make SSL-connections much more efficiently than using \fI--cacert\fP if the
+\fI--cacert\fP file contains many CA certificates.
 
 If this option is used several times, the last one will be used.
 .IP "-f/--fail"
@@ -427,7 +428,7 @@ server. The method argument should be one of the following alternatives:
 .RS
 .IP multicwd
 curl does a single CWD operation for each path part in the given URL. For deep
-hierarchies this means very many commands. This is how RFC1738 says it should
+hierarchies this means very many commands. This is how RFC 1738 says it should
 be done. This is the default but the slowest behavior.
 .IP nocwd
 curl does no CWD at all. curl will do SIZE, RETR, STOR etc and give a full
@@ -439,7 +440,7 @@ compliant than 'nocwd' but without the full penalty of 'multicwd'.
 .RE
 (Added in 7.15.1)
 .IP "--ftp-pasv"
-(FTP) Use passive mode for the data conection. Passive is the internal default
+(FTP) Use passive mode for the data connection. Passive is the internal default
 behavior, but using this option can be used to override a previous
 \fI-P/-ftp-port\fP option. (Added in 7.11.0)
 
@@ -501,7 +502,7 @@ waits for a reply from the server.
 .IP "-F/--form <name=content>"
 (HTTP) This lets curl emulate a filled-in form in which a user has pressed the
 submit button. This causes curl to POST data using the Content-Type
-multipart/form-data according to RFC2388. This enables uploading of binary
+multipart/form-data according to RFC 2388. This enables uploading of binary
 files etc. To force the 'content' part to be a file, prefix the file name
 with an @ sign. To just get the content part from a file, prefix the file name
 with the symbol <. The difference between @ and < is then that @ makes a file
@@ -514,8 +515,8 @@ input:
 
 \fBcurl\fP -F password=@/etc/passwd www.mypasswords.com
 
-To read the file's content from stdin instead of a file, use - where the file
-name should've been. This goes for both @ and < constructs.
+To read content from stdin instead of a file, use - as the filename. This goes
+for both @ and < constructs.
 
 You can also tell curl what Content-Type to use by using 'type=', in a manner
 similar to:
@@ -526,8 +527,8 @@ or
 
 \fBcurl\fP -F "name=daniel;type=text/foo" url.com
 
-You can also explicitly change the name field of an file upload part by
-setting filename=, like this:
+You can also explicitly change the name field of a file upload part by setting
+filename=, like this:
 
 \fBcurl\fP -F "file=@localfile;filename=nameinpost" url.com
 
@@ -1051,11 +1052,12 @@ just before the transfer command(s), prefix the command with a '+' (this
 is only supported for FTP). You may specify any number of commands. If
 the server returns failure for one of the commands, the entire operation
 will be aborted. You must send syntactically correct FTP commands as
-RFC959 defines to FTP servers, or one of the commands listed below to
+RFC 959 defines to FTP servers, or one of the commands listed below to
 SFTP servers.  This option can be used multiple times.
 
 SFTP is a binary protocol. Unlike for FTP, libcurl interprets SFTP quote
-commands before sending them to the server.  Following is the list of
+commands itself before sending them to the server.  File names may be quoted
+shell-style to embed spaces or special characters.  Following is the list of
 all supported SFTP quote commands:
 .RS
 .IP "chgrp group file"
@@ -1142,6 +1144,18 @@ encodings and instead makes them passed on unaltered, raw. (Added in 7.16.2)
 When used, this will make libcurl attempt to figure out the timestamp of the
 remote file, and if that is available make the local file get that same
 timestamp.
+.IP "--resolve <host:port:address>"
+Provide a custom address for a specific host and port pair. Using this, you
+can make the curl requests(s) use a specified address and prevent the
+otherwise normally resolved address to be used. Consider it a sort of
+/etc/hosts alternative provided on the command line. The port number should be
+the number used for the specific protocol the host will be used for. It means
+you need several entries if you want to provide address for the same host but
+different ports.
+
+This option can be used many times to add many host names to resolve.
+
+(Added in 7.21.3)
 .IP "--retry <num>"
 If a transient error is returned when curl tries to perform a transfer, it
 will retry this number of times before giving up. Setting the number to 0
@@ -1222,14 +1236,12 @@ This option (as well as \fI--socks4\fP) does not work with IPV6, FTPS or LDAP.
 The default service name for a socks server is rcmd/server-fqdn. This option
 allows you to change it.
 
-Examples:
- --socks5 proxy-name \fI--socks5-gssapi-service\fP sockd   would use
-sockd/proxy-name
- --socks5 proxy-name \fI--socks5-gssapi-service\fP sockd/real-name   would use
-sockd/real-name for cases where the proxy-name does not match the princpal name.
- (Added in 7.19.4).
+Examples: --socks5 proxy-name \fI--socks5-gssapi-service\fP sockd would use
+sockd/proxy-name --socks5 proxy-name \fI--socks5-gssapi-service\fP
+sockd/real-name would use sockd/real-name for cases where the proxy-name does
+not match the principal name.  (Added in 7.19.4).
 .IP "--socks5-gssapi-nec"
-As part of the gssapi negotiation a protection mode is negotiated. The rfc1961
+As part of the gssapi negotiation a protection mode is negotiated. RFC 1961
 says in section 4.3/4.4 it should be protected, but the NEC reference
 implementation does not.  The option \fI--socks5-gssapi-nec\fP allows the
 unprotected exchange of the protection mode negotiation. (Added in 7.19.4).
@@ -1252,12 +1264,25 @@ XDISPLOC=<X display> Sets the X display location.
 NEW_ENV=<var,val> Sets an environment variable.
 .IP "--tftp-blksize <value>"
 (TFTP) Set TFTP BLKSIZE option (must be >512). This is the block size that
-curl will try to use when tranferring data to or from a TFTP server. By
+curl will try to use when transferring data to or from a TFTP server. By
 default 512 bytes will be used.
 
 If this option is used several times, the last one will be used.
 
 (Added in 7.20.0)
+.IP "--tlsauthtype <authtype>"
+Set TLS authentication type. Currently, the only supported option is "SRP",
+for TLS-SRP (RFC 5054). If \fI--tlsuser\fP and \fI--tlspassword\fP are
+specified but \fI--tlsauthtype\fP is not, then this option defaults to "SRP".
+(Added in 7.21.4)
+.IP "--tlsuser <user>"
+Set username for use with the TLS authentication method specified with
+\fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also be set.  (Added in
+7.21.4)
+.IP "--tlspassword <password>"
+Set password for use with the TLS authentication method specified with
+\fI--tlsauthtype\fP. Requires that \fI--tlsuser\fP also be set.  (Added in
+7.21.4)
 .IP "-T/--upload-file <file>"
 This transfers the specified local file to the remote URL. If there is no file
 part in the specified URL, Curl will append the local file name. NOTE that you
@@ -1345,7 +1370,7 @@ If you think this option still doesn't give you enough details, consider using
 
 This option overrides previous uses of \fI--trace-ascii\fP or \fI--trace\fP.
 
-Use \fI-S/--silent\fP to make curl quiet.
+Use \fI-s/--silent\fP to make curl quiet.
 .IP "-V/--version"
 Displays information about curl and the libcurl version it uses.
 
@@ -1384,6 +1409,8 @@ This curl supports IDN - international domain names.
 .IP "SSPI"
 SSPI is supported. If you use NTLM and set a blank user name, curl will
 authenticate with your current user and password.
+.IP "TLS-SRP"
+SRP (Secure Remote Password) authentication is supported for TLS.
 .RE
 .IP "-w/--write-out <format>"
 Defines what to display on stdout after a completed and successful
@@ -1540,9 +1567,9 @@ not set.
 
 If this option is used several times, the last one will be used.
 .IP "-z/--time-cond <date expression>"
-(HTTP/FTP) Request a file that has been modified later than the given time and
-date, or one that has been modified before that time. The date expression can
-be all sorts of date strings or if it doesn't match any internal ones, it
+(HTTP/FTP/FILE) Request a file that has been modified later than the given time
+and date, or one that has been modified before that time. The date expression
+can be all sorts of date strings or if it doesn't match any internal ones, it
 tries to get the time from a given file name instead! See the
 \fIcurl_getdate(3)\fP man pages for date expression details.
 
@@ -1690,7 +1717,7 @@ Unknown TELNET option specified.
 .IP 49
 Malformed telnet option.
 .IP 51
-The peer's SSL certificate or SSH MD5 fingerprint was not ok.
+The peer's SSL certificate or SSH MD5 fingerprint was not OK.
 .IP 52
 The server didn't reply anything, which here is considered an error.
 .IP 53
@@ -1751,6 +1778,16 @@ Failed to shut down the SSL connection.
 Could not load CRL file, missing or wrong format (added in 7.19.0).
 .IP 83
 Issuer check failed (added in 7.19.0).
+.IP 84
+The FTP PRET command failed
+.IP 85
+RTSP: mismatch of CSeq numbers
+.IP 86
+RTSP: mismatch of Session Identifiers
+.IP 87
+unable to parse FTP file list
+.IP 88
+FTP chunk callback reported error
 .IP XX
 More error codes will appear here in future releases. The existing ones
 are meant to never change.

docs/examples/.gitignore

@@ -29,4 +29,7 @@ sendrecv
 sepheaders
 simple
 simplepost
+simplesmtp
 simplessl
+smtp-multi
+smtp-tls

docs/examples/Makefile.am

@@ -34,4 +34,4 @@ LDADD = $(LIBDIR)/libcurl.la
 # Makefile.inc provides the check_PROGRAMS and COMPLICATED_EXAMPLES defines
 include Makefile.inc
 
-
+all: $(check_PROGRAMS)

docs/examples/Makefile.inc

@@ -3,10 +3,12 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \
   fopen ftpget ftpgetresp ftpupload getinfo getinmemory http-post httpput  \
   https multi-app multi-debugcallback multi-double multi-post multi-single \
   persistant post-callback postit2 sepheaders simple simplepost simplessl  \
-  sendrecv httpcustomheader certinfo chkspeed ftpgetinfo ftp-wildcard
+  sendrecv httpcustomheader certinfo chkspeed ftpgetinfo ftp-wildcard \
+  smtp-multi simplesmtp smtp-tls
 
 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
 COMPLICATED_EXAMPLES = curlgtk.c curlx.c htmltitle.cc cacertinmem.c	   \
   ftpuploadresume.c ghiper.c hiperfifo.c htmltidy.c multithread.c	   \
-  opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c evhiperfifo.c
+  opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c evhiperfifo.c \
+  smooth-gtk-thread.c version-check.pl

docs/examples/certinfo.c

@@ -9,9 +9,12 @@
 
 static size_t wrfu(void *ptr,  size_t  size,  size_t  nmemb,  void *stream)
 {
+  (void)stream;
+  (void)ptr;
   return size * nmemb;
 }
-int main(int argc, char **argv)
+
+int main(void)
 {
   CURL *curl;
   CURLcode res;

docs/examples/chkspeed.c

@@ -71,7 +71,7 @@ int main(int argc, char *argv[])
         } else if (strncasecmp(*argv, "-T", 2) == 0) {
           prttime = 1;
         } else if (strncasecmp(*argv, "-M=", 3) == 0) {
-          int m = atoi(*argv + 3);
+          long m = strtol((*argv)+3, NULL, 10);
           switch(m) {
             case   1: url = URL_1M;
                       break;

docs/examples/debug.c

@@ -28,12 +28,12 @@ void dump(const char *text,
     /* without the hex output, we can fit more on screen */
     width = 0x40;
 
-  fprintf(stream, "%s, %010.10ld bytes (0x%08.8lx)\n",
+  fprintf(stream, "%s, %10.10ld bytes (0x%8.8lx)\n",
           text, (long)size, (long)size);
 
   for(i=0; i<size; i+= width) {
 
-    fprintf(stream, "%04.4lx: ", (long)i);
+    fprintf(stream, "%4.4lx: ", (long)i);
 
     if(!nohex) {
       /* hex not disabled, show it */

docs/examples/evhiperfifo.c

@@ -367,7 +367,7 @@ static int init_fifo (GlobalInfo *g)
 {
   struct stat st;
   static const char *fifo = "hiper.fifo";
-  int sockfd;
+  curl_socket_t sockfd;
 
   fprintf(MSG_OUT, "Creating named pipe \"%s\"\n", fifo);
   if ( lstat (fifo, &st) == 0 )

docs/examples/fopen.c

@@ -53,20 +53,24 @@
 
 #include <curl/curl.h>
 
-enum fcurl_type_e { CFTYPE_NONE=0, CFTYPE_FILE=1, CFTYPE_CURL=2 };
+enum fcurl_type_e {
+  CFTYPE_NONE=0,
+  CFTYPE_FILE=1,
+  CFTYPE_CURL=2
+};
 
 struct fcurl_data
 {
-    enum fcurl_type_e type;     /* type of handle */
-    union {
-        CURL *curl;
-        FILE *file;
-    } handle;                   /* handle */
+  enum fcurl_type_e type;     /* type of handle */
+  union {
+    CURL *curl;
+    FILE *file;
+  } handle;                   /* handle */
 
-    char *buffer;               /* buffer to store cached data*/
-    int buffer_len;             /* currently allocated buffers length */
-    int buffer_pos;             /* end of data in buffer*/
-    int still_running;          /* Is background url fetch still in progress */
+  char *buffer;               /* buffer to store cached data*/
+  size_t buffer_len;          /* currently allocated buffers length */
+  size_t buffer_pos;          /* end of data in buffer*/
+  int still_running;          /* Is background url fetch still in progress */
 };
 
 typedef struct fcurl_data URL_FILE;
@@ -76,498 +80,448 @@ URL_FILE *url_fopen(const char *url,const char *operation);
 int url_fclose(URL_FILE *file);
 int url_feof(URL_FILE *file);
 size_t url_fread(void *ptr, size_t size, size_t nmemb, URL_FILE *file);
-char * url_fgets(char *ptr, int size, URL_FILE *file);
+char * url_fgets(char *ptr, size_t size, URL_FILE *file);
 void url_rewind(URL_FILE *file);
 
 /* we use a global one for convenience */
 CURLM *multi_handle;
 
 /* curl calls this routine to get more data */
-static size_t
-write_callback(char *buffer,
-               size_t size,
-               size_t nitems,
-               void *userp)
+static size_t write_callback(char *buffer,
+                             size_t size,
+                             size_t nitems,
+                             void *userp)
 {
-    char *newbuff;
-    int rembuff;
+  char *newbuff;
+  size_t rembuff;
 
-    URL_FILE *url = (URL_FILE *)userp;
-    size *= nitems;
+  URL_FILE *url = (URL_FILE *)userp;
+  size *= nitems;
 
-    rembuff=url->buffer_len - url->buffer_pos; /* remaining space in buffer */
+  rembuff=url->buffer_len - url->buffer_pos; /* remaining space in buffer */
 
-    if(size > rembuff)
-    {
-        /* not enough space in buffer */
-        newbuff=realloc(url->buffer,url->buffer_len + (size - rembuff));
-        if(newbuff==NULL)
-        {
-            fprintf(stderr,"callback buffer grow failed\n");
-            size=rembuff;
-        }
-        else
-        {
-            /* realloc suceeded increase buffer size*/
-            url->buffer_len+=size - rembuff;
-            url->buffer=newbuff;
-
-            /*printf("Callback buffer grown to %d bytes\n",url->buffer_len);*/
-        }
+  if(size > rembuff) {
+    /* not enough space in buffer */
+    newbuff=realloc(url->buffer,url->buffer_len + (size - rembuff));
+    if(newbuff==NULL) {
+      fprintf(stderr,"callback buffer grow failed\n");
+      size=rembuff;
     }
+    else {
+      /* realloc suceeded increase buffer size*/
+      url->buffer_len+=size - rembuff;
+      url->buffer=newbuff;
+    }
+  }
 
-    memcpy(&url->buffer[url->buffer_pos], buffer, size);
-    url->buffer_pos += size;
+  memcpy(&url->buffer[url->buffer_pos], buffer, size);
+  url->buffer_pos += size;
 
-    /*fprintf(stderr, "callback %d size bytes\n", size);*/
-
-    return size;
+  return size;
 }
 
 /* use to attempt to fill the read buffer up to requested number of bytes */
-static int
-fill_buffer(URL_FILE *file,int want,int waittime)
+static int fill_buffer(URL_FILE *file, size_t want)
 {
-    fd_set fdread;
-    fd_set fdwrite;
-    fd_set fdexcep;
-    struct timeval timeout;
-    int rc;
+  fd_set fdread;
+  fd_set fdwrite;
+  fd_set fdexcep;
+  struct timeval timeout;
+  int rc;
 
-    /* only attempt to fill buffer if transactions still running and buffer
-     * doesnt exceed required size already
-     */
-    if((!file->still_running) || (file->buffer_pos > want))
-        return 0;
+  /* only attempt to fill buffer if transactions still running and buffer
+   * doesnt exceed required size already
+   */
+  if((!file->still_running) || (file->buffer_pos > want))
+    return 0;
 
-    /* attempt to fill buffer */
-    do
-    {
-        int maxfd = -1;
-        long curl_timeo = -1;
+  /* attempt to fill buffer */
+  do {
+    int maxfd = -1;
+    long curl_timeo = -1;
 
-        FD_ZERO(&fdread);
-        FD_ZERO(&fdwrite);
-        FD_ZERO(&fdexcep);
+    FD_ZERO(&fdread);
+    FD_ZERO(&fdwrite);
+    FD_ZERO(&fdexcep);
 
-        /* set a suitable timeout to fail on */
-        timeout.tv_sec = 60; /* 1 minute */
-        timeout.tv_usec = 0;
+    /* set a suitable timeout to fail on */
+    timeout.tv_sec = 60; /* 1 minute */
+    timeout.tv_usec = 0;
 
-        curl_multi_timeout(multi_handle, &curl_timeo);
-        if(curl_timeo >= 0) {
-          timeout.tv_sec = curl_timeo / 1000;
-          if(timeout.tv_sec > 1)
-            timeout.tv_sec = 1;
-          else
-            timeout.tv_usec = (curl_timeo % 1000) * 1000;
-        }
+    curl_multi_timeout(multi_handle, &curl_timeo);
+    if(curl_timeo >= 0) {
+      timeout.tv_sec = curl_timeo / 1000;
+      if(timeout.tv_sec > 1)
+        timeout.tv_sec = 1;
+      else
+        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+    }
 
-        /* get file descriptors from the transfers */
-        curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+    /* get file descriptors from the transfers */
+    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
 
-        /* In a real-world program you OF COURSE check the return code of the
-           function calls.  On success, the value of maxfd is guaranteed to be
-           greater or equal than -1.  We call select(maxfd + 1, ...), specially
-           in case of (maxfd == -1), we call select(0, ...), which is basically
-           equal to sleep. */
+    /* In a real-world program you OF COURSE check the return code of the
+       function calls.  On success, the value of maxfd is guaranteed to be
+       greater or equal than -1.  We call select(maxfd + 1, ...), specially
+       in case of (maxfd == -1), we call select(0, ...), which is basically
+       equal to sleep. */
 
-        rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
 
-        switch(rc) {
-        case -1:
-            /* select error */
-            break;
+    switch(rc) {
+    case -1:
+      /* select error */
+      break;
 
-        case 0:
-            break;
-
-        default:
-            /* timeout or readable/writable sockets */
-            curl_multi_perform(multi_handle, &file->still_running);
-            break;
-        }
-    } while(file->still_running && (file->buffer_pos < want));
-    return 1;
+    case 0:
+    default:
+      /* timeout or readable/writable sockets */
+      curl_multi_perform(multi_handle, &file->still_running);
+      break;
+    }
+  } while(file->still_running && (file->buffer_pos < want));
+  return 1;
 }
 
 /* use to remove want bytes from the front of a files buffer */
-static int
-use_buffer(URL_FILE *file,int want)
+static int use_buffer(URL_FILE *file,int want)
 {
-    /* sort out buffer */
-    if((file->buffer_pos - want) <=0)
-    {
-        /* ditch buffer - write will recreate */
-        if(file->buffer)
-            free(file->buffer);
-
-        file->buffer=NULL;
-        file->buffer_pos=0;
-        file->buffer_len=0;
-    }
-    else
-    {
-        /* move rest down make it available for later */
-        memmove(file->buffer,
-                &file->buffer[want],
-                (file->buffer_pos - want));
-
-        file->buffer_pos -= want;
-    }
-    return 0;
-}
-
-
-
-URL_FILE *
-url_fopen(const char *url,const char *operation)
-{
-    /* this code could check for URLs or types in the 'url' and
-       basicly use the real fopen() for standard files */
-
-    URL_FILE *file;
-    (void)operation;
-
-    file = malloc(sizeof(URL_FILE));
-    if(!file)
-        return NULL;
-
-    memset(file, 0, sizeof(URL_FILE));
-
-    if((file->handle.file=fopen(url,operation)))
-    {
-        file->type = CFTYPE_FILE; /* marked as URL */
-    }
-    else
-    {
-        file->type = CFTYPE_CURL; /* marked as URL */
-        file->handle.curl = curl_easy_init();
-
-        curl_easy_setopt(file->handle.curl, CURLOPT_URL, url);
-        curl_easy_setopt(file->handle.curl, CURLOPT_WRITEDATA, file);
-        curl_easy_setopt(file->handle.curl, CURLOPT_VERBOSE, 0L);
-        curl_easy_setopt(file->handle.curl, CURLOPT_WRITEFUNCTION, write_callback);
-
-        if(!multi_handle)
-            multi_handle = curl_multi_init();
-
-        curl_multi_add_handle(multi_handle, file->handle.curl);
-
-        /* lets start the fetch */
-        curl_multi_perform(multi_handle, &file->still_running);
-
-        if((file->buffer_pos == 0) && (!file->still_running))
-        {
-            /* if still_running is 0 now, we should return NULL */
-
-            /* make sure the easy handle is not in the multi handle anymore */
-            curl_multi_remove_handle(multi_handle, file->handle.curl);
-
-            /* cleanup */
-            curl_easy_cleanup(file->handle.curl);
-
-            free(file);
-
-            file = NULL;
-        }
-    }
-    return file;
-}
-
-int
-url_fclose(URL_FILE *file)
-{
-    int ret=0;/* default is good return */
-
-    switch(file->type)
-    {
-    case CFTYPE_FILE:
-        ret=fclose(file->handle.file); /* passthrough */
-        break;
-
-    case CFTYPE_CURL:
-        /* make sure the easy handle is not in the multi handle anymore */
-        curl_multi_remove_handle(multi_handle, file->handle.curl);
-
-        /* cleanup */
-        curl_easy_cleanup(file->handle.curl);
-        break;
-
-    default: /* unknown or supported type - oh dear */
-        ret=EOF;
-        errno=EBADF;
-        break;
-
-    }
-
+  /* sort out buffer */
+  if((file->buffer_pos - want) <=0) {
+    /* ditch buffer - write will recreate */
     if(file->buffer)
-        free(file->buffer);/* free any allocated buffer space */
+      free(file->buffer);
 
-    free(file);
+    file->buffer=NULL;
+    file->buffer_pos=0;
+    file->buffer_len=0;
+  }
+  else {
+    /* move rest down make it available for later */
+    memmove(file->buffer,
+            &file->buffer[want],
+            (file->buffer_pos - want));
 
-    return ret;
+    file->buffer_pos -= want;
+  }
+  return 0;
 }
 
-int
-url_feof(URL_FILE *file)
+URL_FILE *url_fopen(const char *url,const char *operation)
 {
-    int ret=0;
+  /* this code could check for URLs or types in the 'url' and
+     basicly use the real fopen() for standard files */
 
-    switch(file->type)
-    {
-    case CFTYPE_FILE:
-        ret=feof(file->handle.file);
-        break;
+  URL_FILE *file;
+  (void)operation;
 
-    case CFTYPE_CURL:
-        if((file->buffer_pos == 0) && (!file->still_running))
-            ret = 1;
-        break;
-    default: /* unknown or supported type - oh dear */
-        ret=-1;
-        errno=EBADF;
-        break;
+  file = malloc(sizeof(URL_FILE));
+  if(!file)
+    return NULL;
+
+  memset(file, 0, sizeof(URL_FILE));
+
+  if((file->handle.file=fopen(url,operation)))
+    file->type = CFTYPE_FILE; /* marked as URL */
+
+  else {
+    file->type = CFTYPE_CURL; /* marked as URL */
+    file->handle.curl = curl_easy_init();
+
+    curl_easy_setopt(file->handle.curl, CURLOPT_URL, url);
+    curl_easy_setopt(file->handle.curl, CURLOPT_WRITEDATA, file);
+    curl_easy_setopt(file->handle.curl, CURLOPT_VERBOSE, 0L);
+    curl_easy_setopt(file->handle.curl, CURLOPT_WRITEFUNCTION, write_callback);
+
+    if(!multi_handle)
+      multi_handle = curl_multi_init();
+
+    curl_multi_add_handle(multi_handle, file->handle.curl);
+
+    /* lets start the fetch */
+    curl_multi_perform(multi_handle, &file->still_running);
+
+    if((file->buffer_pos == 0) && (!file->still_running)) {
+      /* if still_running is 0 now, we should return NULL */
+
+      /* make sure the easy handle is not in the multi handle anymore */
+      curl_multi_remove_handle(multi_handle, file->handle.curl);
+
+      /* cleanup */
+      curl_easy_cleanup(file->handle.curl);
+
+      free(file);
+
+      file = NULL;
     }
-    return ret;
+  }
+  return file;
 }
 
-size_t
-url_fread(void *ptr, size_t size, size_t nmemb, URL_FILE *file)
+int url_fclose(URL_FILE *file)
 {
-    size_t want;
+  int ret=0;/* default is good return */
 
-    switch(file->type)
-    {
-    case CFTYPE_FILE:
-        want=fread(ptr,size,nmemb,file->handle.file);
-        break;
+  switch(file->type) {
+  case CFTYPE_FILE:
+    ret=fclose(file->handle.file); /* passthrough */
+    break;
 
-    case CFTYPE_CURL:
-        want = nmemb * size;
+  case CFTYPE_CURL:
+    /* make sure the easy handle is not in the multi handle anymore */
+    curl_multi_remove_handle(multi_handle, file->handle.curl);
 
-        fill_buffer(file,want,1);
+    /* cleanup */
+    curl_easy_cleanup(file->handle.curl);
+    break;
 
-        /* check if theres data in the buffer - if not fill_buffer()
-         * either errored or EOF */
-        if(!file->buffer_pos)
-            return 0;
+  default: /* unknown or supported type - oh dear */
+    ret=EOF;
+    errno=EBADF;
+    break;
+  }
 
-        /* ensure only available data is considered */
-        if(file->buffer_pos < want)
-            want = file->buffer_pos;
+  if(file->buffer)
+    free(file->buffer);/* free any allocated buffer space */
 
-        /* xfer data to caller */
-        memcpy(ptr, file->buffer, want);
+  free(file);
 
-        use_buffer(file,want);
-
-        want = want / size;     /* number of items - nb correct op - checked
-                                 * with glibc code*/
-
-        /*printf("(fread) return %d bytes %d left\n", want,file->buffer_pos);*/
-        break;
-
-    default: /* unknown or supported type - oh dear */
-        want=0;
-        errno=EBADF;
-        break;
-
-    }
-    return want;
+  return ret;
 }
 
-char *
-url_fgets(char *ptr, int size, URL_FILE *file)
+int url_feof(URL_FILE *file)
 {
-    int want = size - 1;/* always need to leave room for zero termination */
-    int loop;
+  int ret=0;
 
-    switch(file->type)
-    {
-    case CFTYPE_FILE:
-        ptr = fgets(ptr,size,file->handle.file);
-        break;
-
-    case CFTYPE_CURL:
-        fill_buffer(file,want,1);
-
-        /* check if theres data in the buffer - if not fill either errored or
-         * EOF */
-        if(!file->buffer_pos)
-            return NULL;
-
-        /* ensure only available data is considered */
-        if(file->buffer_pos < want)
-            want = file->buffer_pos;
-
-        /*buffer contains data */
-        /* look for newline or eof */
-        for(loop=0;loop < want;loop++)
-        {
-            if(file->buffer[loop] == '\n')
-            {
-                want=loop+1;/* include newline */
-                break;
-            }
-        }
-
-        /* xfer data to caller */
-        memcpy(ptr, file->buffer, want);
-        ptr[want]=0;/* allways null terminate */
-
-        use_buffer(file,want);
-
-        /*printf("(fgets) return %d bytes %d left\n", want,file->buffer_pos);*/
-        break;
-
-    default: /* unknown or supported type - oh dear */
-        ptr=NULL;
-        errno=EBADF;
+  switch(file->type) {
+  case CFTYPE_FILE:
+    ret=feof(file->handle.file);
+    break;
+
+  case CFTYPE_CURL:
+    if((file->buffer_pos == 0) && (!file->still_running))
+      ret = 1;
+    break;
+
+  default: /* unknown or supported type - oh dear */
+    ret=-1;
+    errno=EBADF;
+    break;
+  }
+  return ret;
+}
+
+size_t url_fread(void *ptr, size_t size, size_t nmemb, URL_FILE *file)
+{
+  size_t want;
+
+  switch(file->type) {
+  case CFTYPE_FILE:
+    want=fread(ptr,size,nmemb,file->handle.file);
+    break;
+
+  case CFTYPE_CURL:
+    want = nmemb * size;
+
+    fill_buffer(file,want);
+
+    /* check if theres data in the buffer - if not fill_buffer()
+     * either errored or EOF */
+    if(!file->buffer_pos)
+      return 0;
+
+    /* ensure only available data is considered */
+    if(file->buffer_pos < want)
+      want = file->buffer_pos;
+
+    /* xfer data to caller */
+    memcpy(ptr, file->buffer, want);
+
+    use_buffer(file,want);
+
+    want = want / size;     /* number of items */
+    break;
+
+  default: /* unknown or supported type - oh dear */
+    want=0;
+    errno=EBADF;
+    break;
+
+  }
+  return want;
+}
+
+char *url_fgets(char *ptr, size_t size, URL_FILE *file)
+{
+  size_t want = size - 1;/* always need to leave room for zero termination */
+  size_t loop;
+
+  switch(file->type) {
+  case CFTYPE_FILE:
+    ptr = fgets(ptr,size,file->handle.file);
+    break;
+
+  case CFTYPE_CURL:
+    fill_buffer(file,want);
+
+    /* check if theres data in the buffer - if not fill either errored or
+     * EOF */
+    if(!file->buffer_pos)
+      return NULL;
+
+    /* ensure only available data is considered */
+    if(file->buffer_pos < want)
+      want = file->buffer_pos;
+
+    /*buffer contains data */
+    /* look for newline or eof */
+    for(loop=0;loop < want;loop++) {
+      if(file->buffer[loop] == '\n') {
+        want=loop+1;/* include newline */
         break;
+      }
     }
 
-    return ptr;/*success */
+    /* xfer data to caller */
+    memcpy(ptr, file->buffer, want);
+    ptr[want]=0;/* allways null terminate */
+
+    use_buffer(file,want);
+
+    break;
+
+  default: /* unknown or supported type - oh dear */
+    ptr=NULL;
+    errno=EBADF;
+    break;
+  }
+
+  return ptr;/*success */
 }
 
-void
-url_rewind(URL_FILE *file)
+void url_rewind(URL_FILE *file)
 {
-    switch(file->type)
-    {
-    case CFTYPE_FILE:
-        rewind(file->handle.file); /* passthrough */
-        break;
+  switch(file->type) {
+  case CFTYPE_FILE:
+    rewind(file->handle.file); /* passthrough */
+    break;
 
-    case CFTYPE_CURL:
-        /* halt transaction */
-        curl_multi_remove_handle(multi_handle, file->handle.curl);
+  case CFTYPE_CURL:
+    /* halt transaction */
+    curl_multi_remove_handle(multi_handle, file->handle.curl);
 
-        /* restart */
-        curl_multi_add_handle(multi_handle, file->handle.curl);
+    /* restart */
+    curl_multi_add_handle(multi_handle, file->handle.curl);
 
-        /* ditch buffer - write will recreate - resets stream pos*/
-        if(file->buffer)
-            free(file->buffer);
+    /* ditch buffer - write will recreate - resets stream pos*/
+    if(file->buffer)
+      free(file->buffer);
 
-        file->buffer=NULL;
-        file->buffer_pos=0;
-        file->buffer_len=0;
+    file->buffer=NULL;
+    file->buffer_pos=0;
+    file->buffer_len=0;
 
-        break;
-
-    default: /* unknown or supported type - oh dear */
-        break;
-
-    }
+    break;
 
+  default: /* unknown or supported type - oh dear */
+    break;
+  }
 }
 
-
 /* Small main program to retrive from a url using fgets and fread saving the
  * output to two test files (note the fgets method will corrupt binary files if
  * they contain 0 chars */
-int
-main(int argc, char *argv[])
+int main(int argc, char *argv[])
 {
-    URL_FILE *handle;
-    FILE *outf;
+  URL_FILE *handle;
+  FILE *outf;
 
-    int nread;
-    char buffer[256];
-    const char *url;
+  int nread;
+  char buffer[256];
+  const char *url;
 
-    if(argc < 2)
-    {
-        url="http://192.168.7.3/testfile";/* default to testurl */
-    }
-    else
-    {
-        url=argv[1];/* use passed url */
-    }
+  if(argc < 2)
+    url="http://192.168.7.3/testfile";/* default to testurl */
+  else
+    url=argv[1];/* use passed url */
 
-    /* copy from url line by line with fgets */
-    outf=fopen("fgets.test","w+");
-    if(!outf)
-    {
-        perror("couldn't open fgets output file\n");
-        return 1;
-    }
-
-    handle = url_fopen(url, "r");
-    if(!handle)
-    {
-        printf("couldn't url_fopen() %s\n", url);
-        fclose(outf);
-        return 2;
-    }
-
-    while(!url_feof(handle))
-    {
-        url_fgets(buffer,sizeof(buffer),handle);
-        fwrite(buffer,1,strlen(buffer),outf);
-    }
-
-    url_fclose(handle);
+  /* copy from url line by line with fgets */
+  outf=fopen("fgets.test","w+");
+  if(!outf) {
+    perror("couldn't open fgets output file\n");
+    return 1;
+  }
 
+  handle = url_fopen(url, "r");
+  if(!handle) {
+    printf("couldn't url_fopen() %s\n", url);
     fclose(outf);
+    return 2;
+  }
+
+  while(!url_feof(handle)) {
+    url_fgets(buffer,sizeof(buffer),handle);
+    fwrite(buffer,1,strlen(buffer),outf);
+  }
+
+  url_fclose(handle);
+
+  fclose(outf);
 
 
-    /* Copy from url with fread */
-    outf=fopen("fread.test","w+");
-    if(!outf)
-    {
-        perror("couldn't open fread output file\n");
-        return 1;
-    }
-
-    handle = url_fopen("testfile", "r");
-    if(!handle) {
-        printf("couldn't url_fopen() testfile\n");
-        fclose(outf);
-        return 2;
-    }
-
-    do {
-        nread = url_fread(buffer, 1,sizeof(buffer), handle);
-        fwrite(buffer,1,nread,outf);
-    } while(nread);
-
-    url_fclose(handle);
+  /* Copy from url with fread */
+  outf=fopen("fread.test","w+");
+  if(!outf) {
+    perror("couldn't open fread output file\n");
+    return 1;
+  }
 
+  handle = url_fopen("testfile", "r");
+  if(!handle) {
+    printf("couldn't url_fopen() testfile\n");
     fclose(outf);
+    return 2;
+  }
+
+  do {
+    nread = url_fread(buffer, 1,sizeof(buffer), handle);
+    fwrite(buffer,1,nread,outf);
+  } while(nread);
+
+  url_fclose(handle);
+
+  fclose(outf);
 
 
-    /* Test rewind */
-    outf=fopen("rewind.test","w+");
-    if(!outf)
-    {
-        perror("couldn't open fread output file\n");
-        return 1;
-    }
-
-    handle = url_fopen("testfile", "r");
-    if(!handle) {
-        printf("couldn't url_fopen() testfile\n");
-        fclose(outf);
-        return 2;
-    }
-
-        nread = url_fread(buffer, 1,sizeof(buffer), handle);
-        fwrite(buffer,1,nread,outf);
-        url_rewind(handle);
-
-        buffer[0]='\n';
-        fwrite(buffer,1,1,outf);
-
-        nread = url_fread(buffer, 1,sizeof(buffer), handle);
-        fwrite(buffer,1,nread,outf);
-
-
-    url_fclose(handle);
+  /* Test rewind */
+  outf=fopen("rewind.test","w+");
+  if(!outf) {
+    perror("couldn't open fread output file\n");
+    return 1;
+  }
 
+  handle = url_fopen("testfile", "r");
+  if(!handle) {
+    printf("couldn't url_fopen() testfile\n");
     fclose(outf);
+    return 2;
+  }
+
+  nread = url_fread(buffer, 1,sizeof(buffer), handle);
+  fwrite(buffer,1,nread,outf);
+  url_rewind(handle);
+
+  buffer[0]='\n';
+  fwrite(buffer,1,1,outf);
+
+  nread = url_fread(buffer, 1,sizeof(buffer), handle);
+  fwrite(buffer,1,nread,outf);
 
 
-    return 0;/* all done */
+  url_fclose(handle);
+
+  fclose(outf);
+
+
+  return 0;/* all done */
 }

docs/examples/ftpgetinfo.c

@@ -21,6 +21,8 @@
 
 static size_t throw_away(void *ptr, size_t size, size_t nmemb, void *data)
 {
+  (void)ptr;
+  (void)data;
   /* we are not interested in the headers itself,
      so we only return the size we would have saved ... */
   return (size_t)(size * nmemb);
@@ -58,7 +60,7 @@ int main(void)
       if((CURLE_OK == res) && filetime)
         printf("filetime %s: %s", filename, ctime(&filetime));
       res = curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD, &filesize);
-      if((CURLE_OK == res) && filesize)
+      if((CURLE_OK == res) && (filesize>0))
         printf("filesize %s: %0.0f bytes\n", filename, filesize);
     } else {
       /* we failed */

docs/examples/ftpgetresp.c

@@ -27,7 +27,7 @@ write_response(void *ptr, size_t size, size_t nmemb, void *data)
   return fwrite(ptr, size, nmemb, writehere);
 }
 
-int main(int argc, char **argv)
+int main(void)
 {
   CURL *curl;
   CURLcode res;

docs/examples/ftpupload.c

@@ -48,7 +48,7 @@ static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
   return retcode;
 }
 
-int main(int argc, char **argv)
+int main(void)
 {
   CURL *curl;
   CURLcode res;

docs/examples/getinmemory.c

@@ -43,7 +43,7 @@ WriteMemoryCallback(void *ptr, size_t size, size_t nmemb, void *data)
 }
 
 
-int main(int argc, char **argv)
+int main(void)
 {
   CURL *curl_handle;
 
@@ -87,7 +87,7 @@ int main(int argc, char **argv)
    * you're done with it, you should free() it as a nice application.
    */
 
-  printf("%lu bytes retrieved\n", chunk.size);
+  printf("%lu bytes retrieved\n", (long)chunk.size);
 
   if(chunk.memory)
     free(chunk.memory);

docs/examples/hiperfifo.c

@@ -350,7 +350,7 @@ static int init_fifo (GlobalInfo *g)
 {
   struct stat st;
   static const char *fifo = "hiper.fifo";
-  int sockfd;
+  curl_socket_t sockfd;
 
   fprintf(MSG_OUT, "Creating named pipe \"%s\"\n", fifo);
   if (lstat (fifo, &st) == 0) {

docs/examples/multi-app.c

@@ -27,7 +27,7 @@
 #define HTTP_HANDLE 0   /* Index for the HTTP transfer */
 #define FTP_HANDLE 1    /* Index for the FTP transfer */
 
-int main(int argc, char **argv)
+int main(void)
 {
   CURL *handles[HANDLECOUNT];
   CURLM *multi_handle;
@@ -101,12 +101,8 @@ int main(int argc, char **argv)
     case -1:
       /* select error */
       break;
-    case 0:
-      /* timeout, do something else */
-      break;
-    default:
-      /* one or more of curl's file descriptors say there's data to read
-         or write */
+    case 0: /* timeout */
+    default: /* action */
       curl_multi_perform(multi_handle, &still_running);
       break;
     }

docs/examples/multi-debugcallback.c

@@ -37,12 +37,12 @@ void dump(const char *text,
     /* without the hex output, we can fit more on screen */
     width = 0x40;
 
-  fprintf(stream, "%s, %010.10ld bytes (0x%08.8lx)\n",
+  fprintf(stream, "%s, %10.10ld bytes (0x%8.8lx)\n",
           text, (long)size, (long)size);
 
   for(i=0; i<size; i+= width) {
 
-    fprintf(stream, "%04.4lx: ", (long)i);
+    fprintf(stream, "%4.4lx: ", (long)i);
 
     if(!nohex) {
       /* hex not disabled, show it */
@@ -79,6 +79,7 @@ int my_trace(CURL *handle, curl_infotype type,
 {
   const char *text;
 
+  (void)userp;
   (void)handle; /* prevent compiler warning */
 
   switch (type) {
@@ -108,7 +109,7 @@ int my_trace(CURL *handle, curl_infotype type,
 /*
  * Simply download a HTTP file.
  */
-int main(int argc, char **argv)
+int main(void)
 {
   CURL *http_handle;
   CURLM *multi_handle;

docs/examples/multi-double.c

@@ -22,7 +22,7 @@
 /*
  * Simply download two HTTP files!
  */
-int main(int argc, char **argv)
+int main(void)
 {
   CURL *http_handle;
   CURL *http_handle2;

docs/examples/multi-post.c

@@ -15,7 +15,7 @@
 
 #include <curl/curl.h>
 
-int main(int argc, char *argv[])
+int main(void)
 {
   CURL *curl;
 
@@ -112,7 +112,6 @@ int main(int argc, char *argv[])
         /* select error */
         break;
       case 0:
-        printf("timeout!\n");
       default:
         /* timeout or readable/writable sockets */
         printf("perform!\n");

docs/examples/multi-single.c

@@ -22,7 +22,7 @@
 /*
  * Simply download a HTTP file.
  */
-int main(int argc, char **argv)
+int main(void)
 {
   CURL *http_handle;
   CURLM *multi_handle;

docs/examples/persistant.c

@@ -11,7 +11,7 @@
 #include <unistd.h>
 #include <curl/curl.h>
 
-int main(int argc, char **argv)
+int main(void)
 {
   CURL *curl;
   CURLcode res;

docs/examples/sendrecv.c

@@ -14,7 +14,7 @@
 #include <curl/curl.h>
 
 /* Auxiliary function that waits on the socket. */
-static int wait_on_socket(int sockfd, int for_recv, long timeout_ms)
+static int wait_on_socket(curl_socket_t sockfd, int for_recv, long timeout_ms)
 {
   struct timeval tv;
   fd_set infd, outfd, errfd;
@@ -49,7 +49,8 @@ int main(void)
   CURLcode res;
   /* Minimalistic http request */
   const char *request = "GET / HTTP/1.0\r\nHost: example.com\r\n\r\n";
-  int sockfd; /* socket */
+  curl_socket_t sockfd; /* socket */
+  long sockextr;
   size_t iolen;
 
   curl = curl_easy_init();
@@ -65,9 +66,11 @@ int main(void)
       return 1;
     }
 
-    /* Extract the socket from the curl handle - we'll need it
-     * for waiting */
-    res = curl_easy_getinfo(curl, CURLINFO_LASTSOCKET, &sockfd);
+    /* Extract the socket from the curl handle - we'll need it for waiting.
+     * Note that this API takes a pointer to a 'long' while we use
+     * curl_socket_t for sockets otherwise.
+     */
+    res = curl_easy_getinfo(curl, CURLINFO_LASTSOCKET, &sockextr);
 
     if(CURLE_OK != res)
     {
@@ -75,6 +78,8 @@ int main(void)
       return 1;
     }
 
+    sockfd = sockextr;
+
     /* wait for the socket to become ready for sending */
     if(!wait_on_socket(sockfd, 0, 60000L))
     {

docs/examples/sepheaders.c

@@ -21,7 +21,7 @@ static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream)
   return written;
 }
 
-int main(int argc, char **argv)
+int main(void)
 {
   CURL *curl_handle;
   static const char *headerfilename = "head.out";

docs/examples/simplesmtp.c

@@ -0,0 +1,71 @@
+/*****************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <curl/curl.h>
+
+int main(void)
+{
+  CURL *curl;
+  CURLcode res;
+  struct curl_slist *recipients = NULL;
+
+  /* value for envelope reverse-path */
+  static const char *from = "<bradh@example.com>";
+
+  /* this becomes the envelope forward-path */
+  static const char *to = "<bradh@example.net>";
+
+  curl = curl_easy_init();
+  if(curl) {
+    /* this is the URL for your mailserver - you can also use an smtps:// URL
+     * here */
+    curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.net.");
+
+    /* Note that this option isn't strictly required, omitting it will result in
+     * libcurl will sent the MAIL FROM command with no sender data. All
+     * autoresponses should have an empty reverse-path, and should be directed
+     * to the address in the reverse-path which triggered them. Otherwise, they
+     * could cause an endless loop. See RFC 5321 Section 4.5.5 for more details.
+     */
+    curl_easy_setopt(curl, CURLOPT_MAIL_FROM, from);
+
+    /* Note that the CURLOPT_MAIL_RCPT takes a list, not a char array.  */
+    recipients = curl_slist_append(recipients, to);
+    curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
+
+    /* You provide the payload (headers and the body of the message) as the
+     * "data" element. There are two choices, either:
+     * - provide a callback function and specify the function name using the
+     * CURLOPT_READFUNCTION option; or
+     * - just provide a FILE pointer that can be used to read the data from.
+     * The easiest case is just to read from standard input, (which is available
+     * as a FILE pointer) as shown here.
+     */
+    curl_easy_setopt(curl, CURLOPT_READDATA, stdin);
+
+    /* send the message (including headers) */
+    res = curl_easy_perform(curl);
+
+    /* free the list of recipients */
+    curl_slist_free_all(recipients);
+
+    /* curl won't send the QUIT command until you call cleanup, so you should be
+     * able to re-use this connection for additional messages (setting
+     * CURLOPT_MAIL_FROM and CURLOPT_MAIL_RCPT as required, and calling
+     * curl_easy_perform() again. It may not be a good idea to keep the
+     * connection open for a very long time though (more than a few minutes may
+     * result in the server timing out the connection), and you do want to clean
+     * up in the end.
+     */
+    curl_easy_cleanup(curl);
+  }
+  return 0;
+}

docs/examples/simplessl.c

@@ -32,7 +32,7 @@
 
 */
 
-int main(int argc, char **argv)
+int main(void)
 {
   CURL *curl;
   CURLcode res;
@@ -47,7 +47,7 @@ int main(int argc, char **argv)
 
   const char *pEngine;
 
-#if USE_ENGINE
+#ifdef USE_ENGINE
   pKeyName  = "rsa_test";
   pKeyType  = "ENG";
   pEngine   = "chil";            /* for nChiper HSM... */

docs/examples/smtp-multi.c

@@ -0,0 +1,192 @@
+/*****************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ *
+ * This is an example application source code sending SMTP mail using the
+ * multi interface.
+ */
+
+#include <string.h>
+#include <curl/curl.h>
+
+/*
+ * This is the list of basic details you need to tweak to get things right.
+ */
+#define USERNAME "user@example.com"
+#define PASSWORD "123qwerty"
+#define SMTPSERVER "smtp.example.com"
+#define SMTPPORT ":587" /* it is a colon+port string, but you can set it
+                           to "" to use the default port */
+#define RECIPIENT "<recipient@example.com>"
+#define MAILFROM "<realuser@example.com>"
+
+#define MULTI_PERFORM_HANG_TIMEOUT 60 * 1000
+
+/* Note that you should include the actual meta data headers here as well if
+   you want the mail to have a Subject, another From:, show a To: or whatever
+   you think your mail should feature! */
+static const char *text[]={
+  "one\n",
+  "two\n",
+  "three\n",
+  " Hello, this is CURL email SMTP\n",
+  NULL
+};
+
+struct WriteThis {
+  int counter;
+};
+
+static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *userp)
+{
+  struct WriteThis *pooh = (struct WriteThis *)userp;
+  const char *data;
+
+  if(size*nmemb < 1)
+    return 0;
+
+  data = text[pooh->counter];
+
+  if(data) {
+    size_t len = strlen(data);
+    memcpy(ptr, data, len);
+    pooh->counter++; /* advance pointer */
+    return len;
+  }
+  return 0;                         /* no more data left to deliver */
+}
+
+static struct timeval tvnow(void)
+{
+  /*
+  ** time() returns the value of time in seconds since the Epoch.
+  */
+  struct timeval now;
+  now.tv_sec = (long)time(NULL);
+  now.tv_usec = 0;
+  return now;
+}
+
+static long tvdiff(struct timeval newer, struct timeval older)
+{
+  return (newer.tv_sec-older.tv_sec)*1000+
+    (newer.tv_usec-older.tv_usec)/1000;
+}
+
+int main(void)
+{
+   CURL *curl;
+   CURLM *mcurl;
+   int still_running = 1;
+   struct timeval mp_start;
+   char mp_timedout = 0;
+   struct WriteThis pooh;
+   struct curl_slist* rcpt_list = NULL;
+
+   pooh.counter = 0;
+
+   curl_global_init(CURL_GLOBAL_DEFAULT);
+
+   curl = curl_easy_init();
+   if(!curl)
+     return 1;
+
+   mcurl = curl_multi_init();
+   if(!mcurl)
+     return 2;
+
+   rcpt_list = curl_slist_append(rcpt_list, RECIPIENT);
+   /* more addresses can be added here
+      rcpt_list = curl_slist_append(rcpt_list, "<others@example.com>");
+   */
+
+   curl_easy_setopt(curl, CURLOPT_URL, "smtp://" SMTPSERVER SMTPPORT);
+   curl_easy_setopt(curl, CURLOPT_USERNAME, USERNAME);
+   curl_easy_setopt(curl, CURLOPT_PASSWORD, PASSWORD);
+   curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
+   curl_easy_setopt(curl, CURLOPT_MAIL_FROM, MAILFROM);
+   curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, rcpt_list);
+   curl_easy_setopt(curl, CURLOPT_USE_SSL, CURLUSESSL_ALL);
+   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER,0);
+   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
+   curl_easy_setopt(curl, CURLOPT_READDATA, &pooh);
+   curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
+   curl_easy_setopt(curl, CURLOPT_SSLVERSION, 0);
+   curl_easy_setopt(curl, CURLOPT_SSL_SESSIONID_CACHE, 0);
+   curl_multi_add_handle(mcurl, curl);
+
+   mp_timedout = 0;
+   mp_start = tvnow();
+
+  /* we start some action by calling perform right away */
+  curl_multi_perform(mcurl, &still_running);
+
+  while(still_running) {
+    struct timeval timeout;
+    int rc; /* select() return code */
+
+    fd_set fdread;
+    fd_set fdwrite;
+    fd_set fdexcep;
+    int maxfd = -1;
+
+    long curl_timeo = -1;
+
+    FD_ZERO(&fdread);
+    FD_ZERO(&fdwrite);
+    FD_ZERO(&fdexcep);
+
+    /* set a suitable timeout to play around with */
+    timeout.tv_sec = 1;
+    timeout.tv_usec = 0;
+
+    curl_multi_timeout(mcurl, &curl_timeo);
+    if(curl_timeo >= 0) {
+      timeout.tv_sec = curl_timeo / 1000;
+      if(timeout.tv_sec > 1)
+        timeout.tv_sec = 1;
+      else
+        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+    }
+
+    /* get file descriptors from the transfers */
+    curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
+
+    /* In a real-world program you OF COURSE check the return code of the
+       function calls.  On success, the value of maxfd is guaranteed to be
+       greater or equal than -1.  We call select(maxfd + 1, ...), specially in
+       case of (maxfd == -1), we call select(0, ...), which is basically equal
+       to sleep. */
+
+    rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+
+    if (tvdiff(tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
+      fprintf(stderr, "ABORTING TEST, since it seems "
+              "that it would have run forever.\n");
+      break;
+    }
+
+    switch(rc) {
+    case -1:
+      /* select error */
+      break;
+    case 0: /* timeout */
+    default: /* action */
+      curl_multi_perform(mcurl, &still_running);
+      break;
+    }
+  }
+
+  curl_slist_free_all(rcpt_list);
+  curl_multi_remove_handle(mcurl, curl);
+  curl_multi_cleanup(mcurl);
+  curl_easy_cleanup(curl);
+  curl_global_cleanup();
+  return 0;
+}
+
+

docs/examples/smtp-tls.c

@@ -0,0 +1,136 @@
+/*****************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <curl/curl.h>
+
+/* This is a simple example showing how to send mail using libcurl's SMTP
+ * capabilities. It builds on the simplesmtp.c example, adding some
+ * authentication and transport security.
+ */
+
+#define FROM    "<sender@example.org>"
+#define TO      "<addressee@example.net>"
+#define CC      "<info@example.org>"
+
+static const char *payload_text[]={
+  "Date: Mon, 29 Nov 2010 21:54:29 +1100\n",
+  "To: " TO "\n",
+  "From: " FROM "(Example User)\n",
+  "Cc: " CC "(Another example User)\n",
+  "Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@rfcpedant.example.org>\n",
+  "Subject: SMTP TLS example message\n",
+  "\n", /* empty line to divide headers from body, see RFC5322 */
+  "The body of the message starts here.\n",
+  "\n",
+  "It could be a lot of lines, could be MIME encoded, whatever.\n",
+  "Check RFC5322.\n",
+  NULL
+};
+
+struct upload_status {
+  int lines_read;
+};
+
+static size_t payload_source(void *ptr, size_t size, size_t nmemb, void *userp)
+{
+  struct upload_status *upload_ctx = (struct upload_status *)userp;
+  const char *data;
+
+  if ((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
+    return 0;
+  }
+
+  data = payload_text[upload_ctx->lines_read];
+
+  if (data) {
+    size_t len = strlen(data);
+    memcpy(ptr, data, len);
+    upload_ctx->lines_read ++;
+    return len;
+  }
+  return 0;
+}
+
+
+int main(void)
+{
+  CURL *curl;
+  CURLcode res;
+  struct curl_slist *recipients = NULL;
+  struct upload_status upload_ctx;
+
+  upload_ctx.lines_read = 0;
+
+  curl = curl_easy_init();
+  if (curl) {
+    /* This is the URL for your mailserver. Note the use of port 587 here,
+     * instead of the normal SMTP port (25). Port 587 is commonly used for
+     * secure mail submission (see RFC4403), but you should use whatever
+     * matches your server configuration. */
+    curl_easy_setopt(curl, CURLOPT_URL, "smtp://mainserver.example.net:587");
+
+    /* In this example, we'll start with a plain text connection, and upgrade
+     * to Transport Layer Security (TLS) using the STARTTLS command. Be careful
+     * of using CURLUSESSL_TRY here, because if TLS upgrade fails, the transfer
+     * will continue anyway - see the security discussion in the libcurl
+     * tutorial for more details. */
+    curl_easy_setopt(curl, CURLOPT_USE_SSL, CURLUSESSL_ALL);
+
+    /* If your server doesn't have a valid certificate, then you can disable
+     * part of the Transport Layer Security protection by setting the
+     * CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST options to 0 (false).
+     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
+     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
+     * That is, in general, a bad idea. It is still better than sending your
+     * authentication details in plain text though.
+     * Instead, you should get the issuer certificate (or the host certificate
+     * if the certificate is self-signed) and add it to the set of certificates
+     * that are known to libcurl using CURLOPT_CAINFO and/or CURLOPT_CAPATH. See
+     * docs/SSLCERTS for more information.
+     */
+    curl_easy_setopt(curl, CURLOPT_CAINFO, "/path/to/certificate.pem");
+
+    /* A common reason for requiring transport security is to protect
+     * authentication details (user names and passwords) from being "snooped"
+     * on the network. Here is how the user name and password are provided: */
+    curl_easy_setopt(curl, CURLOPT_USERNAME, "user@example.net");
+    curl_easy_setopt(curl, CURLOPT_PASSWORD, "P@ssw0rd");
+
+    /* value for envelope reverse-path */
+    curl_easy_setopt(curl, CURLOPT_MAIL_FROM, FROM);
+    /* Add two recipients, in this particular case they correspond to the
+     * To: and Cc: addressees in the header, but they could be any kind of
+     * recipient. */
+    recipients = curl_slist_append(recipients, TO);
+    recipients = curl_slist_append(recipients, CC);
+    curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
+
+    /* In this case, we're using a callback function to specify the data. You
+     * could just use the CURLOPT_READDATA option to specify a FILE pointer to
+     * read from.
+     */
+    curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source);
+    curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
+
+    /* Since the traffic will be encrypted, it is very useful to turn on debug
+     * information within libcurl to see what is happening during the transfer.
+     */
+    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
+
+    /* send the message (including headers) */
+    res = curl_easy_perform(curl);
+
+    /* free the list of recipients and clean up */
+    curl_slist_free_all(recipients);
+    curl_easy_cleanup(curl);
+  }
+  return 0;
+}

docs/examples/version-check.pl

@@ -0,0 +1,105 @@
+#!/usr/bin/env perl
+#***************************************************************************
+#                                  _   _ ____  _
+#  Project                     ___| | | |  _ \| |
+#                             / __| | | | |_) | |
+#                            | (__| |_| |  _ <| |___
+#                             \___|\___/|_| \_\_____|
+#
+# Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at http://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+###########################################################################
+
+# This script accepts a source file as input on the command line.
+#
+# It first loads the 'symbols-in-versions' document and stores a lookup
+# table for all known symbols for which version they were introduced.
+#
+# It then scans the given source file to dig up all symbols starting with CURL.
+# Finally, it sorts the internal list of found symbols (using the version
+# number as sort key) and then it outputs the most recent version number and
+# the symbols from that version that are used.
+#
+# Usage:
+#
+#    version-check.pl [source file]
+#
+
+open(S, "<../libcurl/symbols-in-versions") || die;
+
+my %doc;
+my %rem;
+while(<S>) {
+    if(/(^CURL[^ \n]*) *(.*)/) {
+        my ($sym, $rest)=($1, $2);
+        my @a=split(/ +/, $rest);
+
+        $doc{$sym}=$a[0]; # when it was introduced
+
+        if($a[2]) {
+            # this symbol is documented to have been present the last time
+            # in this release
+            $rem{$sym}=$a[2];
+        }
+    }
+
+}
+
+close(S);
+
+sub age {
+    my ($ver)=@_;
+
+    my @s=split(/\./, $ver);
+    return $s[0]*10000+$s[1]*100+$s[2];
+}
+
+my %used;
+open(C, "<$ARGV[0]") || die;
+
+while(<C>) {
+    if(/\W(CURL[_A-Z0-9v]+)\W/) {
+        #print "$1\n";
+        $used{$1}++;
+    }
+}
+
+close(C);
+
+sub sortversions {
+    my $r = age($doc{$a}) <=> age($doc{$b});
+    if(!$r) {
+        $r = $a cmp $b;
+    }
+    return $r;
+}
+
+my @recent = reverse sort sortversions keys %used;
+
+# the most recent symbol
+my $newsym = $recent[0];
+# the most recent version
+my $newver = $doc{$newsym}; 
+
+print "The scanned source uses these symbols introduced in $newver:\n";
+
+for my $w (@recent) {
+    if($doc{$w} eq $newver) {
+        printf "  $w\n";
+        next;
+    }
+    last;
+}
+
+

docs/libcurl/curl_easy_getinfo.3

@@ -206,6 +206,8 @@ Pass a pointer to a char pointer to receive a pointer to a string holding the
 path of the entry path. That is the initial path libcurl ended up in when
 logging on to the remote FTP server. This stores a NULL as pointer if
 something is wrong. (Added in 7.15.4)
+
+Also works for SFTP since 7.21.4
 .IP CURLINFO_CERTINFO
 Pass a pointer to a 'struct curl_certinfo *' and you'll get it set to point to
 struct that holds a number of linked lists with info about the certificate

docs/libcurl/curl_easy_setopt.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -84,6 +84,13 @@ If this option is set and libcurl has been built with the standard name
 resolver, timeouts will not occur while the name resolve takes place.
 Consider building libcurl with c-ares support to enable asynchronous DNS
 lookups, which enables nice timeouts for name resolves without signals.
+
+Setting \fICURLOPT_NOSIGNAL\fP to 1 makes libcurl NOT ask the system to ignore
+SIGPIPE signals, which otherwise are sent by the system when trying to send
+data to a socket which is closed in the other end. libcurl makes an effort to
+never cause such SIGPIPEs to trigger, but some operating systems have no way
+to avoid them and even on those that have there are some corner cases when
+they may still happen, contrary to our desire.
 .IP CURLOPT_WILDCARDMATCH
 Set this option to 1 if you want to transfer multiple files according to a
 file name pattern. The pattern can be specified as part of the
@@ -858,7 +865,34 @@ secure.
 This is a convenience macro that sets all bits except Basic and thus makes
 libcurl pick any it finds suitable. libcurl will automatically select the one
 it finds most secure.
+.IP CURLAUTH_ONLY
+This is a meta symbol. Or this value together with a single specific auth
+value to force libcurl to probe for un-restricted auth and if not, only that
+single auth algorithm is acceptable. (Added in 7.21.3)
 .RE
+.IP CURLOPT_TLSAUTH_TYPE
+Pass a long as parameter, which is set to a bitmask, to tell libcurl which
+authentication method(s) you want it to use for TLS authentication.
+.RS
+.IP CURLOPT_TLSAUTH_SRP
+TLS-SRP authentication. Secure Remote Password authentication for TLS is
+defined in RFC 5054 and provides mutual authentication if both sides have a
+shared secret. To use TLS-SRP, you must also set the
+\fICURLOPT_TLSAUTH_USERNAME\fP and \fICURLOPT_TLSAUTH_PASSWORD\fP options.
+
+You need to build libcurl with GnuTLS and with TLS-SRP support for this to
+work. (Added in 7.21.4)
+.RE
+.IP CURLOPT_TLSAUTH_USERNAME
+Pass a char * as parameter, which should point to the zero-terminated username
+to use for the TLS authentication method specified with the
+\fICURLOPT_TLSAUTH_TYPE\fP option. Requires that the
+\fICURLOPT_TLS_PASSWORD\fP option also be set. (Added in 7.21.4)
+.IP CURLOPT_TLSAUTH_PASSWORD
+Pass a char * as parameter, which should point to the zero-terminated password
+to use for the TLS authentication method specified with the
+\fICURLOPT_TLSAUTH_TYPE\fP option. Requires that the
+\fICURLOPT_TLS_USERNAME\fP option also be set. (Added in 7.21.4)
 .IP CURLOPT_PROXYAUTH
 Pass a long as parameter, which is set to a bitmask, to tell libcurl which
 authentication method(s) you want it to use for your proxy authentication.  If
@@ -1178,6 +1212,10 @@ option is set to zero. (added in 7.16.2)
 Pass a pointer to a zero terminated string as parameter. It will be used to
 specify the sender address in a mail when sending an SMTP mail with libcurl.
 
+An originator email address in SMTP lingo is specified within angle brackets
+(<>) which libcurl will not add for you before version 7.21.4. Failing to
+provide such brackets may cause the server to reject your mail.
+
 (Added in 7.20.0)
 .IP CURLOPT_MAIL_RCPT
 Pass a pointer to a linked list of recipients to pass to the server in your
@@ -1337,22 +1375,6 @@ it already uses for the control connection. But it will use the port number
 from the 227-response. (Added in 7.14.2)
 
 This option has no effect if PORT, EPRT or EPSV is used instead of PASV.
-.IP CURLOPT_USE_SSL
-Pass a long using one of the values from below, to make libcurl use your
-desired level of SSL for the FTP transfer. (Added in 7.11.0)
-
-(This option was known as CURLOPT_FTP_SSL up to 7.16.4, and the constants
-were known as CURLFTPSSL_*)
-.RS
-.IP CURLUSESSL_NONE
-Don't attempt to use SSL.
-.IP CURLUSESSL_TRY
-Try using SSL, proceed as normal otherwise.
-.IP CURLUSESSL_CONTROL
-Require SSL for the control connection or fail with \fICURLE_USE_SSL_FAILED\fP.
-.IP CURLUSESSL_ALL
-Require SSL for all communication or fail with \fICURLE_USE_SSL_FAILED\fP.
-.RE
 .IP CURLOPT_FTPSSLAUTH
 Pass a long using one of the values from below, to alter how libcurl issues
 \&"AUTH TLS" or "AUTH SSL" when FTP over SSL is activated (see
@@ -1524,7 +1546,9 @@ to 0 (zero, the default), \fICURLOPT_TRANSFERTEXT\fP has no effect when doing
 FTP via a proxy. Beware that not all proxies support this feature.  (Added in
 7.18.0)
 .IP CURLOPT_CRLF
-Convert Unix newlines to CRLF newlines on transfers.
+Pass a long. If the value is set to 1 (one), libcurl converts Unix newlines to
+CRLF newlines on transfers. Disable this option again by setting the value to
+0 (zero).
 .IP CURLOPT_RANGE
 Pass a char * as parameter, which should contain the specified range you
 want. It should be in the format "X-Y", where X or Y may be left out. HTTP
@@ -1647,8 +1671,8 @@ given limit. This concerns both FTP and HTTP transfers.
 .IP CURLOPT_TIMECONDITION
 Pass a long as parameter. This defines how the \fICURLOPT_TIMEVALUE\fP time
 value is treated. You can set this parameter to \fICURL_TIMECOND_IFMODSINCE\fP
-or \fICURL_TIMECOND_IFUNMODSINCE\fP. This feature applies to HTTP, FTP, and
-RTSP.
+or \fICURL_TIMECOND_IFUNMODSINCE\fP. This feature applies to HTTP, FTP, RTSP,
+and FILE.
 
 The last modification time of a file is not always known and in such instances
 this feature will have no effect even if the given time condition would not
@@ -1763,14 +1787,56 @@ This option is useful with the \fICURLINFO_LASTSOCKET\fP option to
 \fIcurl_easy_getinfo(3)\fP. The library can set up the connection and then the
 application can obtain the most recently used socket for special data
 transfers. (Added in 7.15.2)
+.IP CURLOPT_USE_SSL
+Pass a long using one of the values from below, to make libcurl use your
+desired level of SSL for the transfer. (Added in 7.11.0)
+
+This is for enabling SSL/TLS when you use FTP, SMTP, POP3, IMAP etc.
+
+(This option was known as CURLOPT_FTP_SSL up to 7.16.4, and the constants
+were known as CURLFTPSSL_*)
+.RS
+.IP CURLUSESSL_NONE
+Don't attempt to use SSL.
+.IP CURLUSESSL_TRY
+Try using SSL, proceed as normal otherwise.
+.IP CURLUSESSL_CONTROL
+Require SSL for the control connection or fail with \fICURLE_USE_SSL_FAILED\fP.
+.IP CURLUSESSL_ALL
+Require SSL for all communication or fail with \fICURLE_USE_SSL_FAILED\fP.
+.RE
+.IP CURLOPT_RESOLVE
+Pass a pointer to a linked list of strings with host name resolve information
+to use for requests with this handle. The linked list should be a fully valid
+list of \fBstruct curl_slist\fP structs properly filled in. Use
+\fIcurl_slist_append(3)\fP to create the list and \fIcurl_slist_free_all(3)\fP
+to clean up an entire list.
+
+Each single name resolve string should be written using the format
+HOST:PORT:ADDRESS where HOST is the name libcurl will try to resolve, PORT is
+the port number of the service where libcurl wants to connect to the HOST and
+ADDRESS is the numerical IP address. If libcurl is built to support IPv6,
+ADDRESS can of course be either IPv4 or IPv6 style addressing.
+
+This option effectively pre-populates the DNS cache with entries for the
+host+port pair so redirects and everything that operations against the
+HOST+PORT will instead use your provided ADDRESS.
+
+You can remove names from the DNS cache again, to stop providing these fake
+resolves, by including a string in the linked list that uses the format
+\&"-HOST:PORT". The host name must be prefixed with a dash, and the host name
+and port number must exactly match what was already added previously.
+
+(Added in 7.12.3)
 .SH SSL and SECURITY OPTIONS
 .IP CURLOPT_SSLCERT
 Pass a pointer to a zero terminated string as parameter. The string should be
 the file name of your certificate. The default format is "PEM" and can be
 changed with \fICURLOPT_SSLCERTTYPE\fP.
 
-With NSS this is the nickname of the certificate you wish to authenticate
-with.
+With NSS this can also be the nickname of the certificate you wish to
+authenticate with. If you want to use a file from the current directory, please
+precede it with "./" prefix, in order to avoid confusion with a nickname.
 .IP CURLOPT_SSLCERTTYPE
 Pass a pointer to a zero terminated string as parameter. The string should be
 the format of your certificate. Supported formats are "PEM" and "DER".  (Added
@@ -1829,28 +1895,30 @@ Force SSLv2
 Force SSLv3
 .RE
 .IP CURLOPT_SSL_VERIFYPEER
-Pass a long as parameter.
+Pass a long as parameter. By default, curl assumes a value of 1.
 
 This option determines whether curl verifies the authenticity of the peer's
-certificate. A value of 1 means curl verifies; zero means it doesn't.  The
-default is nonzero, but before 7.10, it was zero.
+certificate. A value of 1 means curl verifies; 0 (zero) means it doesn't.
 
 When negotiating an SSL connection, the server sends a certificate indicating
 its identity.  Curl verifies whether the certificate is authentic, i.e. that
 you can trust that the server is who the certificate says it is.  This trust
 is based on a chain of digital signatures, rooted in certification authority
-(CA) certificates you supply.  As of 7.10, curl installs a default bundle of
-CA certificates and you can specify alternate certificates with the
-\fICURLOPT_CAINFO\fP option or the \fICURLOPT_CAPATH\fP option.
+(CA) certificates you supply.  curl uses a default bundle of CA certificates
+(the path for that is determined at build time) and you can specify alternate
+certificates with the \fICURLOPT_CAINFO\fP option or the \fICURLOPT_CAPATH\fP
+option.
 
 When \fICURLOPT_SSL_VERIFYPEER\fP is nonzero, and the verification fails to
 prove that the certificate is authentic, the connection fails.  When the
-option is zero, the connection succeeds regardless.
+option is zero, the peer certificate verification succeeds regardless.
 
 Authenticating the certificate is not by itself very useful.  You typically
 want to ensure that the server, as authentically identified by its
 certificate, is the server you mean to be talking to.  Use
-\fICURLOPT_SSL_VERIFYHOST\fP to control that.
+\fICURLOPT_SSL_VERIFYHOST\fP to control that. The check that the host name in
+the certificate is valid for the host name you're connecting to is done
+independently of the \fICURLOPT_SSL_VERIFYPEER\fP option.
 .IP CURLOPT_CAINFO
 Pass a char * to a zero terminated string naming a file holding one or more
 certificates to verify the peer with.  This makes sense only when used in
@@ -1881,13 +1949,15 @@ mismatch with the issuer of peer certificate (\fICURLOPT_SSL_VERIFYPEER\fP has
 to be set too for the check to fail). (Added in 7.19.0)
 .IP CURLOPT_CAPATH
 Pass a char * to a zero terminated string naming a directory holding multiple
-CA certificates to verify the peer with. The certificate directory must be
-prepared using the openssl c_rehash utility. This makes sense only when used
-in combination with the \fICURLOPT_SSL_VERIFYPEER\fP option.  If
-\fICURLOPT_SSL_VERIFYPEER\fP is zero, \fICURLOPT_CAPATH\fP need not even
-indicate an accessible path.  The \fICURLOPT_CAPATH\fP function apparently
-does not work in Windows due to some limitation in openssl. This option is
-OpenSSL-specific and does nothing if libcurl is built to use GnuTLS.
+CA certificates to verify the peer with. If libcurl is built against OpenSSL,
+the certificate directory must be prepared using the openssl c_rehash utility.
+This makes sense only when used in combination with the
+\fICURLOPT_SSL_VERIFYPEER\fP option.  If \fICURLOPT_SSL_VERIFYPEER\fP is zero,
+\fICURLOPT_CAPATH\fP need not even indicate an accessible path.  The
+\fICURLOPT_CAPATH\fP function apparently does not work in Windows due to some
+limitation in openssl. This option is OpenSSL-specific and does nothing if
+libcurl is built to use GnuTLS. NSS-powered libcurl provides the option only
+for backward compatibility.
 .IP CURLOPT_CRLFILE
 Pass a char * to a zero terminated string naming a file with the concatenation
 of CRL (in PEM format) to use in the certificate validation that occurs during
@@ -1906,20 +1976,6 @@ A specific error code (CURLE_SSL_CRL_BADFILE) is defined with the option. It
 is returned when the SSL exchange fails because the CRL file cannot be loaded.
 A failure in certificate verification due to a revocation information found in
 the CRL does not trigger this specific error. (Added in 7.19.0)
-.IP CURLOPT_CERTINFO
-Pass a long set to 1 to enable libcurl's certificate chain info gatherer. With
-this enabled, libcurl (if built with OpenSSL) will extract lots of information
-and data about the certificates in the certificate chain used in the SSL
-connection. This data is then possible to extract after a transfer using
-\fIcurl_easy_getinfo(3)\fP and its option \fICURLINFO_CERTINFO\fP. (Added in
-7.19.1)
-.IP CURLOPT_RANDOM_FILE
-Pass a char * to a zero terminated file name. The file will be used to read
-from to seed the random engine for SSL. The more random the specified file is,
-the more secure the SSL connection will become.
-.IP CURLOPT_EGDSOCKET
-Pass a char * to the zero terminated path name to the Entropy Gathering Daemon
-socket. It will be used to seed the random engine for SSL.
 .IP CURLOPT_SSL_VERIFYHOST
 Pass a long as parameter.
 
@@ -1943,10 +1999,25 @@ doesn't matter what name it says.  (This is not ordinarily a useful setting).
 When the value is 0, the connection succeeds regardless of the names in the
 certificate.
 
-The default, since 7.10, is 2.
+The default value for this option is 2.
 
-This option controls checking the server's claimed identity.  The server could
-be lying.  To control lying, see \fICURLOPT_SSL_VERIFYPEER\fP.
+This option controls checking the server's certificate's claimed identity.
+The server could be lying.  To control lying, see
+\fICURLOPT_SSL_VERIFYPEER\fP.
+.IP CURLOPT_CERTINFO
+Pass a long set to 1 to enable libcurl's certificate chain info gatherer. With
+this enabled, libcurl (if built with OpenSSL) will extract lots of information
+and data about the certificates in the certificate chain used in the SSL
+connection. This data is then possible to extract after a transfer using
+\fIcurl_easy_getinfo(3)\fP and its option \fICURLINFO_CERTINFO\fP. (Added in
+7.19.1)
+.IP CURLOPT_RANDOM_FILE
+Pass a char * to a zero terminated file name. The file will be used to read
+from to seed the random engine for SSL. The more random the specified file is,
+the more secure the SSL connection will become.
+.IP CURLOPT_EGDSOCKET
+Pass a char * to the zero terminated path name to the Entropy Gathering Daemon
+socket. It will be used to seed the random engine for SSL.
 .IP CURLOPT_SSL_CIPHER_LIST
 Pass a char *, pointing to a zero terminated string holding the list of
 ciphers to use for the SSL connection. The list must be syntactically correct,

docs/libcurl/libcurl-tutorial.3

@@ -283,6 +283,10 @@ yassl
 
  Required actions unknown.
 
+axTLS
+
+ Required actions unknown.
+
 When using multiple threads you should set the CURLOPT_NOSIGNAL option to 1
 for all handles. Everything will or might work fine except that timeouts are
 not honored during the DNS lookup - which you can work around by building

docs/libcurl/symbols-in-versions

@@ -18,18 +18,26 @@ CURLAUTH_BASIC                  7.10.6
 CURLAUTH_DIGEST                 7.10.6
 CURLAUTH_DIGEST_IE              7.19.3
 CURLAUTH_GSSNEGOTIATE           7.10.6
+CURLAUTH_NONE                   7.10.6
 CURLAUTH_NTLM                   7.10.6
+CURLAUTH_ONLY                   7.21.3
 CURLCLOSEPOLICY_CALLBACK        7.7
 CURLCLOSEPOLICY_LEAST_RECENTLY_USED 7.7
 CURLCLOSEPOLICY_LEAST_TRAFFIC   7.7
+CURLCLOSEPOLICY_NONE            7.7
 CURLCLOSEPOLICY_OLDEST          7.7
 CURLCLOSEPOLICY_SLOWEST         7.7
 CURLE_ABORTED_BY_CALLBACK       7.1
 CURLE_AGAIN                     7.18.2
+CURLE_ALREADY_COMPLETE          7.7.2
 CURLE_BAD_CALLING_ORDER         7.1           7.17.0
 CURLE_BAD_CONTENT_ENCODING      7.10
+CURLE_BAD_DOWNLOAD_RESUME       7.10
 CURLE_BAD_FUNCTION_ARGUMENT     7.1
 CURLE_BAD_PASSWORD_ENTERED      -             7.17.0
+CURLE_CHUNK_FAILED              7.20.1
+CURLE_CONV_FAILED               7.15.4
+CURLE_CONV_REQD                 7.15.4
 CURLE_COULDNT_CONNECT           7.1
 CURLE_COULDNT_RESOLVE_HOST      7.1
 CURLE_COULDNT_RESOLVE_PROXY     7.1
@@ -37,7 +45,9 @@ CURLE_FAILED_INIT               7.1
 CURLE_FILESIZE_EXCEEDED         7.10.8
 CURLE_FILE_COULDNT_READ_FILE    7.1
 CURLE_FTP_ACCESS_DENIED         7.1
+CURLE_FTP_BAD_DOWNLOAD_RESUME   7.1
 CURLE_FTP_BAD_DOWNLOAD_RESUME   7.1           7.1
+CURLE_FTP_BAD_FILE_LIST         7.20.1
 CURLE_FTP_CANT_GET_HOST         7.1
 CURLE_FTP_CANT_RECONNECT        7.1           7.17.0
 CURLE_FTP_COULDNT_GET_SIZE      7.1           7.17.0
@@ -65,11 +75,13 @@ CURLE_HTTP_NOT_FOUND            7.1
 CURLE_HTTP_PORT_FAILED          -             7.12.0
 CURLE_HTTP_POST_ERROR           7.1
 CURLE_HTTP_RANGE_ERROR          7.1           7.17.0
+CURLE_HTTP_RETURNED_ERROR       7.10.3
 CURLE_INTERFACE_FAILED          7.12.0
 CURLE_LDAP_CANNOT_BIND          7.1
 CURLE_LDAP_INVALID_URL          7.10.8
 CURLE_LDAP_SEARCH_FAILED        7.1
 CURLE_LIBRARY_NOT_FOUND         7.1           7.17.0
+CURLE_LOGIN_DENIED              7.13.1
 CURLE_MALFORMAT_USER            7.1           7.17.0
 CURLE_OK                        7.1
 CURLE_OPERATION_TIMEDOUT        7.17.0
@@ -83,12 +95,16 @@ CURLE_READ_ERROR                7.1
 CURLE_RECV_ERROR                7.13.0
 CURLE_REMOTE_ACCESS_DENIED      7.17.0
 CURLE_REMOTE_DISK_FULL          7.17.0
+CURLE_REMOTE_FILE_EXISTS        7.17.0
+CURLE_REMOTE_FILE_NOT_FOUND     7.16.1
 CURLE_RTSP_CSEQ_ERROR           7.20.0
 CURLE_RTSP_SESSION_ERROR        7.20.0
 CURLE_SEND_ERROR                7.13.0
+CURLE_SEND_FAIL_REWIND          7.12.3
 CURLE_SHARE_IN_USE              -             7.17.0
 CURLE_SSH                       7.16.1
 CURLE_SSL_CACERT                7.10
+CURLE_SSL_CACERT_BADFILE        7.16.0
 CURLE_SSL_CERTPROBLEM           7.10
 CURLE_SSL_CIPHER                7.10
 CURLE_SSL_CONNECT_ERROR         7.1
@@ -104,20 +120,59 @@ CURLE_TFTP_DISKFULL             7.15.0        7.17.0
 CURLE_TFTP_EXISTS               7.15.0        7.17.0
 CURLE_TFTP_ILLEGAL              7.15.0
 CURLE_TFTP_NOSUCHUSER           7.15.0
+CURLE_TFTP_NOTFOUND             7.15.0
+CURLE_TFTP_PERM                 7.15.0
 CURLE_TFTP_UNKNOWNID            7.15.0
 CURLE_TOO_MANY_REDIRECTS        7.5
 CURLE_UNKNOWN_TELNET_OPTION     7.7
 CURLE_UNSUPPORTED_PROTOCOL      7.1
+CURLE_UPLOAD_FAILED             7.16.3
 CURLE_URL_MALFORMAT             7.1
 CURLE_URL_MALFORMAT_USER        7.1           7.17.0
 CURLE_USE_SSL_FAILED            7.17.0
 CURLE_WRITE_ERROR               7.1
+CURLFILETYPE_DEVICE_BLOCK       7.21.0
+CURLFILETYPE_DEVICE_CHAR        7.21.0
+CURLFILETYPE_DIRECTORY          7.21.0
+CURLFILETYPE_DOOR               7.21.0
+CURLFILETYPE_FILE               7.21.0
+CURLFILETYPE_NAMEDPIPE          7.21.0
+CURLFILETYPE_SOCKET             7.21.0
+CURLFILETYPE_SYMLINK            7.21.0
+CURLFILETYPE_UNKNOWN            7.21.0
+CURLFINFOFLAG_KNOWN_FILENAME    7.21.0
+CURLFINFOFLAG_KNOWN_FILETYPE    7.21.0
+CURLFINFOFLAG_KNOWN_GID         7.21.0
+CURLFINFOFLAG_KNOWN_HLINKCOUNT  7.21.0
+CURLFINFOFLAG_KNOWN_PERM        7.21.0
+CURLFINFOFLAG_KNOWN_SIZE        7.21.0
+CURLFINFOFLAG_KNOWN_TIME        7.21.0
+CURLFINFOFLAG_KNOWN_UID         7.21.0
+CURLFORM_ARRAY                  7.9.1
+CURLFORM_BUFFER                 7.9.8
+CURLFORM_BUFFERLENGTH           7.9.8
+CURLFORM_BUFFERPTR              7.9.8
+CURLFORM_CONTENTHEADER          7.9.3
+CURLFORM_CONTENTSLENGTH         7.9.1
+CURLFORM_CONTENTTYPE            7.9.1
+CURLFORM_COPYCONTENTS           7.9.1
+CURLFORM_COPYNAME               7.9.1
+CURLFORM_END                    7.9.1
+CURLFORM_FILE                   7.9.1
+CURLFORM_FILECONTENT            7.9.1
+CURLFORM_FILENAME               7.9.6
+CURLFORM_NAMELENGTH             7.9.1
+CURLFORM_NOTHING                7.9.1
+CURLFORM_PTRCONTENTS            7.9.1
+CURLFORM_PTRNAME                7.9.1
+CURLFORM_STREAM                 7.18.2
 CURLFTPAUTH_DEFAULT             7.12.2
 CURLFTPAUTH_DEFAULT             7.12.2
 CURLFTPAUTH_SSL                 7.12.2
 CURLFTPAUTH_SSL                 7.12.2
 CURLFTPAUTH_TLS                 7.12.2
 CURLFTPAUTH_TLS                 7.12.2
+CURLFTPMETHOD_DEFAULT           7.15.1
 CURLFTPMETHOD_MULTICWD          7.15.1
 CURLFTPMETHOD_NOCWD             7.15.1
 CURLFTPMETHOD_SINGLECWD         7.15.1
@@ -141,7 +196,9 @@ CURLINFO_CONTENT_TYPE           7.9.4
 CURLINFO_COOKIELIST             7.14.1
 CURLINFO_DATA_IN                7.9.6
 CURLINFO_DATA_OUT               7.9.6
+CURLINFO_DOUBLE                 7.4.1
 CURLINFO_EFFECTIVE_URL          7.3
+CURLINFO_END                    7.4.1
 CURLINFO_FILETIME               7.5
 CURLINFO_FTP_ENTRY_PATH         7.15.4
 CURLINFO_HEADER_IN              7.9.6
@@ -150,10 +207,14 @@ CURLINFO_HEADER_SIZE            7.4.1
 CURLINFO_HTTPAUTH_AVAIL         7.10.8
 CURLINFO_HTTP_CODE              7.4.1         7.10.8
 CURLINFO_HTTP_CONNECTCODE       7.10.7
+CURLINFO_LASTONE                7.4.1
 CURLINFO_LASTSOCKET             7.15.2
 CURLINFO_LOCAL_IP               7.21.0
 CURLINFO_LOCAL_PORT             7.21.0
+CURLINFO_LONG                   7.4.1
+CURLINFO_MASK                   7.4.1
 CURLINFO_NAMELOOKUP_TIME        7.4.1
+CURLINFO_NONE                   7.4.1
 CURLINFO_NUM_CONNECTS           7.12.3
 CURLINFO_OS_ERRNO               7.12.2
 CURLINFO_PRETRANSFER_TIME       7.4.1
@@ -167,23 +228,61 @@ CURLINFO_REDIRECT_TIME          7.9.7
 CURLINFO_REDIRECT_URL           7.18.2
 CURLINFO_REQUEST_SIZE           7.4.1
 CURLINFO_RESPONSE_CODE          7.10.8
+CURLINFO_RTSP_CLIENT_CSEQ       7.20.0
+CURLINFO_RTSP_CSEQ_RECV         7.20.0
+CURLINFO_RTSP_SERVER_CSEQ       7.20.0
+CURLINFO_RTSP_SESSION_ID        7.20.0
 CURLINFO_SIZE_DOWNLOAD          7.4.1
 CURLINFO_SIZE_UPLOAD            7.4.1
+CURLINFO_SLIST                  7.12.3
 CURLINFO_SPEED_DOWNLOAD         7.4.1
 CURLINFO_SPEED_UPLOAD           7.4.1
+CURLINFO_SSL_DATA_IN            7.12.1
+CURLINFO_SSL_DATA_OUT           7.12.1
 CURLINFO_SSL_ENGINES            7.12.3
 CURLINFO_SSL_VERIFYRESULT       7.5
 CURLINFO_STARTTRANSFER_TIME     7.9.2
+CURLINFO_STRING                 7.4.1
 CURLINFO_TEXT                   7.9.6
 CURLINFO_TOTAL_TIME             7.4.1
+CURLINFO_TYPEMASK               7.4.1
+CURLIOCMD_NOP                   7.12.3
+CURLIOCMD_RESTARTREAD           7.12.3
+CURLIOE_FAILRESTART             7.12.3
+CURLIOE_OK                      7.12.3
+CURLIOE_UNKNOWNCMD              7.12.3
+CURLKHMATCH_MISMATCH            7.19.6
+CURLKHMATCH_MISSING             7.19.6
+CURLKHMATCH_OK                  7.19.6
+CURLKHSTAT_DEFER                7.19.6
+CURLKHSTAT_FINE                 7.19.6
+CURLKHSTAT_FINE_ADD_TO_FILE     7.19.6
+CURLKHSTAT_REJECT               7.19.6
+CURLKHTYPE_DSS                  7.19.6
+CURLKHTYPE_RSA                  7.19.6
+CURLKHTYPE_RSA1                 7.19.6
+CURLKHTYPE_UNKNOWN              7.19.6
+CURLMOPT_MAXCONNECTS            7.16.3
+CURLMOPT_PIPELINING             7.16.0
+CURLMOPT_SOCKETDATA             7.15.4
+CURLMOPT_SOCKETFUNCTION         7.15.4
+CURLMOPT_TIMERDATA              7.16.0
+CURLMOPT_TIMERFUNCTION          7.16.0
 CURLMSG_DONE                    7.9.6
+CURLMSG_NONE                    7.9.6
 CURLM_BAD_EASY_HANDLE           7.9.6
 CURLM_BAD_HANDLE                7.9.6
+CURLM_BAD_SOCKET                7.15.4
 CURLM_CALL_MULTI_PERFORM        7.9.6
 CURLM_CALL_MULTI_SOCKET         7.15.5
 CURLM_INTERNAL_ERROR            7.9.6
 CURLM_OK                        7.9.6
 CURLM_OUT_OF_MEMORY             7.9.6
+CURLM_UNKNOWN_OPTION            7.15.4
+CURLOPTTYPE_FUNCTIONPOINT       7.1
+CURLOPTTYPE_LONG                7.1
+CURLOPTTYPE_OBJECTPOINT         7.1
+CURLOPTTYPE_OFF_T               7.11.0
 CURLOPT_ADDRESS_SCOPE           7.19.0
 CURLOPT_APPEND                  7.16.4
 CURLOPT_AUTOREFERER             7.1
@@ -268,7 +367,7 @@ CURLOPT_IOCTLDATA               7.12.3
 CURLOPT_IOCTLFUNCTION           7.12.3
 CURLOPT_IPRESOLVE               7.10.8
 CURLOPT_ISSUERCERT              7.19.0
-CURLOPT_KEYPASSWD               -             7.17.0
+CURLOPT_KEYPASSWD               7.17.0
 CURLOPT_KRB4LEVEL               7.3           7.17.0
 CURLOPT_KRBLEVEL                7.17.0
 CURLOPT_LOCALPORT               7.15.2
@@ -328,8 +427,10 @@ CURLOPT_READDATA                7.9.7
 CURLOPT_READFUNCTION            7.1
 CURLOPT_REDIR_PROTOCOLS         7.19.4
 CURLOPT_REFERER                 7.1
+CURLOPT_RESOLVE                 7.21.3
 CURLOPT_RESUME_FROM             7.1
 CURLOPT_RESUME_FROM_LARGE       7.11.0
+CURLOPT_RTSPHEADER              7.20.0
 CURLOPT_RTSP_CLIENT_CSEQ        7.20.0
 CURLOPT_RTSP_REQUEST            7.20.0
 CURLOPT_RTSP_SERVER_CSEQ        7.20.0
@@ -338,6 +439,7 @@ CURLOPT_RTSP_STREAM_URI         7.20.0
 CURLOPT_RTSP_TRANSPORT          7.20.0
 CURLOPT_SEEKDATA                7.18.1
 CURLOPT_SEEKFUNCTION            7.18.1
+CURLOPT_SERVER_RESPONSE_TIMEOUT 7.20.0
 CURLOPT_SHARE                   7.10
 CURLOPT_SOCKOPTDATA             7.16.0
 CURLOPT_SOCKOPTFUNCTION         7.16.0
@@ -353,6 +455,9 @@ CURLOPT_SOURCE_URL              7.13.0        -           7.15.4
 CURLOPT_SOURCE_USERPWD          7.12.1        -           7.15.4
 CURLOPT_SSH_AUTH_TYPES          7.16.1
 CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 7.17.1
+CURLOPT_SSH_KEYDATA             7.19.6
+CURLOPT_SSH_KEYFUNCTION         7.19.6
+CURLOPT_SSH_KNOWNHOSTS          7.19.6
 CURLOPT_SSH_PRIVATE_KEYFILE     7.16.1
 CURLOPT_SSH_PUBLIC_KEYFILE      7.16.1
 CURLOPT_SSLCERT                 7.1
@@ -374,11 +479,14 @@ CURLOPT_SSL_VERIFYPEER          7.4.2
 CURLOPT_STDERR                  7.1
 CURLOPT_TCP_NODELAY             7.11.2
 CURLOPT_TELNETOPTIONS           7.7
-CURLOPT_TFTPBLKSIZE             7.19.4
+CURLOPT_TFTP_BLKSIZE            7.19.4
 CURLOPT_TIMECONDITION           7.1
 CURLOPT_TIMEOUT                 7.1
 CURLOPT_TIMEOUT_MS              7.16.2
 CURLOPT_TIMEVALUE               7.1
+CURLOPT_TLSAUTH_PASSWORD        7.21.4
+CURLOPT_TLSAUTH_TYPE            7.21.4
+CURLOPT_TLSAUTH_USERNAME        7.21.4
 CURLOPT_TRANSFERTEXT            7.11.1
 CURLOPT_UNRESTRICTED_AUTH       7.10.4
 CURLOPT_UPLOAD                  7.1
@@ -392,11 +500,19 @@ CURLOPT_WILDCARDMATCH           7.21.0
 CURLOPT_WRITEDATA               7.9.7
 CURLOPT_WRITEFUNCTION           7.1
 CURLOPT_WRITEHEADER             7.1
+CURLOPT_WRITEINFO               7.1
+CURLPAUSE_ALL                   7.18.0
+CURLPAUSE_CONT                  7.18.0
+CURLPAUSE_RECV                  7.18.0
+CURLPAUSE_RECV_CONT             7.18.0
+CURLPAUSE_SEND                  7.18.0
+CURLPAUSE_SEND_CONT             7.18.0
 CURLPROTO_ALL                   7.19.4
 CURLPROTO_DICT                  7.19.4
 CURLPROTO_FILE                  7.19.4
 CURLPROTO_FTP                   7.19.4
 CURLPROTO_FTPS                  7.19.4
+CURLPROTO_GOPHER                7.21.2
 CURLPROTO_HTTP                  7.19.4
 CURLPROTO_HTTPS                 7.19.4
 CURLPROTO_IMAP                  7.20.0
@@ -424,6 +540,19 @@ CURLPROXY_SOCKS4                7.10
 CURLPROXY_SOCKS4A               7.18.0
 CURLPROXY_SOCKS5                7.10
 CURLPROXY_SOCKS5_HOSTNAME       7.18.0
+CURLSHE_BAD_OPTION              7.10.3
+CURLSHE_INVALID                 7.10.3
+CURLSHE_IN_USE                  7.10.3
+CURLSHE_NOMEM                   7.10.3
+CURLSHE_OK                      7.10.3
+CURLSHOPT_LOCKFUNC              7.10.3
+CURLSHOPT_NONE                  7.10.3
+CURLSHOPT_SHARE                 7.10.3
+CURLSHOPT_UNLOCKFUNC            7.10.3
+CURLSHOPT_UNSHARE               7.10.3
+CURLSHOPT_USERDATA              7.10.3
+CURLSOCKTYPE_IPCXN              7.15.6
+CURLSSH_AUTH_ANY                7.16.1
 CURLSSH_AUTH_DEFAULT            7.16.1
 CURLSSH_AUTH_HOST               7.16.1
 CURLSSH_AUTH_KEYBOARD           7.16.1
@@ -439,6 +568,7 @@ CURLUSESSL_NONE                 7.17.0
 CURLUSESSL_TRY                  7.17.0
 CURLUSESSL_TRY                  7.17.0
 CURLVERSION_FIRST               7.10
+CURLVERSION_FOURTH              7.16.1
 CURLVERSION_NOW                 7.10
 CURLVERSION_SECOND              7.11.1
 CURLVERSION_THIRD               7.12.0
@@ -447,21 +577,74 @@ CURL_CHUNK_BGN_FUNC_OK          7.21.0
 CURL_CHUNK_BGN_FUNC_SKIP        7.21.0
 CURL_CHUNK_END_FUNC_FAIL        7.21.0
 CURL_CHUNK_END_FUNC_OK          7.21.0
+CURL_CSELECT_ERR                7.16.3
+CURL_CSELECT_IN                 7.16.3
+CURL_CSELECT_OUT                7.16.3
+CURL_ERROR_SIZE                 7.1
 CURL_FNMATCHFUNC_FAIL           7.21.0
 CURL_FNMATCHFUNC_MATCH          7.21.0
 CURL_FNMATCHFUNC_NOMATCH        7.21.0
+CURL_FORMADD_DISABLED           7.12.1
+CURL_FORMADD_ILLEGAL_ARRAY      7.9.8
+CURL_FORMADD_INCOMPLETE         7.9.8
+CURL_FORMADD_MEMORY             7.9.8
+CURL_FORMADD_NULL               7.9.8
+CURL_FORMADD_OK                 7.9.8
+CURL_FORMADD_OPTION_TWICE       7.9.8
+CURL_FORMADD_UNKNOWN_OPTION     7.9.8
+CURL_GLOBAL_ALL                 7.8
+CURL_GLOBAL_DEFAULT             7.8
+CURL_GLOBAL_NOTHING             7.8
+CURL_GLOBAL_SSL                 7.8
+CURL_GLOBAL_WIN32               7.8.1
 CURL_HTTP_VERSION_1_0           7.9.1
 CURL_HTTP_VERSION_1_1           7.9.1
 CURL_HTTP_VERSION_NONE          7.9.1
 CURL_IPRESOLVE_V4               7.10.8
 CURL_IPRESOLVE_V6               7.10.8
 CURL_IPRESOLVE_WHATEVER         7.10.8
+CURL_LOCK_ACCESS_NONE           7.10.3
+CURL_LOCK_ACCESS_SHARED         7.10.3
+CURL_LOCK_ACCESS_SINGLE         7.10.3
+CURL_LOCK_DATA_CONNECT          7.10.3
+CURL_LOCK_DATA_COOKIE           7.10.3
+CURL_LOCK_DATA_DNS              7.10.3
+CURL_LOCK_DATA_NONE             7.10.3
+CURL_LOCK_DATA_SHARE            7.10.4
+CURL_LOCK_DATA_SSL_SESSION      7.10.3
+CURL_MAX_HTTP_HEADER            7.19.7
+CURL_MAX_WRITE_SIZE             7.9.7
 CURL_NETRC_IGNORED              7.9.8
 CURL_NETRC_OPTIONAL             7.9.8
 CURL_NETRC_REQUIRED             7.9.8
+CURL_POLL_IN                    7.14.0
+CURL_POLL_INOUT                 7.14.0
+CURL_POLL_NONE                  7.14.0
+CURL_POLL_OUT                   7.14.0
+CURL_POLL_REMOVE                7.14.0
+CURL_READFUNC_ABORT             7.12.1
+CURL_READFUNC_PAUSE             7.18.0
+CURL_REDIR_GET_ALL              7.19.1
+CURL_REDIR_POST_301             7.19.1
+CURL_REDIR_POST_302             7.19.1
+CURL_REDIR_POST_ALL             7.19.1
+CURL_RTSPREQ_ANNOUNCE           7.20.0
+CURL_RTSPREQ_DESCRIBE           7.20.0
+CURL_RTSPREQ_GET_PARAMETER      7.20.0
+CURL_RTSPREQ_NONE               7.20.0
+CURL_RTSPREQ_OPTIONS            7.20.0
+CURL_RTSPREQ_PAUSE              7.20.0
+CURL_RTSPREQ_PLAY               7.20.0
+CURL_RTSPREQ_RECEIVE            7.20.0
+CURL_RTSPREQ_RECORD             7.20.0
+CURL_RTSPREQ_SETUP              7.20.0
+CURL_RTSPREQ_SET_PARAMETER      7.20.0
+CURL_RTSPREQ_TEARDOWN           7.20.0
 CURL_SEEKFUNC_CANTSEEK          7.19.5
 CURL_SEEKFUNC_FAIL              7.19.5
 CURL_SEEKFUNC_OK                7.19.5
+CURL_SOCKET_BAD                 7.14.0
+CURL_SOCKET_TIMEOUT             7.14.0
 CURL_SSLVERSION_DEFAULT         7.9.2
 CURL_SSLVERSION_SSLv2           7.9.2
 CURL_SSLVERSION_SSLv3           7.9.2
@@ -469,6 +652,9 @@ CURL_SSLVERSION_TLSv1           7.9.2
 CURL_TIMECOND_IFMODSINCE        7.9.7
 CURL_TIMECOND_IFUNMODSINCE      7.9.7
 CURL_TIMECOND_LASTMOD           7.9.7
+CURL_TIMECOND_NONE              7.9.7
+CURL_TLSAUTH_NONE               7.21.4
+CURL_TLSAUTH_SRP                7.21.4
 CURL_VERSION_ASYNCHDNS          7.10.7
 CURL_VERSION_CONV               7.15.4
 CURL_VERSION_CURLDEBUG          7.19.6
@@ -483,3 +669,5 @@ CURL_VERSION_NTLM               7.10.6
 CURL_VERSION_SPNEGO             7.10.8
 CURL_VERSION_SSL                7.10
 CURL_VERSION_SSPI               7.13.2
+CURL_VERSION_TLSAUTH_SRP        7.21.4
+CURL_WRITEFUNC_PAUSE            7.18.0

include/curl/curl.h

@@ -585,6 +585,9 @@ typedef enum {
 #define CURLAUTH_GSSNEGOTIATE (1<<2)  /* GSS-Negotiate */
 #define CURLAUTH_NTLM         (1<<3)  /* NTLM */
 #define CURLAUTH_DIGEST_IE    (1<<4)  /* Digest with IE flavour */
+#define CURLAUTH_ONLY         (1<<31) /* used together with a single other
+                                         type to force no auth or just that
+                                         single type */
 #define CURLAUTH_ANY (~CURLAUTH_DIGEST_IE)  /* all fine types set */
 #define CURLAUTH_ANYSAFE (~(CURLAUTH_BASIC|CURLAUTH_DIGEST_IE))
 
@@ -1436,6 +1439,18 @@ typedef enum {
   /* FNMATCH_FUNCTION user pointer */
   CINIT(FNMATCH_DATA, OBJECTPOINT, 202),
 
+  /* send linked-list of name:port:address sets */
+  CINIT(RESOLVE, OBJECTPOINT, 203),
+
+  /* Set a username for authenticated TLS */
+  CINIT(TLSAUTH_USERNAME, OBJECTPOINT, 204),
+
+  /* Set a password for authenticated TLS */
+  CINIT(TLSAUTH_PASSWORD, OBJECTPOINT, 205),
+
+  /* Set authentication type for authenticated TLS */
+  CINIT(TLSAUTH_TYPE, OBJECTPOINT, 206),
+
   CURLOPT_LASTENTRY /* the last unused */
 } CURLoption;
 
@@ -1532,6 +1547,12 @@ enum {
   CURL_SSLVERSION_LAST /* never use, keep last */
 };
 
+enum CURL_TLSAUTH {
+  CURL_TLSAUTH_NONE,
+  CURL_TLSAUTH_SRP,
+  CURL_TLSAUTH_LAST /* never use, keep last */
+};
+
 /* symbols to use with CURLOPT_POSTREDIR.
    CURL_REDIR_POST_301 and CURL_REDIR_POST_302 can be bitwise ORed so that
    CURL_REDIR_POST_301 | CURL_REDIR_POST_302 == CURL_REDIR_POST_ALL */
@@ -2037,6 +2058,7 @@ typedef struct {
 #define CURL_VERSION_SSPI      (1<<11) /* SSPI is supported */
 #define CURL_VERSION_CONV      (1<<12) /* character conversions supported */
 #define CURL_VERSION_CURLDEBUG (1<<13) /* debug memory tracking supported */
+#define CURL_VERSION_TLSAUTH_SRP (1<<14) /* TLS-SRP auth is supported */
 
 /*
  * NAME curl_version_info()

include/curl/curlrules.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -216,14 +216,23 @@ typedef char
  * Macros for minimum-width signed and unsigned curl_off_t integer constants.
  */
 
-#ifdef CURL_ISOCPP
-#  define __CURL_OFF_T_C_HELPER2(Val,Suffix) Val ## Suffix
+#if defined(__BORLANDC__) && (__BORLANDC__ == 0x0551)
+#  define __CURL_OFF_T_C_HLPR2(x) x
+#  define __CURL_OFF_T_C_HLPR1(x) __CURL_OFF_T_C_HLPR2(x)
+#  define CURL_OFF_T_C(Val)  __CURL_OFF_T_C_HLPR1(Val) ## \
+                             __CURL_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_T)
+#  define CURL_OFF_TU_C(Val) __CURL_OFF_T_C_HLPR1(Val) ## \
+                             __CURL_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_TU)
 #else
-#  define __CURL_OFF_T_C_HELPER2(Val,Suffix) Val/**/Suffix
+#  ifdef CURL_ISOCPP
+#    define __CURL_OFF_T_C_HLPR2(Val,Suffix) Val ## Suffix
+#  else
+#    define __CURL_OFF_T_C_HLPR2(Val,Suffix) Val/**/Suffix
+#  endif
+#  define __CURL_OFF_T_C_HLPR1(Val,Suffix) __CURL_OFF_T_C_HLPR2(Val,Suffix)
+#  define CURL_OFF_T_C(Val)  __CURL_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_T)
+#  define CURL_OFF_TU_C(Val) __CURL_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_TU)
 #endif
-#define __CURL_OFF_T_C_HELPER1(Val,Suffix) __CURL_OFF_T_C_HELPER2(Val,Suffix)
-#define CURL_OFF_T_C(Val)  __CURL_OFF_T_C_HELPER1(Val,CURL_SUFFIX_CURL_OFF_T)
-#define CURL_OFF_TU_C(Val) __CURL_OFF_T_C_HELPER1(Val,CURL_SUFFIX_CURL_OFF_TU)
 
 /*
  * Get rid of macros private to this header file.

include/curl/curlver.h

@@ -30,13 +30,13 @@
 
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "7.21.2-DEV"
+#define LIBCURL_VERSION "7.21.4-DEV"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 7
 #define LIBCURL_VERSION_MINOR 21
-#define LIBCURL_VERSION_PATCH 2
+#define LIBCURL_VERSION_PATCH 4
 
 /* This is the numeric version of the libcurl version number, meant for easier
    parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
@@ -53,7 +53,7 @@
    and it is always a greater number in a more recent release. It makes
    comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x071502
+#define LIBCURL_VERSION_NUM 0x071504
 
 /*
  * This is the date and time when the full source package was created. The

lib/.gitignore

@@ -9,3 +9,4 @@ Makefile.vc9.dist
 libcurl.plist.dist
 libcurl.vcproj
 vc6libcurl.dsp
+Makefile.vc10.dist

lib/Makefile.Watcom

@@ -5,9 +5,6 @@
 
 !ifndef %watcom
 !error WATCOM environment variable not set!
-!else
-SYS_INCL = -I$(%watcom)\h\nt -I$(%watcom)\h
-SYS_LIBS = $(%watcom)\lib386\nt;$(%watcom)\lib386
 !endif
 
 !ifdef %libname
@@ -33,18 +30,30 @@ RC = wrc
 !  endif
 !endif
 
+!ifdef __LINUX__
+DS = /
+CP = cp
+MD = mkdir -p
+RD = rmdir -p
+RM = rm -f
+!else
+DS = $(X)\$(X)
+CP = copy 2>NUL
+MD = mkdir
+RD = rmdir /q /s 2>NUL
 !if $(__VERSION__) < 1250
 RM = del /q /f 2>NUL
 !else
 RM = rm -f
 !endif
-MD = mkdir
-RD = rmdir /q /s 2>NUL
-CP = copy
+!endif
+
+SYS_INCL = -I$(%watcom)$(DS)h$(DS)nt -I$(%watcom)$(DS)h
+SYS_LIBS = $(%watcom)$(DS)lib386$(DS)nt;$(%watcom)$(DS)lib386
 
 CFLAGS = -3r -mf -hc -zff -zgf -zq -zm -zc -s -fr=con -w2 -fpi -oilrtfm &
          -wcd=201 -bt=nt -d+ -dWIN32 -dCURL_WANTS_CA_BUNDLE_ENV         &
-         -dBUILDING_LIBCURL -dHAVE_SPNEGO=1 -I. -I..\include $(SYS_INCL)
+         -dBUILDING_LIBCURL -dHAVE_SPNEGO=1 -I. -I..$(DS)include $(SYS_INCL)
 
 !ifdef %debug
 DEBUG  = -dDEBUG=1 -dDEBUGBUILD
@@ -67,31 +76,31 @@ CFLAGS += -dUSE_WINDOWS_SSPI
 !ifdef %zlib_root
 ZLIB_ROOT = $(%zlib_root)
 !else
-ZLIB_ROOT = ..\..\zlib-1.2.5
+ZLIB_ROOT = ..$(DS)..$(DS)zlib-1.2.5
 !endif
 
 !ifdef %libssh2_root
 LIBSSH2_ROOT = $(%libssh2_root)
 !else
-LIBSSH2_ROOT = ..\..\libssh2-1.2.7
+LIBSSH2_ROOT = ..$(DS)..$(DS)libssh2-1.2.7
 !endif
 
 !ifdef %librtmp_root
 LIBRTMP_ROOT = $(%librtmp_root)
 !else
-LIBRTMP_ROOT = ..\..\librtmp-2.3
+LIBRTMP_ROOT = ..$(DS)..$(DS)rtmpdump-2.3
 !endif
 
 !ifdef %openssl_root
 OPENSSL_ROOT = $(%openssl_root)
 !else
-OPENSSL_ROOT = ..\..\openssl-0.9.8o
+OPENSSL_ROOT = ..$(DS)..$(DS)openssl-0.9.8r
 !endif
 
 !ifdef %ares_root
 ARES_ROOT = $(%ares_root)
 !else
-ARES_ROOT = ..\ares
+ARES_ROOT = ..$(DS)ares
 !endif
 
 !ifdef %use_zlib
@@ -103,11 +112,11 @@ CFLAGS += -dUSE_LIBRTMP -I$(LIBRTMP_ROOT)
 !endif
 
 !ifdef %use_ssh2
-CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H -I$(LIBSSH2_ROOT)\include -I$(LIBSSH2_ROOT)\win32
+CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H -I$(LIBSSH2_ROOT)$(DS)include -I$(LIBSSH2_ROOT)$(DS)win32
 !endif
 
 !ifdef %use_ssl
-CFLAGS += -wcd=138 -dUSE_OPENSSL -dUSE_SSLEAY -I$(OPENSSL_ROOT)\inc32
+CFLAGS += -wcd=138 -dUSE_OPENSSL -dUSE_SSLEAY -I$(OPENSSL_ROOT)$(DS)inc32
 !endif
 
 !ifdef %use_ares
@@ -115,12 +124,12 @@ CFLAGS += -dUSE_ARES -I$(ARES_ROOT)
 !endif
 
 !ifdef %use_watt32
-CFLAGS += -dUSE_WATT32 -I$(%watt_root)\inc
+CFLAGS += -dUSE_WATT32 -I$(%watt_root)$(DS)inc
 !endif
 
 OBJ_BASE = WC_Win32.obj
-LINK_ARG = $(OBJ_BASE)\dyn\wlink.arg
-LIB_ARG  = $(OBJ_BASE)\stat\wlib.arg
+LINK_ARG = $(OBJ_BASE)$(DS)dyn$(DS)wlink.arg
+LIB_ARG  = $(OBJ_BASE)$(DS)stat$(DS)wlib.arg
 
 # In order to process Makefile.inc wmake must be called with -u switch!
 !ifndef %MAKEFLAGS
@@ -130,19 +139,24 @@ LIB_ARG  = $(OBJ_BASE)\stat\wlib.arg
 !endif
 
 OBJS = $(CSOURCES:.c=.obj)
+!ifdef __LINUX__
+OBJS = $OBJ_DIR/$(OBJS: = $OBJ_DIR/)
+
+!else
 OBJS = $OBJ_DIR\$(OBJS: = $OBJ_DIR\)
+!endif
 
 #
 # Use $(OBJS) as a template to generate $(OBJS_STAT) and $(OBJS_DYN).
 #
-OBJ_DIR    = $(OBJ_BASE)\stat
+OBJ_DIR    = $(OBJ_BASE)$(DS)stat
 OBJS_STAT  = $+ $(OBJS) $-
 
-OBJ_DIR    = $(OBJ_BASE)\dyn
+OBJ_DIR    = $(OBJ_BASE)$(DS)dyn
 OBJS_DYN   = $+ $(OBJS) $-
 
-CURLBUILDH = ..\include\curl\curlbuild.h
-RESOURCE   = $(OBJ_BASE)\dyn\libcurl.res
+CURLBUILDH = ..$(DS)include$(DS)curl$(DS)curlbuild.h
+RESOURCE   = $(OBJ_BASE)$(DS)dyn$(DS)libcurl.res
 
 all: $(CURLBUILDH) $(OBJ_BASE) $(TARGETS) .SYMBOLIC
 	@echo Welcome to libcurl
@@ -154,14 +168,14 @@ clean: .SYMBOLIC
 
 vclean distclean: clean .SYMBOLIC
 	-$(RM) $(TARGETS) $(LIBNAME).map $(LIBNAME).sym
-	-$(RD) $(OBJ_BASE)\stat
-	-$(RD) $(OBJ_BASE)\dyn
+	-$(RD) $(OBJ_BASE)$(DS)stat
+	-$(RD) $(OBJ_BASE)$(DS)dyn
 	-$(RD) $(OBJ_BASE)
 
 $(OBJ_BASE):
 	-$(MD) $^@
-	-$(MD) $^@\stat
-	-$(MD) $^@\dyn
+	-$(MD) $^@$(DS)stat
+	-$(MD) $^@$(DS)dyn
 
 $(CURLBUILDH): .EXISTSONLY
 	$(CP) $^@.dist $^@
@@ -174,14 +188,14 @@ $(LIBNAME).lib: $(OBJS_STAT) $(LIB_ARG)
 
 .ERASE
 $(RESOURCE): libcurl.rc
-	$(RC) $(DEBUG) -q -r -zm -I..\include $(SYS_INCL) $[@ -fo=$^@
+	$(RC) $(DEBUG) -q -r -zm -bt=nt -I..$(DS)include $(SYS_INCL) $[@ -fo=$^@
 
 .ERASE
-.c{$(OBJ_BASE)\dyn}.obj:
+.c{$(OBJ_BASE)$(DS)dyn}.obj:
 	$(CC) $(CFLAGS) -bd -br $[@ -fo=$^@
 
 .ERASE
-.c{$(OBJ_BASE)\stat}.obj:
+.c{$(OBJ_BASE)$(DS)stat}.obj:
 	$(CC) $(CFLAGS) -DCURL_STATICLIB $[@ -fo=$^@
 
 $(LINK_ARG): $(__MAKEFILES__)
@@ -196,24 +210,24 @@ $(LINK_ARG): $(__MAKEFILES__)
 	@%append $^@ res=$(RESOURCE) libpath $(SYS_LIBS)
 	@%append $^@ library wldap32.lib
 !ifdef %use_watt32
-	@%append $^@ library $(%watt_root)\lib\wattcpw_imp.lib
+	@%append $^@ library $(%watt_root)$(DS)lib$(DS)wattcpw_imp.lib
 !else
 	@%append $^@ library ws2_32.lib
 !endif
 !ifdef %use_zlib
-	@%append $^@ library $(ZLIB_ROOT)\zlib.lib
+	@%append $^@ library $(ZLIB_ROOT)$(DS)zlib.lib
 !endif
 !ifdef %use_rtmp
-	@%append $^@ library $(LIBRTMP_ROOT)\librtmp\librtmp.lib
+	@%append $^@ library $(LIBRTMP_ROOT)$(DS)librtmp$(DS)librtmp.lib
 !endif
 !ifdef %use_ssh2
-	@%append $^@ library $(LIBSSH2_ROOT)\win32\libssh2.lib
+	@%append $^@ library $(LIBSSH2_ROOT)$(DS)win32$(DS)libssh2.lib
 !endif
 !ifdef %use_ssl
-	@%append $^@ library $(OPENSSL_ROOT)\out32\libeay32.lib, $(OPENSSL_ROOT)\out32\ssleay32.lib
+	@%append $^@ library $(OPENSSL_ROOT)$(DS)out32$(DS)libeay32.lib, $(OPENSSL_ROOT)$(DS)out32$(DS)ssleay32.lib
 !endif
 !ifdef %use_ares
-	@%append $^@ library $(ARES_ROOT)\cares.lib
+	@%append $^@ library $(ARES_ROOT)$(DS)cares.lib
 !endif
 
 $(LIB_ARG): $(__MAKEFILES__)

lib/Makefile.am

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -30,15 +30,15 @@ DOCS = README.encoding README.memoryleak README.ares README.curlx	\
 
 CMAKE_DIST = CMakeLists.txt curl_config.h.cmake
 
-EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 Makefile.riscos $(DSP) \
+EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 $(DSP)                 \
  vc6libcurl.dsw config-win32.h config-win32ce.h config-riscos.h            \
- config-mac.h curl_config.h.in makefile.dj config.dos libcurl.plist        \
+ config-mac.h curl_config.h.in makefile.dj config-dos.h libcurl.plist      \
  libcurl.rc config-amigaos.h amigaos.c amigaos.h makefile.amiga		   \
  Makefile.netware nwlib.c nwos.c libcurl.imp msvcproj.head msvcproj.foot   \
  config-win32ce.h config-os400.h setup-os400.h config-symbian.h		   \
  Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ) mk-ca-bundle.pl		   \
  mk-ca-bundle.vbs firefox-db2pem.sh $(CMAKE_DIST) config-vxworks.h	   \
- Makefile.vxworks
+ Makefile.vxworks config-vms.h
 
 CLEANFILES = $(DSP) $(VCPROJ)
 
@@ -46,7 +46,7 @@ lib_LTLIBRARIES = libcurl.la
 LIBCURL_LIBS = @LIBCURL_LIBS@
 
 # This might hold -Werror
-CFLAGS += @CURL_CFLAG_EXTRAS@
+libcurl_la_CFLAGS = $(CFLAGS) @CURL_CFLAG_EXTRAS@
 
 # Specify our include paths here, and do it relative to $(top_srcdir) and
 # $(top_builddir), to ensure that these paths which belong to the library
@@ -116,12 +116,23 @@ if MIMPURE
 MIMPURE = -mimpure-text
 endif
 
-libcurl_la_LDFLAGS = $(UNDEF) $(VERSIONINFO) $(MIMPURE) $(LIBCURL_LIBS)
+LINKFLAGS=$(UNDEF) $(MIMPURE) $(LIBCURL_LIBS)
+
+libcurl_la_LDFLAGS = $(LINKFLAGS) $(VERSIONINFO)
+
+# as unit testing will compile and link everything an extra time, we only
+# do it if debug is enabled
+if CURLDEBUG
+noinst_LTLIBRARIES = libcurlu.la
+libcurlu_la_CFLAGS = -DUNITTESTS
+libcurlu_la_LDFLAGS = -static $(LINKFLAGS)
+endif
 
 # Makefile.inc provides the CSOURCES and HHEADERS defines
 include Makefile.inc
 
 libcurl_la_SOURCES = $(CSOURCES) $(HHEADERS)
+libcurlu_la_SOURCES = $(CSOURCES) $(HHEADERS)
 
 WIN32SOURCES = $(CSOURCES)
 WIN32HEADERS = $(HHEADERS) config-win32.h

lib/Makefile.b32

@@ -6,19 +6,28 @@
 #
 #  'BCCDIR' has to be set up to point to the base directory
 #  of the compiler, i.e. SET BCCDIR = c:\Borland\BCC55
-#  where c:\Borland\BCC55 is the compiler is installed
 #
-#  Written by Jaepil Kim, pit@paradise.net.nz
+#  Initially written by Jaepil Kim, pit@paradise.net.nz
 ############################################################
 
+!if "$(__MAKE__)" == ""
+!error __MAKE__ not defined. Use Borlands's MAKE to process this makefile.
+!endif
+
+# Borland's $(MAKEDIR) expands to the path where make.exe is located,
+# use this feature to define BCCDIR when user has not defined BCCDIR.
+!ifndef BCCDIR
+BCCDIR = $(MAKEDIR)\..
+!endif
+
 # Edit the path below to point to the base of your Zlib sources.
 !ifndef ZLIB_PATH
-ZLIB_PATH = ../../zlib-1.2.1
+ZLIB_PATH = ..\..\zlib-1.2.5
 !endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 !ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.7d
+OPENSSL_PATH = ..\..\openssl-0.9.8q
 !endif
 
 # Set libcurl static lib, dll and import lib
@@ -27,55 +36,78 @@ LIBCURL_DLL    = libcurl.dll
 LIBCURL_IMPLIB = libcurl_imp.lib
 
 # Setup environment
-CXX      = bcc32
+PP_CMD   = cpp32 -q -P-
+CC_CMD   = bcc32 -q -c
 LD       = bcc32
-CP       = copy
-RM       = del
+RM       = del 2>NUL
+MKDIR    = mkdir
+RMDIR    = rmdir /s /q 2>NUL
 LIB      = tlib
 IMPLIB   = implib
 
-CXXFLAGS = -q -5 -O2 -w-aus -w-ccc -w-csu -w-par -w-pia -w-rch -w-inl -w-ngu -w-pro -tWM
+CC_FLAGS = -5 -O2 -tWM -w -w-aus -w-ccc -w-dup -w-prc -w-pro -w-rch -w-sig -w-spa -Dinline=__inline
 LIBFLAGS = /C /P32
 LDFLAGS  = -q -lq -laa -tWD
 
-INCDIRS  = -I.;../include
-LINKLIB  = $(BCCDIR)/lib/cw32mt.lib
+SRCDIR   = .
+OBJDIR   = .\objs
+INCDIRS  = -I.;..\include
+LINKLIB  = $(BCCDIR)\lib\cw32mt.lib
+DEFINES  = -DNDEBUG -DWIN32 -DBUILDING_LIBCURL
 
-# If you build with SSL support, set WITH_SSL=1
-DEFINES  = -DNDEBUG -DWIN32 -D_CONSOLE -D_MBCS -DBUILDING_LIBCURL
+# By default SSPI support is enabled for BCC
+!ifndef DISABLE_SSPI
+DEFINES  = $(DEFINES) -DUSE_WINDOWS_SSPI
+!endif
 
+# By default LDAP support is disabled for BCC
+!ifndef WITH_LDAP
+DEFINES  = $(DEFINES) -DCURL_DISABLE_LDAP
+!endif
+
+# ZLIB support is enabled setting WITH_ZLIB=1
 !ifdef WITH_ZLIB
 DEFINES  = $(DEFINES) -DHAVE_LIBZ -DHAVE_ZLIB_H
 INCDIRS  = $(INCDIRS);$(ZLIB_PATH)
-LINKLIB  = $(LINKLIB) $(ZLIB_PATH)/zlib.lib
+LINKLIB  = $(LINKLIB) $(ZLIB_PATH)\zlib.lib
 !endif
 
+# SSL support is enabled setting WITH_SSL=1
 !ifdef WITH_SSL
 DEFINES  = $(DEFINES) -DUSE_SSLEAY
-INCDIRS  = $(INCDIRS);$(OPENSSL_PATH)/inc32;$(OPENSSL_PATH)/inc32/openssl
-LINKLIB  = $(LINKLIB) $(OPENSSL_PATH)/out32/ssleay32.lib $(OPENSSL_PATH)/out32/libeay32.lib
+INCDIRS  = $(INCDIRS);$(OPENSSL_PATH)\inc32;$(OPENSSL_PATH)\inc32\openssl
+LINKLIB  = $(LINKLIB) $(OPENSSL_PATH)\out32\ssleay32.lib $(OPENSSL_PATH)\out32\libeay32.lib
 !endif
 
 .autodepend
 
+.path.c   = $(SRCDIR)
+.path.obj = $(OBJDIR)
+
 # Makefile.inc provides the CSOURCES and HHEADERS defines
 !include Makefile.inc
 
 OBJECTS = $(CSOURCES:.c=.obj)
 
 .c.obj:
-	$(CXX) -c $(INCDIRS) $(CXXFLAGS) $(DEFINES) $<
+	@-$(RM) $(@R).int
+	$(PP_CMD) $(CC_FLAGS) $(INCDIRS) $(DEFINES) -o$(@R).int $(<)
+	$(CC_CMD) $(CC_FLAGS) -o$(@) $(@R).int
 
-all:	$(LIBCURL_LIB) $(LIBCURL_DLL)
+all:	$(OBJDIR) $(LIBCURL_LIB) $(LIBCURL_DLL)
 
 clean:
-	-$(RM) $(LIBCURL_LIB)
-	-$(RM) $(LIBCURL_IMPLIB)
-	-$(RM) libcurl.tds
-	-$(RM) *.obj
+	@-$(RMDIR) $(OBJDIR)
+	@-$(RM) $(LIBCURL_LIB)
+	@-$(RM) $(LIBCURL_IMPLIB)
+	@-$(RM) libcurl.tds
+
+$(OBJDIR):
+	@-$(RMDIR) $(OBJDIR)
+	@-$(MKDIR) $(OBJDIR)
 
 $(LIBCURL_LIB): $(OBJECTS)
-	@-$(RM) $@
+	@-$(RM) $(LIBCURL_LIB)
 	$(LIB) $(LIBFLAGS) $@ @&&!
 +$(**: = &^
 +)
@@ -87,3 +119,5 @@ $(LIBCURL_DLL) $(LIBCURL_IMPLIB): $(OBJECTS) $(LINKLIB)
 	$(LD) $(LDFLAGS) -e$(LIBCURL_DLL) $**
 	$(IMPLIB) $(LIBCURL_IMPLIB) $(LIBCURL_DLL)
 
+
+# End of Makefile.b32

lib/Makefile.inc

@@ -21,7 +21,7 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c	\
   socks_gssapi.c socks_sspi.c curl_sspi.c slist.c nonblock.c		\
   curl_memrchr.c imap.c pop3.c smtp.c pingpong.c rtsp.c curl_threads.c	\
   warnless.c hmac.c polarssl.c curl_rtmp.c openldap.c curl_gethostname.c\
-  gopher.c
+  gopher.c axtls.c idn_win32.c http_negotiate_sspi.c
 
 HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h	\
   progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h	\
@@ -36,5 +36,5 @@ HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h	\
   curl_base64.h rawstr.h curl_addrinfo.h curl_sspi.h slist.h nonblock.h	\
   curl_memrchr.h imap.h pop3.h smtp.h pingpong.h rtsp.h curl_threads.h	\
   warnless.h curl_hmac.h polarssl.h curl_rtmp.h curl_gethostname.h      \
-  gopher.h
+  gopher.h axtls.h
 

lib/Makefile.m32

@@ -20,7 +20,7 @@ ZLIB_PATH = ../../zlib-1.2.5
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8o
+OPENSSL_PATH = ../../openssl-0.9.8r
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH

lib/Makefile.netware

@@ -19,7 +19,7 @@ endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8o
+OPENSSL_PATH = ../../openssl-0.9.8r
 endif
 
 # Edit the path below to point to the base of your LibSSH2 package.
@@ -27,6 +27,11 @@ ifndef LIBSSH2_PATH
 LIBSSH2_PATH = ../../libssh2-1.2.7
 endif
 
+# Edit the path below to point to the base of your axTLS package.
+ifndef AXTLS_PATH
+AXTLS_PATH = ../../axTLS-1.2.7
+endif
+
 # Edit the path below to point to the base of your libidn package.
 ifndef LIBIDN_PATH
 LIBIDN_PATH = ../../libidn-1.18
@@ -140,7 +145,11 @@ AR	= ar
 ARFLAGS	= -cq
 LIBEXT	= a
 RANLIB	= ranlib
-CFLAGS	+= -fno-builtin -fpcc-struct-return -fno-strict-aliasing
+CFLAGS  += -m32
+CFLAGS	+= -fno-builtin -fno-strict-aliasing
+ifeq ($(findstring gcc,$(CC)),gcc)
+CFLAGS	+= -fpcc-struct-return
+endif
 CFLAGS	+= -Wall # -pedantic
 ifeq ($(LIBARCH),LIBC)
 ifeq ($(POSIXFL),1)
@@ -195,6 +204,17 @@ ifdef WITH_SSL
 	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/crypto.$(LIBEXT)
 	IMPORTS += GetProcessSwitchCount RunningProcess
 	INSTDEP += ca-bundle.crt
+else
+ifdef WITH_AXTLS
+	INCLUDES += -I$(AXTLS_PATH)/inc
+ifdef LINK_STATIC
+	LDLIBS += $(AXTLS_PATH)/lib/libaxtls.$(LIBEXT)
+else
+	MODULES += libaxtls.nlm
+	IMPORTS += $(AXTLS_PATH)/lib/libaxtls.imp
+endif
+	INSTDEP += ca-bundle.crt
+endif
 endif
 ifdef WITH_ZLIB
 	INCLUDES += -I$(ZLIB_PATH)
@@ -424,6 +444,7 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
+	@echo $(DL)#define SIZEOF_SIZE_T 4$(DL) >> $@
 	@echo $(DL)#define pressanykey PressAnyKeyToContinue$(DL) >> $@
 else
 	@echo $(DL)#define OS "i586-pc-libc-NetWare"$(DL) >> $@
@@ -459,6 +480,7 @@ else
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
 	@echo $(DL)#define SIZEOF_OFF_T 8$(DL) >> $@
+	@echo $(DL)#define SIZEOF_SIZE_T 8$(DL) >> $@
 	@echo $(DL)#define _LARGEFILE 1$(DL) >> $@
 ifdef ENABLE_IPV6
 	@echo $(DL)#define ENABLE_IPV6 1$(DL) >> $@
@@ -561,6 +583,10 @@ ifdef WITH_SSL
 	@echo $(DL)#define HAVE_LIBSSL 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LIBCRYPTO 1$(DL) >> $@
 	@echo $(DL)#define OPENSSL_NO_KRB5 1$(DL) >> $@
+else
+ifdef WITH_AXTLS
+	@echo $(DL)#define USE_AXTLS 1$(DL) >> $@
+endif
 endif
 ifdef WITH_SSH2
 	@echo $(DL)#define USE_LIBSSH2 1$(DL) >> $@

lib/Makefile.riscos

@@ -1,232 +0,0 @@
-# Makefile for project libcurl
-
-# Project objects:
-objs =	o.base64 o.connect o.cookie o.dict \
-	o.dllinit o.easy o.escape o.file \
-	o.formdata o.ftp o.getenv o.gopher \
-	o.getinfo o.getpass o.hostip \
-	o.hostip4 o.hostsyn o.http \
-	o.http_chunks o.inet_ntop o.inet_pton o.if2ip o.krb4 o.ldap \
-	o.curl_fnmatch o.fileinfo o.ftplistparser o.wildcard \
-	o.memdebug o.mprintf o.netrc o.parsedate o.progress \
-	o.security o.select o.sendf o.speedcheck o.ssluse \
-	o.strequal o.strtok o.telnet o.timeval \
-	o.transfer o.url o.version o.strtoofft o.sslgen o.gtls \
-	o.rawstr o.curl_addrinfo o.slist o.nonblock o.curl_rand \
-	o.curl_memrchr o.imap o.pop3 o.smtp o.pingpong o.rtsp \
-	o.curl_threads o.warnless o.hmac o.md5 o.curl_rtmp \
-	o.openldap o.polarssl o.md4 o.curl_gethostname
-
-
-# Compile options:
-linkopts	= -o libcurl
-compileropts	= -mpoke-function-name -IUtilLib: -mthrowback
-
-# Project target:
-libcurl:		$(objs)
-		makealf $(linkopts) $(objs)
-
-# Static dependancies:
-o.base64:	c.base64
-		gcc $(compileropts) -c -o base64.o c.base64
-
-o.connect:	c.connect
-		gcc $(compileropts) -c -o connect.o c.connect
-
-o.cookie:	c.cookie
-		gcc $(compileropts) -c -o cookie.o c.cookie
-
-o.curl_addrinfo:	c.curl_addrinfo
-		gcc $(compileropts) -c -o curl_addrinfo.o c.curl_addrinfo
-
-o.curl_gethostname:	c.curl_gethostname
-		gcc $(compileropts) -c -o curl_gethostname.o c.curl_gethostname
-
-o.curl_memrchr:	c.curl_memrchr
-		gcc $(compileropts) -c -o curl_memrchr.o c.curl_memrchr
-
-o.curl_rand:	c.curl_rand
-		gcc $(compileropts) -c -o curl_rand.o c.curl_rand
-
-o.curl_rtmp:	c.curl_rtmp
-		gcc $(compileropts) -c -o curl_rtmp.o c.curl_rtmp
-
-o.curl_threads:	c.curl_threads
-		gcc $(compileropts) -c -o curl_threads.o c.curl_threads
-
-o.dict:	c.dict
-		gcc $(compileropts) -c -o dict.o c.dict
-
-o.dllinit:	c.dllinit
-		gcc $(compileropts) -c -o dllinit.o c.dllinit
-
-o.easy:	c.easy
-		gcc $(compileropts) -c -o easy.o c.easy
-
-o.escape:	c.escape
-		gcc $(compileropts) -c -o escape.o c.escape
-
-o.file:	c.file
-		gcc $(compileropts) -c -o file.o c.file
-
-o.formdata:	c.formdata
-		gcc $(compileropts) -c -o formdata.o c.formdata
-
-o.ftp:	c.ftp
-		gcc $(compileropts) -c -o ftp.o c.ftp
-
-o.getenv:	c.getenv
-		gcc $(compileropts) -c -o getenv.o c.getenv
-
-o.getinfo:	c.getinfo
-		gcc $(compileropts) -c -o getinfo.o c.getinfo
-
-o.getpass:	c.getpass
-		gcc $(compileropts) -c -o getpass.o c.getpass
-
-o.gopher:	c.gopher
-		gcc $(compileropts) -c -o gopher.o c.gopher
-
-o.hmac:		c.hmac
-		gcc $(compileropts) -c -o hmac.o c.hmac
-
-o.hostip:	c.hostip
-		gcc $(compileropts) -c -o hostip.o c.hostip
-
-o.hostip4:	c.hostip4
-		gcc $(compileropts) -c -o hostip4.o c.hostip4
-
-o.hostsyn:	c.hostsyn
-		gcc $(compileropts) -c -o hostsyn.o c.hostsyn
-
-o.http:	c.http
-		gcc $(compileropts) -c -o http.o c.http
-
-o.http_chunks:	c.http_chunks
-		gcc $(compileropts) -c -o http_chunks.o c.http_chunks
-
-o.if2ip:	c.if2ip
-		gcc $(compileropts) -c -o if2ip.o c.if2ip
-
-o.imap:		c.imap
-		gcc $(compileropts) -c -o imap.o c.imap
-
-o.inet_ntop:	c.inet_ntop
-		gcc $(compileropts) -c -o inet_ntop.o c.inet_ntop
-
-o.inet_pton:	c.inet_pton
-		gcc $(compileropts) -c -o inet_pton.o c.inet_pton
-
-o.krb4:	c.krb4
-		gcc $(compileropts) -c -o krb4.o c.krb4
-
-o.ldap:	c.ldap
-		gcc $(compileropts) -IOpenLDAP: -c -o ldap.o c.ldap
-
-o.md4:		c.md4
-		gcc $(compileropts) -c -o md4.o c.md4
-
-o.md5:		c.md5
-		gcc $(compileropts) -c -o md5.o c.md5
-
-o.memdebug:	c.memdebug
-		gcc $(compileropts) -c -o memdebug.o c.memdebug
-
-o.mprintf:	c.mprintf
-		gcc $(compileropts) -c -o mprintf.o c.mprintf
-
-o.netrc:	c.netrc
-		gcc $(compileropts) -c -o netrc.o c.netrc
-
-o.openldap:	c.openldap
-		gcc $(compileropts) -c -o openldap.o c.openldap
-
-o.parsedate:	c.parsedate
-		gcc $(compileropts) -c -o parsedate.o c.parsedate
-
-o.pingpong:	c.pingpong
-		gcc $(compileropts) -c -o pingpong.o c.pingpong
-
-o.polarssl:	c.polarssl
-		gcc $(compileropts) -c -o polarssl.o c.polarssl
-
-o.pop3:		c.pop3
-		gcc $(compileropts) -c -o pop3.o c.pop3
-
-o.progress:	c.progress
-		gcc $(compileropts) -c -o progress.o c.progress
-
-o.rtsp:		c.rtsp
-		gcc $(compileropts) -c -o rtsp.o c.rtsp
-
-o.security:	c.security
-		gcc $(compileropts) -c -o security.o c.security
-
-o.select:	c.select
-		gcc $(compileropts) -c -o select.o c.select
-
-o.sendf:	c.sendf
-		gcc $(compileropts) -c -o sendf.o c.sendf
-
-o.slist:	c.slist
-		gcc $(compileropts) -c -o slist.o c.slist
-
-o.smtp:		c.smtp
-		gcc $(compileropts) -c -o smtp.o c.smtp
-
-o.speedcheck:	c.speedcheck
-		gcc $(compileropts) -c -o speedcheck.o c.speedcheck
-
-o.gtls:		c.gtls
-		gcc $(compileropts) -c -o gtls.o c.gtls
-
-o.sslgen:	c.sslgen
-		gcc $(compileropts) -c -o sslgen.o c.sslgen
-
-o.ssluse:	c.ssluse
-		gcc $(compileropts) -c -o ssluse.o c.ssluse
-
-o.nonblock:	c.nonblock
-		gcc $(compileropts) -c -o nonblock.o c.nonblock
-
-o.rawstr:	c.rawstr
-		gcc $(compileropts) -c -o rawstr.o c.rawstr
-
-o.strequal:	c.strequal
-		gcc $(compileropts) -c -o strequal.o c.strequal
-
-o.strtok:	c.strtok
-		gcc $(compileropts) -c -o strtok.o c.strtok
-
-o.strtoofft:	c.strtoofft
-		gcc $(compileropts) -c -o strtoofft.o c.strtoofft
-
-o.telnet:	c.telnet
-		gcc $(compileropts) -c -o telnet.o c.telnet
-
-o.timeval:	c.timeval
-		gcc $(compileropts) -c -o timeval.o c.timeval
-
-o.transfer:	c.transfer
-		gcc $(compileropts) -c -o transfer.o c.transfer
-
-o.url:		c.url
-		gcc $(compileropts) -c -o url.o c.url
-
-o.version:	c.version
-		gcc $(compileropts) -c -o version.o c.version
-
-o.warnless:	c.warnless
-		gcc $(compileropts) -c -o warnless.o c.warnless
-
-o.curl_fnmatch:	c.curl_fnmatch
-		gcc $(compileropts) -c -o curl_fnmatch.o c.curl_fnmatch
-
-o.fileinfo:	c.fileinfo
-		gcc $(compileropts) -c -o fileinfo.o c.fileinfo
-
-o.ftplistparser:	c.ftplistparser
-		gcc $(compileropts) -c -o ftplistparser.o c.ftplistparser
-
-o.wildcard:	c.wildcard
-		gcc $(compileropts) -c -o wildcard.o c.wildcard

lib/Makefile.vc6

@@ -18,6 +18,8 @@
 # This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 # KIND, either express or implied.
 #
+#***************************************************************************
+
 ###########################################################################
 #
 # Makefile for building libcurl with MSVC6
@@ -41,20 +43,27 @@
 #
 ##############################################################
 
-#
-# Stem for static libs and DLLs
-#
-LIB_NAME       = libcurl
-LIB_NAME_DEBUG = libcurld
+# ----------------------------------------------
+# Verify that current subdir is libcurl's 'lib'
+# ----------------------------------------------
+
+!IF ! EXIST(.\curl_addrinfo.c)
+!  MESSAGE Can not process this makefile from outside of libcurl's 'lib' subdirectory.
+!  MESSAGE Change to libcurl's 'lib' subdirectory, and try again.
+!  ERROR   See previous message.
+!ENDIF
+
+# ------------------------------------------------
+# Makefile.msvc.names provides libcurl file names
+# ------------------------------------------------
+
+!INCLUDE ..\Makefile.msvc.names
+
+
 
-#
-# Stem for DLL import libs
-#
-IMPLIB_NAME       = libcurl_imp
-IMPLIB_NAME_DEBUG = libcurld_imp
 
 !IFNDEF OPENSSL_PATH
-OPENSSL_PATH   = ../../openssl-0.9.8o
+OPENSSL_PATH   = ../../openssl-0.9.8r
 !ENDIF
 
 !IFNDEF ZLIB_PATH
@@ -81,7 +90,7 @@ MACHINE  = X86
 
 !IFDEF WINDOWS_SSPI
 !IFNDEF WINDOWS_SDK_PATH
-WINDOWS_SDK_PATH = "C:\Program Files\Microsoft SDK"
+WINDOWS_SDK_PATH = "$(PROGRAMFILES)\Microsoft SDK"
 !ENDIF
 !ENDIF
 
@@ -129,42 +138,18 @@ RTLIBD = /MTd
 # release
 
 !IF "$(CFG)" == "release"
-TARGET = $(LIB_NAME).lib
+TARGET = $(LIBCURL_STA_LIB_REL)
 DIROBJ = $(CFG)
 LNK    = $(LNKLIB) /out:$(DIROBJ)\$(TARGET)
 CC     = $(CCNODBG) $(RTLIB) $(CFLAGSLIB)
 CFGSET = TRUE
 !ENDIF
 
-######################
-# release-zlib
-
-!IF "$(CFG)" == "release-zlib"
-TARGET   = $(LIB_NAME).lib
-DIROBJ   = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK      = $(LNKLIB) $(ZLIBLIBS) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
-CC       = $(CCNODBG) $(RTLIB) $(CFLAGSZLIB) $(CFLAGSLIB)
-CFGSET   = TRUE
-!ENDIF
-
-######################
-# release-dll
-
-!IF "$(CFG)" == "release-dll"
-TARGET = $(LIB_NAME).dll
-DIROBJ = $(CFG)
-LNK    = $(LNKDLL) $(WINLIBS) /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME).lib
-CC     = $(CCNODBG) $(RTLIB)
-CFGSET = TRUE
-RESOURCE = $(DIROBJ)\libcurl.res
-!ENDIF
-
 ######################
 # release-ssl
 
 !IF "$(CFG)" == "release-ssl"
-TARGET   = $(LIB_NAME).lib
+TARGET   = $(LIBCURL_STA_LIB_REL)
 DIROBJ   = $(CFG)
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
 LNK      = $(LNKLIB) $(LFLAGSSSL) /out:$(DIROBJ)\$(TARGET)
@@ -173,14 +158,14 @@ CFGSET   = TRUE
 !ENDIF
 
 ######################
-# release-ssl-dll
+# release-zlib
 
-!IF "$(CFG)" == "release-ssl-dll"
-TARGET   = $(LIB_NAME).lib
+!IF "$(CFG)" == "release-zlib"
+TARGET   = $(LIBCURL_STA_LIB_REL)
 DIROBJ   = $(CFG)
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK      = $(LNKLIB) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /out:$(DIROBJ)\$(TARGET)
-CC       = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSLIB)
+LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
+LNK      = $(LNKLIB) $(ZLIBLIBS) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
+CC       = $(CCNODBG) $(RTLIB) $(CFLAGSZLIB) $(CFLAGSLIB)
 CFGSET   = TRUE
 !ENDIF
 
@@ -188,7 +173,7 @@ CFGSET   = TRUE
 # release-ssl-zlib
 
 !IF "$(CFG)" == "release-ssl-zlib"
-TARGET   = $(LIB_NAME).lib
+TARGET   = $(LIBCURL_STA_LIB_REL)
 DIROBJ   = $(CFG)
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
@@ -198,23 +183,22 @@ CFGSET   = TRUE
 !ENDIF
 
 ######################
-# release-dll-ssl-dll
+# release-ssl-dll
 
-!IF "$(CFG)" == "release-dll-ssl-dll"
-TARGET   = $(LIB_NAME).dll
+!IF "$(CFG)" == "release-ssl-dll"
+TARGET   = $(LIBCURL_STA_LIB_REL)
 DIROBJ   = $(CFG)
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME).lib
-CC       = $(CCNODBG) $(RTLIB) $(CFLAGSSSL)
+LNK      = $(LNKLIB) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /out:$(DIROBJ)\$(TARGET)
+CC       = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSLIB)
 CFGSET   = TRUE
-RESOURCE = $(DIROBJ)\libcurl.res
 !ENDIF
 
 ######################
 # release-zlib-dll
 
 !IF "$(CFG)" == "release-zlib-dll"
-TARGET   = $(LIB_NAME).lib
+TARGET   = $(LIBCURL_STA_LIB_REL)
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
 LNK      = $(LNKLIB) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
@@ -226,7 +210,7 @@ CFGSET   = TRUE
 # release-ssl-dll-zlib-dll
 
 !IF "$(CFG)" == "release-ssl-dll-zlib-dll"
-TARGET   = $(LIB_NAME).lib
+TARGET   = $(LIBCURL_STA_LIB_REL)
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
@@ -235,14 +219,39 @@ CC       = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSZLIB) $(CFLAGSLIB)
 CFGSET   = TRUE
 !ENDIF
 
+######################
+# release-dll
+
+!IF "$(CFG)" == "release-dll"
+TARGET = $(LIBCURL_DYN_LIB_REL)
+DIROBJ = $(CFG)
+LNK    = $(LNKDLL) $(WINLIBS) /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_REL)
+CC     = $(CCNODBG) $(RTLIB)
+CFGSET = TRUE
+RESOURCE = $(DIROBJ)\libcurl.res
+!ENDIF
+
+######################
+# release-dll-ssl-dll
+
+!IF "$(CFG)" == "release-dll-ssl-dll"
+TARGET   = $(LIBCURL_DYN_LIB_REL)
+DIROBJ   = $(CFG)
+LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
+LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_REL)
+CC       = $(CCNODBG) $(RTLIB) $(CFLAGSSSL)
+CFGSET   = TRUE
+RESOURCE = $(DIROBJ)\libcurl.res
+!ENDIF
+
 ######################
 # release-dll-zlib-dll
 
 !IF "$(CFG)" == "release-dll-zlib-dll"
-TARGET   = $(LIB_NAME).dll
+TARGET   = $(LIBCURL_DYN_LIB_REL)
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK      = $(LNKDLL) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME).lib
+LNK      = $(LNKDLL) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_REL)
 CC       = $(CCNODBG) $(RTLIB) $(CFLAGSZLIB)
 CFGSET   = TRUE
 RESOURCE = $(DIROBJ)\libcurl.res
@@ -252,11 +261,11 @@ RESOURCE = $(DIROBJ)\libcurl.res
 # release-dll-ssl-dll-zlib-dll
 
 !IF "$(CFG)" == "release-dll-ssl-dll-zlib-dll"
-TARGET   = $(LIB_NAME).dll
+TARGET   = $(LIBCURL_DYN_LIB_REL)
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(ZLIBLIBSDLL) $(LFLAGSSSL) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME).lib
+LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(ZLIBLIBSDLL) $(LFLAGSSSL) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_REL)
 CC       = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSZLIB)
 CFGSET   = TRUE
 RESOURCE = $(DIROBJ)\libcurl.res
@@ -266,7 +275,7 @@ RESOURCE = $(DIROBJ)\libcurl.res
 # debug
 
 !IF "$(CFG)" == "debug"
-TARGET = $(LIB_NAME_DEBUG).lib
+TARGET = $(LIBCURL_STA_LIB_DBG)
 DIROBJ = $(CFG)
 LNK    = $(LNKLIB) /out:$(DIROBJ)\$(TARGET)
 CC     = $(CCDEBUG) $(RTLIBD) $(CFLAGSLIB)
@@ -277,7 +286,7 @@ CFGSET = TRUE
 # debug-ssl
 
 !IF "$(CFG)" == "debug-ssl"
-TARGET   = $(LIB_NAME_DEBUG).lib
+TARGET   = $(LIBCURL_STA_LIB_DBG)
 DIROBJ   = $(CFG)
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
 LNK      = $(LNKLIB) $(LFLAGSSSL) /out:$(DIROBJ)\$(TARGET)
@@ -289,7 +298,7 @@ CFGSET   = TRUE
 # debug-zlib
 
 !IF "$(CFG)" == "debug-zlib"
-TARGET   = $(LIB_NAME_DEBUG).lib
+TARGET   = $(LIBCURL_STA_LIB_DBG)
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
 LNK      = $(LNKLIB) $(ZLIBLIBS) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
@@ -297,23 +306,11 @@ CC       = $(CCDEBUG) $(RTLIBD) $(CFLAGSZLIB) $(CFLAGSLIB)
 CFGSET   = TRUE
 !ENDIF
 
-######################
-# debug-ssl-dll
-
-!IF "$(CFG)" == "debug-ssl-dll"
-TARGET   = $(LIB_NAME_DEBUG).lib
-DIROBJ   = $(CFG)
-LFLAGSSSL = /LIBPATH:$(OPENSSL_PATH)\out32dll
-LNK      = $(LNKLIB) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /out:$(DIROBJ)\$(TARGET)
-CC       = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSLIB)
-CFGSET   = TRUE
-!ENDIF
-
 ######################
 # debug-ssl-zlib
 
 !IF "$(CFG)" == "debug-ssl-zlib"
-TARGET   = $(LIB_NAME_DEBUG).lib
+TARGET   = $(LIBCURL_STA_LIB_DBG)
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
@@ -322,11 +319,23 @@ CC       = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSZLIB) $(CFLAGSLIB)
 CFGSET   = TRUE
 !ENDIF
 
+######################
+# debug-ssl-dll
+
+!IF "$(CFG)" == "debug-ssl-dll"
+TARGET   = $(LIBCURL_STA_LIB_DBG)
+DIROBJ   = $(CFG)
+LFLAGSSSL = /LIBPATH:$(OPENSSL_PATH)\out32dll
+LNK      = $(LNKLIB) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /out:$(DIROBJ)\$(TARGET)
+CC       = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSLIB)
+CFGSET   = TRUE
+!ENDIF
+
 ######################
 # debug-zlib-dll
 
 !IF "$(CFG)" == "debug-zlib-dll"
-TARGET   = $(LIB_NAME_DEBUG).lib
+TARGET   = $(LIBCURL_STA_LIB_DBG)
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
 LNK      = $(LNKLIB) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
@@ -338,7 +347,7 @@ CFGSET   = TRUE
 # debug-ssl-dll-zlib-dll
 
 !IF "$(CFG)" == "debug-ssl-dll-zlib-dll"
-TARGET   = $(LIB_NAME_DEBUG).lib
+TARGET   = $(LIBCURL_STA_LIB_DBG)
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
@@ -351,9 +360,9 @@ CFGSET   = TRUE
 # debug-dll
 
 !IF "$(CFG)" == "debug-dll"
-TARGET = $(LIB_NAME_DEBUG).dll
+TARGET = $(LIBCURL_DYN_LIB_DBG)
 DIROBJ = $(CFG)
-LNK    = $(LNKDLL) $(WINLIBS) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
+LNK    = $(LNKDLL) $(WINLIBS) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_DBG) /PDB:$(DIROBJ)\$(LIBCURL_DYN_LIB_PDB)
 CC     = $(CCDEBUG) $(RTLIBD) 
 CFGSET = TRUE
 RESOURCE = $(DIROBJ)\libcurl.res
@@ -363,10 +372,10 @@ RESOURCE = $(DIROBJ)\libcurl.res
 # debug-dll-ssl-dll
 
 !IF "$(CFG)" == "debug-dll-ssl-dll"
-TARGET   = $(LIB_NAME_DEBUG).dll
+TARGET   = $(LIBCURL_DYN_LIB_DBG)
 DIROBJ   = $(CFG)
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
+LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_DBG) /PDB:$(DIROBJ)\$(LIBCURL_DYN_LIB_PDB)
 CC       = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL)
 CFGSET   = TRUE
 RESOURCE = $(DIROBJ)\libcurl.res
@@ -376,10 +385,10 @@ RESOURCE = $(DIROBJ)\libcurl.res
 # debug-dll-zlib-dll
 
 !IF "$(CFG)" == "debug-dll-zlib-dll"
-TARGET   = $(LIB_NAME_DEBUG).dll
+TARGET   = $(LIBCURL_DYN_LIB_DBG)
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK      = $(LNKDLL) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
+LNK      = $(LNKDLL) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_DBG) /PDB:$(DIROBJ)\$(LIBCURL_DYN_LIB_PDB)
 CC       = $(CCDEBUG) $(RTLIBD) $(CFLAGSZLIB)
 CFGSET   = TRUE
 RESOURCE = $(DIROBJ)\libcurl.res
@@ -389,11 +398,11 @@ RESOURCE = $(DIROBJ)\libcurl.res
 # debug-dll-ssl-dll-zlib-dll
 
 !IF "$(CFG)" == "debug-dll-ssl-dll-zlib-dll"
-TARGET   = $(LIB_NAME_DEBUG).dll
+TARGET   = $(LIBCURL_DYN_LIB_DBG)
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(ZLIBLIBSDLL) $(LFLAGSSSL) $(LFLAGSZLIB) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
+LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(ZLIBLIBSDLL) $(LFLAGSSSL) $(LFLAGSZLIB) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_DBG) /PDB:$(DIROBJ)\$(LIBCURL_DYN_LIB_PDB)
 CC       = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSZLIB)
 CFGSET   = TRUE
 RESOURCE = $(DIROBJ)\libcurl.res
@@ -498,7 +507,7 @@ X_OBJS= \
 	$(DIROBJ)\mprintf.obj \
 	$(DIROBJ)\multi.obj \
 	$(DIROBJ)\netrc.obj \
-        $(DIROBJ)\nonblock.obj \
+	$(DIROBJ)\nonblock.obj \
 	$(DIROBJ)\openldap.obj \
 	$(DIROBJ)\parsedate.obj \
 	$(DIROBJ)\pingpong.obj \
@@ -538,14 +547,14 @@ all : $(TARGET)
 
 $(TARGET): $(X_OBJS)
 	$(LNK) $(LFLAGS) $(X_OBJS)
-	-xcopy $(DIROBJ)\$(LIB_NAME).dll       . /y
-	-xcopy $(DIROBJ)\$(LIB_NAME).lib       . /y
-	-xcopy $(DIROBJ)\$(LIB_NAME_DEBUG).dll . /y
-	-xcopy $(DIROBJ)\$(LIB_NAME_DEBUG).lib . /y
-	-xcopy $(DIROBJ)\$(IMPLIB_NAME).lib    . /y
-	-xcopy $(DIROBJ)\$(IMPLIB_NAME_DEBUG).lib . /y
-	-xcopy $(DIROBJ)\*.exp                 . /y
-	-xcopy $(DIROBJ)\*.pdb                 . /y
+	-xcopy $(DIROBJ)\$(LIBCURL_STA_LIB_REL) . /y
+	-xcopy $(DIROBJ)\$(LIBCURL_STA_LIB_DBG) . /y
+	-xcopy $(DIROBJ)\$(LIBCURL_DYN_LIB_REL) . /y
+	-xcopy $(DIROBJ)\$(LIBCURL_DYN_LIB_DBG) . /y
+	-xcopy $(DIROBJ)\$(LIBCURL_IMP_LIB_REL) . /y
+	-xcopy $(DIROBJ)\$(LIBCURL_IMP_LIB_DBG) . /y
+	-xcopy $(DIROBJ)\*.exp                  . /y
+	-xcopy $(DIROBJ)\*.pdb                  . /y
 
 $(X_OBJS): $(DIROBJ)
 

lib/axtls.c

@@ -0,0 +1,500 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 2010, DirecTV
+ * contact: Eric Hu <ehu@directv.com>
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+/*
+ * Source file for all axTLS-specific code for the TLS/SSL layer. No code
+ * but sslgen.c should ever call or use these functions.
+ */
+
+#include "setup.h"
+#ifdef USE_AXTLS
+#include <axTLS/ssl.h>
+#include "axtls.h"
+
+#include <string.h>
+#include <stdlib.h>
+#include <ctype.h>
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+
+#include "sendf.h"
+#include "inet_pton.h"
+#include "sslgen.h"
+#include "parsedate.h"
+#include "connect.h" /* for the connect timeout */
+#include "select.h"
+#define _MPRINTF_REPLACE /* use our functions only */
+#include <curl/mprintf.h>
+#include "curl_memory.h"
+/* The last #include file should be: */
+#include "memdebug.h"
+
+/* SSL_read is opied from axTLS compat layer */
+static int SSL_read(SSL *ssl, void *buf, int num)
+{
+  uint8_t *read_buf;
+  int ret;
+
+  while((ret = ssl_read(ssl, &read_buf)) == SSL_OK);
+
+  if(ret > SSL_OK){
+    memcpy(buf, read_buf, ret > num ? num : ret);
+  }
+
+  return ret;
+}
+
+/* Global axTLS init, called from Curl_ssl_init() */
+int Curl_axtls_init(void)
+{
+/* axTLS has no global init.  Everything is done through SSL and SSL_CTX
+ * structs stored in connectdata structure.  Perhaps can move to axtls.h.
+ */
+  return 1;
+}
+
+int Curl_axtls_cleanup(void)
+{
+  /* axTLS has no global cleanup.  Perhaps can move this to axtls.h. */
+  return 1;
+}
+
+static CURLcode map_error_to_curl(int axtls_err)
+{
+  switch (axtls_err)
+  {
+  case SSL_ERROR_NOT_SUPPORTED:
+  case SSL_ERROR_INVALID_VERSION:
+  case -70:                       /* protocol version alert from server */
+    return CURLE_UNSUPPORTED_PROTOCOL;
+    break;
+  case SSL_ERROR_NO_CIPHER:
+    return CURLE_SSL_CIPHER;
+    break;
+  case SSL_ERROR_BAD_CERTIFICATE: /* this may be bad server cert too */
+  case SSL_ERROR_NO_CERT_DEFINED:
+  case -42:                       /* bad certificate alert from server */
+  case -43:                       /* unsupported cert alert from server */
+  case -44:                       /* cert revoked alert from server */
+  case -45:                       /* cert expired alert from server */
+  case -46:                       /* cert unknown alert from server */
+    return CURLE_SSL_CERTPROBLEM;
+    break;
+  case SSL_X509_ERROR(X509_NOT_OK):
+  case SSL_X509_ERROR(X509_VFY_ERROR_NO_TRUSTED_CERT):
+  case SSL_X509_ERROR(X509_VFY_ERROR_BAD_SIGNATURE):
+  case SSL_X509_ERROR(X509_VFY_ERROR_NOT_YET_VALID):
+  case SSL_X509_ERROR(X509_VFY_ERROR_EXPIRED):
+  case SSL_X509_ERROR(X509_VFY_ERROR_SELF_SIGNED):
+  case SSL_X509_ERROR(X509_VFY_ERROR_INVALID_CHAIN):
+  case SSL_X509_ERROR(X509_VFY_ERROR_UNSUPPORTED_DIGEST):
+  case SSL_X509_ERROR(X509_INVALID_PRIV_KEY):
+    return CURLE_PEER_FAILED_VERIFICATION;
+    break;
+  case -48:                       /* unknown ca alert from server */
+    return CURLE_SSL_CACERT;
+    break;
+  case -49:                       /* access denied alert from server */
+    return CURLE_REMOTE_ACCESS_DENIED;
+    break;
+  case SSL_ERROR_CONN_LOST:
+  case SSL_ERROR_SOCK_SETUP_FAILURE:
+  case SSL_ERROR_INVALID_HANDSHAKE:
+  case SSL_ERROR_INVALID_PROT_MSG:
+  case SSL_ERROR_INVALID_HMAC:
+  case SSL_ERROR_INVALID_SESSION:
+  case SSL_ERROR_INVALID_KEY:     /* it's too bad this doesn't map better */
+  case SSL_ERROR_FINISHED_INVALID:
+  case SSL_ERROR_NO_CLIENT_RENOG:
+  default:
+    return CURLE_SSL_CONNECT_ERROR;
+    break;
+  }
+}
+
+static Curl_recv axtls_recv;
+static Curl_send axtls_send;
+
+/*
+ * This function is called after the TCP connect has completed. Setup the TLS
+ * layer and do all necessary magic.
+ */
+CURLcode
+Curl_axtls_connect(struct connectdata *conn,
+                  int sockindex)
+
+{
+  struct SessionHandle *data = conn->data;
+  SSL_CTX *ssl_ctx;
+  SSL *ssl;
+  int cert_types[] = {SSL_OBJ_X509_CERT, SSL_OBJ_PKCS12, 0};
+  int key_types[] = {SSL_OBJ_RSA_KEY, SSL_OBJ_PKCS8, SSL_OBJ_PKCS12, 0};
+  int i, ssl_fcn_return;
+  const uint8_t *ssl_sessionid;
+  size_t ssl_idsize;
+  const char *x509;
+
+  /* Assuming users will not compile in custom key/cert to axTLS */
+  uint32_t client_option = SSL_NO_DEFAULT_KEY|SSL_SERVER_VERIFY_LATER;
+
+  if(conn->ssl[sockindex].state == ssl_connection_complete)
+    /* to make us tolerant against being called more than once for the
+       same connection */
+    return CURLE_OK;
+
+  /* axTLS only supports TLSv1 */
+  /* check to see if we've been told to use an explicit SSL/TLS version */
+  switch(data->set.ssl.version) {
+  case CURL_SSLVERSION_DEFAULT:
+  case CURL_SSLVERSION_TLSv1:
+    break;
+  default:
+    failf(data, "axTLS only supports TLSv1");
+    return CURLE_SSL_CONNECT_ERROR;
+  }
+
+#ifdef  AXTLSDEBUG
+  client_option |= SSL_DISPLAY_STATES | SSL_DISPLAY_RSA | SSL_DISPLAY_CERTS;
+#endif /* AXTLSDEBUG */
+
+  /* Allocate an SSL_CTX struct */
+  ssl_ctx = ssl_ctx_new(client_option, SSL_DEFAULT_CLNT_SESS);
+  if(ssl_ctx == NULL) {
+    failf(data, "unable to create client SSL context");
+    return CURLE_SSL_CONNECT_ERROR;
+  }
+
+  /* Load the trusted CA cert bundle file */
+  if(data->set.ssl.CAfile) {
+    if(ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CACERT, data->set.ssl.CAfile, NULL)
+       != SSL_OK){
+      infof(data, "error reading ca cert file %s \n",
+            data->set.ssl.CAfile);
+      if(data->set.ssl.verifypeer){
+        Curl_axtls_close(conn, sockindex);
+        return CURLE_SSL_CACERT_BADFILE;
+      }
+    }
+    else
+      infof(data, "found certificates in %s\n", data->set.ssl.CAfile);
+  }
+
+  /* gtls.c tasks we're skipping for now:
+   * 1) certificate revocation list checking
+   * 2) dns name assignment to host
+   * 3) set protocol priority.  axTLS is TLSv1 only, so can probably ignore
+   * 4) set certificate priority.  axTLS ignores type and sends certs in
+   *  order added.  can probably ignore this.
+   */
+
+  /* Load client certificate */
+  if(data->set.str[STRING_CERT]){
+    i=0;
+    /* Instead of trying to analyze cert type here, let axTLS try them all. */
+    while(cert_types[i] != 0){
+      ssl_fcn_return = ssl_obj_load(ssl_ctx, cert_types[i],
+                                    data->set.str[STRING_CERT], NULL);
+      if(ssl_fcn_return == SSL_OK){
+        infof(data, "successfully read cert file %s \n",
+              data->set.str[STRING_CERT]);
+        break;
+      }
+      i++;
+    }
+    /* Tried all cert types, none worked. */
+    if(cert_types[i] == 0){
+      failf(data, "%s is not x509 or pkcs12 format",
+            data->set.str[STRING_CERT]);
+      Curl_axtls_close(conn, sockindex);
+      return CURLE_SSL_CERTPROBLEM;
+    }
+  }
+
+  /* Load client key.
+     If a pkcs12 file successfully loaded a cert, then there's nothing to do
+     because the key has already been loaded. */
+  if(data->set.str[STRING_KEY] && cert_types[i] != SSL_OBJ_PKCS12){
+    i=0;
+    /* Instead of trying to analyze key type here, let axTLS try them all. */
+    while(key_types[i] != 0){
+      ssl_fcn_return = ssl_obj_load(ssl_ctx, key_types[i],
+                                    data->set.str[STRING_KEY], NULL);
+      if(ssl_fcn_return == SSL_OK){
+        infof(data, "successfully read key file %s \n",
+              data->set.str[STRING_KEY]);
+        break;
+      }
+      i++;
+    }
+    /* Tried all key types, none worked. */
+    if(key_types[i] == 0){
+      failf(data, "Failure: %s is not a supported key file",
+            data->set.str[STRING_KEY]);
+      Curl_axtls_close(conn, sockindex);
+      return CURLE_SSL_CONNECT_ERROR;
+    }
+  }
+
+  /* gtls.c does more here that is being left out for now
+   * 1) set session credentials.  can probably ignore since axtls puts this
+   *    info in the ssl_ctx struct
+   * 2) setting up callbacks.  these seem gnutls specific
+   */
+
+  /* In axTLS, handshaking happens inside ssl_client_new. */
+  if(!Curl_ssl_getsessionid(conn, (void **) &ssl_sessionid, &ssl_idsize)) {
+    /* we got a session id, use it! */
+    infof (data, "SSL re-using session ID\n");
+    ssl = ssl_client_new(ssl_ctx, conn->sock[sockindex],
+                         ssl_sessionid, (uint8_t)ssl_idsize);
+  }
+  else
+    ssl = ssl_client_new(ssl_ctx, conn->sock[sockindex], NULL, 0);
+
+  /* Check to make sure handshake was ok. */
+  ssl_fcn_return = ssl_handshake_status(ssl);
+  if(ssl_fcn_return != SSL_OK){
+    Curl_axtls_close(conn, sockindex);
+    ssl_display_error(ssl_fcn_return); /* goes to stdout. */
+    return map_error_to_curl(ssl_fcn_return);
+  }
+  infof (data, "handshake completed successfully\n");
+
+  /* Here, gtls.c gets the peer certificates and fails out depending on
+   * settings in "data."  axTLS api doesn't have get cert chain fcn, so omit?
+   */
+
+  /* Verify server's certificate */
+  if(data->set.ssl.verifypeer){
+    if(ssl_verify_cert(ssl) != SSL_OK){
+      Curl_axtls_close(conn, sockindex);
+      failf(data, "server cert verify failed");
+      return CURLE_SSL_CONNECT_ERROR;
+    }
+  }
+  else
+    infof(data, "\t server certificate verification SKIPPED\n");
+
+  /* Here, gtls.c does issuer verfication. axTLS has no straightforward
+   * equivalent, so omitting for now.*/
+
+  /* See if common name was set in server certificate */
+  x509 = ssl_get_cert_dn(ssl, SSL_X509_CERT_COMMON_NAME);
+  if(x509 == NULL)
+    infof(data, "error fetching CN from cert\n");
+
+  /* Here, gtls.c does the following
+   * 1) x509 hostname checking per RFC2818.  axTLS doesn't support this, but
+   *    it seems useful.  Omitting for now.
+   * 2) checks cert validity based on time.  axTLS does this in ssl_verify_cert
+   * 3) displays a bunch of cert information.  axTLS doesn't support most of
+   *    this, but a couple fields are available.
+   */
+
+  /* General housekeeping */
+  conn->ssl[sockindex].state = ssl_connection_complete;
+  conn->ssl[sockindex].ssl = ssl;
+  conn->ssl[sockindex].ssl_ctx = ssl_ctx;
+  conn->recv[sockindex] = axtls_recv;
+  conn->send[sockindex] = axtls_send;
+
+  /* Put our freshly minted SSL session in cache */
+  ssl_idsize = ssl_get_session_id_size(ssl);
+  ssl_sessionid = ssl_get_session_id(ssl);
+  if(Curl_ssl_addsessionid(conn, (void *) ssl_sessionid, ssl_idsize)
+     != CURLE_OK)
+    infof (data, "failed to add session to cache\n");
+
+  return CURLE_OK;
+}
+
+
+/* return number of sent (non-SSL) bytes */
+static ssize_t axtls_send(struct connectdata *conn,
+                          int sockindex,
+                          const void *mem,
+                          size_t len,
+                          CURLcode *err)
+{
+  /* ssl_write() returns 'int' while write() and send() returns 'size_t' */
+  int rc = ssl_write(conn->ssl[sockindex].ssl, mem, (int)len);
+
+  infof(conn->data, "  axtls_send\n");
+
+  if(rc < 0 ) {
+    *err = map_error_to_curl(rc);
+    rc = -1; /* generic error code for send failure */
+  }
+
+  *err = CURLE_OK;
+  return rc;
+}
+
+void Curl_axtls_close_all(struct SessionHandle *data)
+{
+  (void)data;
+  infof(data, "  Curl_axtls_close_all\n");
+}
+
+void Curl_axtls_close(struct connectdata *conn, int sockindex)
+{
+  struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+
+  infof(conn->data, "  Curl_axtls_close\n");
+  if(connssl->ssl) {
+    /* line from ssluse.c: (void)SSL_shutdown(connssl->ssl);
+       axTLS compat layer does nothing for SSL_shutdown */
+
+    /* The following line is from ssluse.c.  There seems to be no axTLS
+       equivalent.  ssl_free and ssl_ctx_free close things.
+       SSL_set_connect_state(connssl->handle); */
+
+    ssl_free (connssl->ssl);
+    connssl->ssl = NULL;
+  }
+  if(connssl->ssl_ctx) {
+    ssl_ctx_free (connssl->ssl_ctx);
+    connssl->ssl_ctx = NULL;
+  }
+}
+
+/*
+ * This function is called to shut down the SSL layer but keep the
+ * socket open (CCC - Clear Command Channel)
+ */
+int Curl_axtls_shutdown(struct connectdata *conn, int sockindex)
+{
+  /* Outline taken from ssluse.c since functions are in axTLS compat layer.
+     axTLS's error set is much smaller, so a lot of error-handling was removed.
+   */
+  int retval = 0;
+  struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+  struct SessionHandle *data = conn->data;
+  char buf[120]; /* We will use this for the OpenSSL error buffer, so it has
+                    to be at least 120 bytes long. */
+  ssize_t nread;
+
+  infof(conn->data, "  Curl_axtls_shutdown\n");
+
+  /* This has only been tested on the proftpd server, and the mod_tls code
+     sends a close notify alert without waiting for a close notify alert in
+     response. Thus we wait for a close notify alert from the server, but
+     we do not send one. Let's hope other servers do the same... */
+
+  /* axTLS compat layer does nothing for SSL_shutdown, so we do nothing too
+  if(data->set.ftp_ccc == CURLFTPSSL_CCC_ACTIVE)
+      (void)SSL_shutdown(connssl->ssl);
+  */
+
+  if(connssl->ssl) {
+    int what = Curl_socket_ready(conn->sock[sockindex],
+                                 CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT);
+    if(what > 0) {
+      /* Something to read, let's do it and hope that it is the close
+         notify alert from the server */
+      nread = (ssize_t)SSL_read(conn->ssl[sockindex].ssl, buf,
+                                sizeof(buf));
+
+      if (nread < SSL_OK){
+        failf(data, "close notify alert not received during shutdown");
+        retval = -1;
+      }
+    }
+    else if(0 == what) {
+      /* timeout */
+      failf(data, "SSL shutdown timeout");
+    }
+    else {
+      /* anything that gets here is fatally bad */
+      failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
+      retval = -1;
+    }
+
+    ssl_free (connssl->ssl);
+    connssl->ssl = NULL;
+  }
+  return retval;
+}
+
+static ssize_t axtls_recv(struct connectdata *conn, /* connection data */
+                          int num,                  /* socketindex */
+                          char *buf,                /* store read data here */
+                          size_t buffersize,        /* max amount to read */
+                          CURLcode *err)
+{
+  struct ssl_connect_data *connssl = &conn->ssl[num];
+  ssize_t ret = 0;
+
+  infof(conn->data, "  axtls_recv\n");
+
+  if(connssl){
+    ret = (ssize_t)SSL_read(conn->ssl[num].ssl, buf, (int)buffersize);
+
+    /* axTLS isn't terribly generous about error reporting */
+    /* With patched axTLS, SSL_CLOSE_NOTIFY=-3.  Hard-coding until axTLS
+       team approves proposed fix. */
+    if(ret == -3 ){
+      Curl_axtls_close(conn, num);
+    }
+    else if(ret < 0) {
+      failf(conn->data, "axTLS recv error (%d)", (int)ret);
+      *err = map_error_to_curl(ret);
+      return -1;
+    }
+  }
+
+  *err = CURLE_OK;
+  return ret;
+}
+
+/*
+ * Return codes:
+ *     1 means the connection is still in place
+ *     0 means the connection has been closed
+ *    -1 means the connection status is unknown
+ */
+int Curl_axtls_check_cxn(struct connectdata *conn)
+{
+  /* ssluse.c line: rc = SSL_peek(conn->ssl[FIRSTSOCKET].ssl, (void*)&buf, 1);
+     axTLS compat layer always returns the last argument, so connection is
+     always alive? */
+
+  infof(conn->data, "  Curl_axtls_check_cxn\n");
+   return 1; /* connection still in place */
+}
+
+void Curl_axtls_session_free(void *ptr)
+{
+  (void)ptr;
+  /* free the ID */
+  /* both ssluse.c and gtls.c do something here, but axTLS's OpenSSL
+     compatibility layer does nothing, so we do nothing too. */
+}
+
+size_t Curl_axtls_version(char *buffer, size_t size)
+{
+  return snprintf(buffer, size, "axTLS/%s", ssl_version());
+}
+
+#endif /* USE_AXTLS */

lib/axtls.h

@@ -0,0 +1,62 @@
+#ifndef __AXTLS_H
+#define __AXTLS_H
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 2010, DirecTV
+ * contact: Eric Hu <ehu@directv.com>
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+#ifdef USE_AXTLS
+#include "curl/curl.h"
+#include "urldata.h"
+
+int Curl_axtls_init(void);
+int Curl_axtls_cleanup(void);
+CURLcode Curl_axtls_connect(struct connectdata *conn, int sockindex);
+
+/* tell axTLS to close down all open information regarding connections (and
+   thus session ID caching etc) */
+void Curl_axtls_close_all(struct SessionHandle *data);
+
+ /* close a SSL connection */
+void Curl_axtls_close(struct connectdata *conn, int sockindex);
+
+void Curl_axtls_session_free(void *ptr);
+size_t Curl_axtls_version(char *buffer, size_t size);
+int Curl_axtls_shutdown(struct connectdata *conn, int sockindex);
+int Curl_axtls_check_cxn(struct connectdata *conn);
+
+/* API setup for axTLS */
+#define curlssl_init Curl_axtls_init
+#define curlssl_cleanup Curl_axtls_cleanup
+#define curlssl_connect Curl_axtls_connect
+#define curlssl_session_free(x)  Curl_axtls_session_free(x)
+#define curlssl_close_all Curl_axtls_close_all
+#define curlssl_close Curl_axtls_close
+#define curlssl_shutdown(x,y) Curl_axtls_shutdown(x,y)
+#define curlssl_set_engine(x,y) (x=x, y=y, CURLE_FAILED_INIT)
+#define curlssl_set_engine_default(x) (x=x, CURLE_FAILED_INIT)
+#define curlssl_engines_list(x) (x=x, (struct curl_slist *)NULL)
+#define curlssl_version Curl_axtls_version
+#define curlssl_check_cxn(x) Curl_axtls_check_cxn(x)
+#define curlssl_data_pending(x,y) (x=x, y=y, 0)
+
+#endif /* USE_AXTLS */
+#endif

lib/config-amigaos.h

@@ -86,6 +86,7 @@
 
 #define SIZEOF_INT 4
 #define SIZEOF_SHORT 2
+#define SIZEOF_SIZE_T 4
 
 #define USE_OPENSSL 1
 #define USE_SSLEAY 1

lib/config-dos.h

@@ -3,7 +3,7 @@
 
 
 /* ================================================================ */
-/*        lib/config.dos - Hand crafted config file for DOS         */
+/*       lib/config-dos.h - Hand crafted config file for DOS        */
 /* ================================================================ */
 
 #if defined(DJGPP)
@@ -67,6 +67,7 @@
 #define SIZEOF_INT             4
 #define SIZEOF_LONG_DOUBLE     16
 #define SIZEOF_SHORT           2
+#define SIZEOF_SIZE_T          4
 #define STDC_HEADERS           1
 #define TIME_WITH_SYS_TIME     1
 

lib/config-mac.h

@@ -61,6 +61,7 @@
 
 #define SIZEOF_INT              4
 #define SIZEOF_SHORT            2
+#define SIZEOF_SIZE_T           4
 
 #define HAVE_GETNAMEINFO 1
 #define GETNAMEINFO_QUAL_ARG1 const

lib/config-os400.h

@@ -364,6 +364,9 @@
 /* The size of `short', as computed by sizeof. */
 #define SIZEOF_SHORT            2
 
+/* The size of `size_t', as computed by sizeof. */
+#define SIZEOF_SIZE_T           8
+
 /* Whether long long constants must be suffixed by LL. */
 
 #define HAVE_LL

lib/config-riscos.h

@@ -350,6 +350,9 @@
 /* The size of `short', as computed by sizeof. */
 #define SIZEOF_SHORT 2
 
+/* The size of `size_t', as computed by sizeof. */
+#define SIZEOF_SIZE_T 4
+
 /* Define if you have the ANSI C header files. */
 #undef STDC_HEADERS
 

lib/config-vms.h

@@ -41,6 +41,9 @@
 /* The size of `short', as computed by sizeof. */
 #define SIZEOF_SHORT 2
 
+/* The size of `size_t', as computed by sizeof. */
+#define SIZEOF_SIZE_T 4
+
 /* Define if you have the alarm function.  */
 #define HAVE_ALARM 1
 

lib/config-win32.h

@@ -345,12 +345,19 @@
 /* The size of `short', as computed by sizeof. */
 #define SIZEOF_SHORT 2
 
+/* The size of `size_t', as computed by sizeof. */
+#if defined(_WIN64)
+#  define SIZEOF_SIZE_T 8
+#else
+#  define SIZEOF_SIZE_T 4
+#endif
+
 /* ---------------------------------------------------------------- */
 /*                          STRUCT RELATED                          */
 /* ---------------------------------------------------------------- */
 
 /* Define this if you have struct sockaddr_storage */
-#ifndef __SALFORDC__
+#if !defined(__SALFORDC__) && !defined(__BORLANDC__)
 #define HAVE_STRUCT_SOCKADDR_STORAGE 1
 #endif
 

lib/config-win32ce.h

@@ -322,6 +322,13 @@
 /* The size of `short', as computed by sizeof. */
 #define SIZEOF_SHORT 2
 
+/* The size of `size_t', as computed by sizeof. */
+#if defined(_WIN64)
+#  define SIZEOF_SIZE_T 8
+#else
+#  define SIZEOF_SIZE_T 4
+#endif
+
 /* ---------------------------------------------------------------- */
 /*                          STRUCT RELATED                          */
 /* ---------------------------------------------------------------- */

lib/connect.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -124,15 +124,17 @@ singleipconnect(struct connectdata *conn,
  * transfer/connection. If the value is negative, the timeout time has already
  * elapsed.
  *
+ * The start time is stored in progress.t_startsingle - as set with
+ * Curl_pgrsTime(..., TIMER_STARTSINGLE);
+ *
  * If 'nowp' is non-NULL, it points to the current time.
  * 'duringconnect' is FALSE if not during a connect, as then of course the
  * connect timeout is not taken into account!
  */
-long Curl_timeleft(struct connectdata *conn,
+long Curl_timeleft(struct SessionHandle *data,
                    struct timeval *nowp,
                    bool duringconnect)
 {
-  struct SessionHandle *data = conn->data;
   int timeout_set = 0;
   long timeout_ms = duringconnect?DEFAULT_CONNECT_TIMEOUT:0;
   struct timeval now;
@@ -310,20 +312,20 @@ static CURLcode bindlocal(struct connectdata *conn,
        * of the connection. The resolve functions should really be changed
        * to take a type parameter instead.
        */
-      long ipver = data->set.ip_version;
+      long ipver = conn->ip_version;
       int rc;
 
       if (af == AF_INET)
-        data->set.ip_version = CURL_IPRESOLVE_V4;
+        conn->ip_version = CURL_IPRESOLVE_V4;
 #ifdef ENABLE_IPV6
       else if (af == AF_INET6)
-        data->set.ip_version = CURL_IPRESOLVE_V6;
+        conn->ip_version = CURL_IPRESOLVE_V6;
 #endif
 
       rc = Curl_resolv(conn, dev, 0, &h);
       if(rc == CURLRESOLV_PENDING)
         (void)Curl_wait_for_resolv(conn, &h);
-      data->set.ip_version = ipver;
+      conn->ip_version = ipver;
 
       if(h) {
         /* convert the resolved address, sizeof myhost >= INET_ADDRSTRLEN */
@@ -532,6 +534,16 @@ static CURLcode trynextip(struct connectdata *conn,
   return CURLE_COULDNT_CONNECT;
 }
 
+/* Copies connection info into the session handle to make it available
+   when the session handle is no longer associated with a connection. */
+void Curl_persistconninfo(struct connectdata *conn)
+{
+  memcpy(conn->data->info.conn_primary_ip, conn->primary_ip, MAX_IPADR_LEN);
+  memcpy(conn->data->info.conn_local_ip, conn->local_ip, MAX_IPADR_LEN);
+  conn->data->info.conn_primary_port = conn->primary_port;
+  conn->data->info.conn_local_port = conn->local_port;
+}
+
 /* retrieves ip address and port from a sockaddr structure */
 static bool getaddressinfo(struct sockaddr* sa, char* addr,
                            long* port)
@@ -541,31 +553,46 @@ static bool getaddressinfo(struct sockaddr* sa, char* addr,
 #ifdef ENABLE_IPV6
   struct sockaddr_in6* si6 = NULL;
 #endif
+#if defined(HAVE_SYS_UN_H) && defined(AF_UNIX)
+  struct sockaddr_un* su = NULL;
+#endif
 
   switch (sa->sa_family) {
     case AF_INET:
       si = (struct sockaddr_in*) sa;
       if(Curl_inet_ntop(sa->sa_family, &si->sin_addr,
-                        addr, MAX_IPADR_LEN) == NULL)
-        return FALSE;
-      us_port = ntohs(si->sin_port);
-      *port = us_port;
+                        addr, MAX_IPADR_LEN)) {
+        us_port = ntohs(si->sin_port);
+        *port = us_port;
+        return TRUE;
+      }
       break;
 #ifdef ENABLE_IPV6
     case AF_INET6:
       si6 = (struct sockaddr_in6*)sa;
       if(Curl_inet_ntop(sa->sa_family, &si6->sin6_addr,
-                        addr, MAX_IPADR_LEN) == NULL)
-        return FALSE;
-      us_port = ntohs(si6->sin6_port);
-      *port = us_port;
+                        addr, MAX_IPADR_LEN)) {
+        us_port = ntohs(si6->sin6_port);
+        *port = us_port;
+        return TRUE;
+      }
       break;
 #endif
-    default:
-      addr[0] = '\0';
+#if defined(HAVE_SYS_UN_H) && defined(AF_UNIX)
+    case AF_UNIX:
+      su = (struct sockaddr_un*)sa;
+      snprintf(addr, MAX_IPADR_LEN, "%s", su->sun_path);
       *port = 0;
+      return TRUE;
+#endif
+    default:
+      break;
   }
-  return TRUE;
+
+  addr[0] = '\0';
+  *port = 0;
+
+  return FALSE;
 }
 
 /* retrieves the start/end point information of a socket of an established
@@ -577,43 +604,45 @@ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd)
   struct Curl_sockaddr_storage ssrem;
   struct Curl_sockaddr_storage ssloc;
   struct SessionHandle *data = conn->data;
-  struct PureInfo *info = &conn->data->info;
 
-  if(conn->bits.reuse)
-    /* reusing same connection */
-    return;
+  if(!conn->bits.reuse) {
+
+    len = sizeof(struct Curl_sockaddr_storage);
+    if(getpeername(sockfd, (struct sockaddr*) &ssrem, &len)) {
+      error = SOCKERRNO;
+      failf(data, "getpeername() failed with errno %d: %s",
+            error, Curl_strerror(conn, error));
+      return;
+    }
+
+    len = sizeof(struct Curl_sockaddr_storage);
+    if(getsockname(sockfd, (struct sockaddr*) &ssloc, &len)) {
+      error = SOCKERRNO;
+      failf(data, "getsockname() failed with errno %d: %s",
+            error, Curl_strerror(conn, error));
+      return;
+    }
+
+    if(!getaddressinfo((struct sockaddr*)&ssrem,
+                        conn->primary_ip, &conn->primary_port)) {
+      error = ERRNO;
+      failf(data, "ssrem inet_ntop() failed with errno %d: %s",
+            error, Curl_strerror(conn, error));
+      return;
+    }
+
+    if(!getaddressinfo((struct sockaddr*)&ssloc,
+                       conn->local_ip, &conn->local_port)) {
+      error = ERRNO;
+      failf(data, "ssloc inet_ntop() failed with errno %d: %s",
+            error, Curl_strerror(conn, error));
+      return;
+    }
 
-  len = sizeof(struct Curl_sockaddr_storage);
-  if(getpeername(sockfd, (struct sockaddr*) &ssrem, &len)) {
-    error = SOCKERRNO;
-    failf(data, "getpeername() failed with errno %d: %s",
-          error, Curl_strerror(conn, error));
-    return;
   }
 
-  len = sizeof(struct Curl_sockaddr_storage);
-  if(getsockname(sockfd, (struct sockaddr*) &ssloc, &len)) {
-    error = SOCKERRNO;
-    failf(data, "getsockname() failed with errno %d: %s",
-          error, Curl_strerror(conn, error));
-    return;
-  }
-
-  if(!getaddressinfo((struct sockaddr*)&ssrem,
-                      info->ip, &info->port)) {
-    error = ERRNO;
-    failf(data, "ssrem inet_ntop() failed with errno %d: %s",
-          error, Curl_strerror(conn, error));
-    return;
-  }
-
-  if(!getaddressinfo((struct sockaddr*)&ssloc,
-                     info->localip, &info->localport)) {
-    error = ERRNO;
-    failf(data, "ssloc inet_ntop() failed with errno %d: %s",
-          error, Curl_strerror(conn, error));
-    return;
-  }
+  /* persist connection info in session handle */
+  Curl_persistconninfo(conn);
 }
 
 /*
@@ -631,6 +660,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
   curl_socket_t sockfd = conn->sock[sockindex];
   long allow = DEFAULT_CONNECT_TIMEOUT;
   int error = 0;
+  struct timeval now;
 
   DEBUGASSERT(sockindex >= FIRSTSOCKET && sockindex <= SECONDARYSOCKET);
 
@@ -642,8 +672,10 @@ CURLcode Curl_is_connected(struct connectdata *conn,
     return CURLE_OK;
   }
 
+  now = Curl_tvnow();
+
   /* figure out how long time we have left to connect */
-  allow = Curl_timeleft(conn, NULL, TRUE);
+  allow = Curl_timeleft(data, &now, TRUE);
 
   if(allow < 0) {
     /* time-out, bail out, go home */
@@ -653,9 +685,16 @@ CURLcode Curl_is_connected(struct connectdata *conn,
 
   /* check for connect without timeout as we want to return immediately */
   rc = waitconnect(conn, sockfd, 0);
-  if(WAITCONN_TIMEOUT == rc)
+  if(WAITCONN_TIMEOUT == rc) {
+    if(curlx_tvdiff(now, conn->connecttime) >= conn->timeoutms_per_addr) {
+      infof(data, "After %ldms connect time, move on!\n",
+            conn->timeoutms_per_addr);
+      goto next;
+    }
+
     /* not an error, but also no connection yet */
     return code;
+  }
 
   if(WAITCONN_CONNECTED == rc) {
     if(verifyconnect(sockfd, &error)) {
@@ -688,6 +727,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
     data->state.os_errno = error;
     SET_SOCKERRNO(error);
   }
+  next:
 
   code = trynextip(conn, sockindex, connected);
 
@@ -795,16 +835,13 @@ singleipconnect(struct connectdata *conn,
                 bool *connected)
 {
   struct Curl_sockaddr_ex addr;
-  char addr_buf[128];
   int rc;
   int error;
   bool isconnected;
   struct SessionHandle *data = conn->data;
   curl_socket_t sockfd;
   CURLcode res = CURLE_OK;
-  const void *iptoprint;
-  struct sockaddr_in * const sa4 = (void *)&addr.sa_addr;
-#ifdef ENABLE_IPV6
+#if defined(ENABLE_IPV6) && defined(HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID)
   struct sockaddr_in6 * const sa6 = (void *)&addr.sa_addr;
 #endif
 
@@ -820,7 +857,7 @@ singleipconnect(struct connectdata *conn,
 
   addr.family = ai->ai_family;
   addr.socktype = conn->socktype;
-  addr.protocol = ai->ai_protocol;
+  addr.protocol = conn->socktype==SOCK_DGRAM?IPPROTO_UDP:ai->ai_protocol;
   addr.addrlen = ai->ai_addrlen;
 
   if(addr.addrlen > sizeof(struct Curl_sockaddr_storage))
@@ -855,37 +892,25 @@ singleipconnect(struct connectdata *conn,
     sa6->sin6_scope_id = conn->scope;
 #endif
 
-  /* FIXME: do we have Curl_printable_address-like with struct sockaddr* as
-     argument? */
-#if defined(HAVE_SYS_UN_H) && defined(AF_UNIX)
-  if(addr.family == AF_UNIX) {
-    infof(data, "  Trying %s... ",
-          ((const struct sockaddr_un*)(&addr.sa_addr))->sun_path);
-    snprintf(data->info.ip, MAX_IPADR_LEN, "%s",
-             ((const struct sockaddr_un*)(&addr.sa_addr))->sun_path);
-    strcpy(conn->ip_addr_str, data->info.ip);
+  /* store remote address and port used in this connection attempt */
+  if(!getaddressinfo((struct sockaddr*)&addr.sa_addr,
+                     conn->primary_ip, &conn->primary_port)) {
+    /* malformed address or bug in inet_ntop, try next address */
+    error = ERRNO;
+    failf(data, "sa_addr inet_ntop() failed with errno %d: %s",
+          error, Curl_strerror(conn, error));
+    sclose(sockfd);
+    return CURLE_OK;
   }
-  else
-#endif
-  {
-#ifdef ENABLE_IPV6
-    if(addr.family == AF_INET6) {
-      iptoprint = &sa6->sin6_addr;
-      conn->bits.ipv6 = TRUE;
-    }
-    else
-#endif
-    {
-      iptoprint = &sa4->sin_addr;
-    }
+  memcpy(conn->ip_addr_str, conn->primary_ip, MAX_IPADR_LEN);
+  infof(data, "  Trying %s... ", conn->ip_addr_str);
 
-    if(Curl_inet_ntop(addr.family, iptoprint, addr_buf,
-                      sizeof(addr_buf)) != NULL) {
-      infof(data, "  Trying %s... ", addr_buf);
-      snprintf(data->info.ip, MAX_IPADR_LEN, "%s", addr_buf);
-      strcpy(conn->ip_addr_str, data->info.ip);
-    }
-  }
+  Curl_persistconninfo(conn);
+
+#ifdef ENABLE_IPV6
+  if(addr.family == AF_INET6)
+    conn->bits.ipv6 = TRUE;
+#endif
 
   if(data->set.tcp_nodelay)
     tcpnodelay(conn, sockfd);
@@ -901,7 +926,7 @@ singleipconnect(struct connectdata *conn,
                                CURLSOCKTYPE_IPCXN);
     if(error) {
       sclose(sockfd); /* close the socket and bail out */
-      return res;
+      return CURLE_ABORTED_BY_CALLBACK;
     }
   }
 
@@ -916,8 +941,12 @@ singleipconnect(struct connectdata *conn,
   curlx_nonblock(sockfd, TRUE);
 
   /* Connect TCP sockets, bind UDP */
-  if(conn->socktype == SOCK_STREAM)
+  if(conn->socktype == SOCK_STREAM) {
     rc = connect(sockfd, &addr.sa_addr, addr.addrlen);
+    conn->connecttime = Curl_tvnow();
+    if(conn->num_addr > 1)
+      Curl_expire(data, conn->timeoutms_per_addr);
+  }
   else
     rc = 0;
 
@@ -945,7 +974,7 @@ singleipconnect(struct connectdata *conn,
     default:
       /* unknown error, fallthrough and try another address! */
       failf(data, "Failed to connect to %s: %s",
-            addr_buf, Curl_strerror(conn,error));
+            conn->ip_addr_str, Curl_strerror(conn,error));
       data->state.os_errno = error;
       break;
     }
@@ -998,7 +1027,6 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
   struct SessionHandle *data = conn->data;
   curl_socket_t sockfd = CURL_SOCKET_BAD;
   int aliasindex;
-  int num_addr;
   Curl_addrinfo *ai;
   Curl_addrinfo *curr_addr;
 
@@ -1009,13 +1037,12 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
    * Figure out what maximum time we have left
    *************************************************************/
   long timeout_ms;
-  long timeout_per_addr;
 
   DEBUGASSERT(sockconn);
   *connected = FALSE; /* default to not connected */
 
   /* get the timeout left */
-  timeout_ms = Curl_timeleft(conn, &before, TRUE);
+  timeout_ms = Curl_timeleft(data, &before, TRUE);
 
   if(timeout_ms < 0) {
     /* a precaution, no need to continue if time already is up */
@@ -1024,8 +1051,8 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
   }
 
   /* Max time for each address */
-  num_addr = Curl_num_addresses(remotehost->addr);
-  timeout_per_addr = timeout_ms / num_addr;
+  conn->num_addr = Curl_num_addresses(remotehost->addr);
+  conn->timeoutms_per_addr = timeout_ms / conn->num_addr;
 
   ai = remotehost->addr;
 
@@ -1033,10 +1060,6 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
    * know for the given host. One by one until one IP succeeds.
    */
 
-  if(data->state.used_interface == Curl_if_multi)
-    /* don't hang when doing multi */
-    timeout_per_addr = 0;
-
   /*
    * Connecting with a Curl_addrinfo chain
    */
@@ -1045,7 +1068,10 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
 
     /* start connecting to the IP curr_addr points to */
     CURLcode res =
-      singleipconnect(conn, curr_addr, timeout_per_addr, &sockfd, connected);
+      singleipconnect(conn, curr_addr,
+                      /* don't hang when doing multi */
+                      (data->state.used_interface == Curl_if_multi)?0:
+                      conn->timeoutms_per_addr, &sockfd, connected);
 
     if(res)
       return res;

lib/connect.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -37,7 +37,7 @@ CURLcode Curl_connecthost(struct connectdata *conn,
 
 /* generic function that returns how much time there's left to run, according
    to the timeouts set */
-long Curl_timeleft(struct connectdata *conn,
+long Curl_timeleft(struct SessionHandle *data,
                    struct timeval *nowp,
                    bool duringconnect);
 
@@ -69,4 +69,6 @@ void Curl_sndbufset(curl_socket_t sockfd);
 
 void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd);
 
+void Curl_persistconninfo(struct connectdata *conn);
+
 #endif

lib/cookie.c

@@ -270,6 +270,7 @@ Curl_cookie_add(struct SessionHandle *data,
                we don't care about that, we treat the names the same anyway */
 
             const char *domptr=whatptr;
+            const char *nextptr;
             int dotcount=1;
 
             /* Count the dots, we need to make sure that there are enough
@@ -280,12 +281,13 @@ Curl_cookie_add(struct SessionHandle *data,
               domptr++;
 
             do {
-              domptr = strchr(domptr, '.');
-              if(domptr) {
-                domptr++;
-                dotcount++;
+              nextptr = strchr(domptr, '.');
+              if(nextptr) {
+                if(domptr != nextptr)
+                  dotcount++;
+                domptr = nextptr+1;
               }
-            } while(domptr);
+            } while(nextptr);
 
             /* The original Netscape cookie spec defined that this domain name
                MUST have three dots (or two if one of the seven holy TLDs),
@@ -353,8 +355,8 @@ Curl_cookie_add(struct SessionHandle *data,
               break;
             }
             co->expires =
-              atoi((*co->maxage=='\"')?&co->maxage[1]:&co->maxage[0]) +
-              (long)now;
+              strtol((*co->maxage=='\"')?&co->maxage[1]:&co->maxage[0],NULL,10)
+                + (long)now;
           }
           else if(Curl_raw_equal("expires", name)) {
             strstore(&co->expirestr, whatptr);

lib/curl_addrinfo.c

@@ -49,6 +49,7 @@
 #endif
 
 #include "curl_addrinfo.h"
+#include "inet_pton.h"
 
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -117,12 +118,12 @@ Curl_getaddrinfo_ex(const char *nodename,
                     const struct addrinfo *hints,
                     Curl_addrinfo **result)
 {
-  const struct addrinfo *ainext;
   const struct addrinfo *ai;
   struct addrinfo *aihead;
   Curl_addrinfo *cafirst = NULL;
   Curl_addrinfo *calast = NULL;
   Curl_addrinfo *ca;
+  size_t ss_size;
   int error;
 
   *result = NULL; /* assume failure */
@@ -131,7 +132,28 @@ Curl_getaddrinfo_ex(const char *nodename,
   if(error)
     return error;
 
-  for(ai = aihead; ai != NULL; ai = ainext) {
+  /* traverse the addrinfo list */
+
+  for(ai = aihead; ai != NULL; ai = ai->ai_next) {
+
+    /* ignore elements with unsupported address family, */
+    /* settle family-specific sockaddr structure size.  */
+    if(ai->ai_family == AF_INET)
+      ss_size = sizeof(struct sockaddr_in);
+#ifdef ENABLE_IPV6
+    else if(ai->ai_family == AF_INET6)
+      ss_size = sizeof(struct sockaddr_in6);
+#endif
+    else
+      continue;
+
+    /* ignore elements without required address info */
+    if((ai->ai_addr == NULL) || !(ai->ai_addrlen > 0))
+      continue;
+
+    /* ignore elements with bogus address size */
+    if((size_t)ai->ai_addrlen < ss_size)
+      continue;
 
     if((ca = malloc(sizeof(Curl_addrinfo))) == NULL) {
       error = EAI_MEMORY;
@@ -139,35 +161,28 @@ Curl_getaddrinfo_ex(const char *nodename,
     }
 
     /* copy each structure member individually, member ordering, */
-    /* size, or padding might be different for each structure.   */
+    /* size, or padding might be different for each platform.    */
 
     ca->ai_flags     = ai->ai_flags;
     ca->ai_family    = ai->ai_family;
     ca->ai_socktype  = ai->ai_socktype;
     ca->ai_protocol  = ai->ai_protocol;
-    ca->ai_addrlen   = 0;
+    ca->ai_addrlen   = (curl_socklen_t)ss_size;
     ca->ai_addr      = NULL;
     ca->ai_canonname = NULL;
     ca->ai_next      = NULL;
 
-    if((ai->ai_addrlen > 0) && (ai->ai_addr != NULL)) {
-      /* typecast below avoid warning on at least win64:
-         conversion from 'size_t' to 'curl_socklen_t', possible loss of data
-      */
-      ca->ai_addrlen  = (curl_socklen_t)ai->ai_addrlen;
-      if((ca->ai_addr = malloc(ca->ai_addrlen)) == NULL) {
-        error = EAI_MEMORY;
-        free(ca);
-        break;
-      }
-      memcpy(ca->ai_addr, ai->ai_addr, ca->ai_addrlen);
+    if((ca->ai_addr = malloc(ss_size)) == NULL) {
+      error = EAI_MEMORY;
+      free(ca);
+      break;
     }
+    memcpy(ca->ai_addr, ai->ai_addr, ss_size);
 
     if(ai->ai_canonname != NULL) {
       if((ca->ai_canonname = strdup(ai->ai_canonname)) == NULL) {
         error = EAI_MEMORY;
-        if(ca->ai_addr)
-          free(ca->ai_addr);
+        free(ca->ai_addr);
         free(ca);
         break;
       }
@@ -182,8 +197,6 @@ Curl_getaddrinfo_ex(const char *nodename,
       calast->ai_next = ca;
     calast = ca;
 
-    /* fetch next element fom the addrinfo list */
-    ainext = ai->ai_next;
   }
 
   /* destroy the addrinfo list */
@@ -195,6 +208,18 @@ Curl_getaddrinfo_ex(const char *nodename,
     Curl_freeaddrinfo(cafirst);
     cafirst = NULL;
   }
+  else if(!cafirst) {
+#ifdef EAI_NONAME
+    /* rfc3493 conformant */
+    error = EAI_NONAME;
+#else
+    /* rfc3493 obsoleted */
+    error = EAI_NODATA;
+#endif
+#ifdef USE_WINSOCK
+    SET_SOCKERRNO(error);
+#endif
+  }
 
   *result = cafirst;
 
@@ -434,6 +459,26 @@ Curl_ip2addr(int af, const void *inaddr, const char *hostname, int port)
   return ai;
 }
 
+/*
+ * Given an IPv4 or IPv6 dotted string address, this converts it to a proper
+ * allocated Curl_addrinfo struct and returns it.
+ */
+Curl_addrinfo *Curl_str2addr(char *address, int port)
+{
+  struct in_addr in;
+  if(Curl_inet_pton(AF_INET, address, &in) > 0)
+    /* This is a dotted IP address 123.123.123.123-style */
+    return Curl_ip2addr(AF_INET, &in, address, port);
+#ifdef ENABLE_IPV6
+  else {
+    struct in6_addr in6;
+    if(Curl_inet_pton(AF_INET6, address, &in6) > 0)
+      /* This is a dotted IPv6 address ::1-style */
+      return Curl_ip2addr(AF_INET6, &in6, address, port);
+  }
+#endif
+  return NULL; /* bad input format */
+}
 
 #if defined(CURLDEBUG) && defined(HAVE_FREEADDRINFO)
 /*

lib/curl_addrinfo.h

@@ -80,6 +80,8 @@ Curl_he2ai(const struct hostent *he, int port);
 Curl_addrinfo *
 Curl_ip2addr(int af, const void *inaddr, const char *hostname, int port);
 
+Curl_addrinfo *Curl_str2addr(char *dotted, int port);
+
 #if defined(CURLDEBUG) && defined(HAVE_FREEADDRINFO)
 void
 curl_dofreeaddrinfo(struct addrinfo *freethis,

lib/curl_rtmp.c

@@ -51,7 +51,7 @@ static CURLcode rtmp_setup(struct connectdata *conn);
 static CURLcode rtmp_do(struct connectdata *conn, bool *done);
 static CURLcode rtmp_done(struct connectdata *conn, CURLcode, bool premature);
 static CURLcode rtmp_connect(struct connectdata *conn, bool *done);
-static CURLcode rtmp_disconnect(struct connectdata *conn);
+static CURLcode rtmp_disconnect(struct connectdata *conn, bool dead_connection);
 
 static Curl_recv rtmp_recv;
 static Curl_send rtmp_send;
@@ -236,9 +236,11 @@ static CURLcode rtmp_done(struct connectdata *conn, CURLcode status,
   return CURLE_OK;
 }
 
-static CURLcode rtmp_disconnect(struct connectdata *conn)
+static CURLcode rtmp_disconnect(struct connectdata *conn,
+                                bool dead_connection)
 {
   RTMP *r = conn->proto.generic;
+  (void)dead_connection;
   if (r) {
     conn->proto.generic = NULL;
     RTMP_Close(r);

lib/curlx.h

@@ -89,7 +89,7 @@
 
 #ifdef ENABLE_CURLX_PRINTF
 /* If this define is set, we define all "standard" printf() functions to use
-   the curlx_* version instead. It makes the source code transparant and
+   the curlx_* version instead. It makes the source code transparent and
    easier to understand/patch. Undefine them first in case _MPRINTF_REPLACE
    is set. */
 # undef printf

lib/easy.c

@@ -626,125 +626,117 @@ CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...)
  */
 CURL *curl_easy_duphandle(CURL *incurl)
 {
-  bool fail = TRUE;
   struct SessionHandle *data=(struct SessionHandle *)incurl;
 
   struct SessionHandle *outcurl = calloc(1, sizeof(struct SessionHandle));
-
   if(NULL == outcurl)
-    return NULL; /* failure */
+    goto fail;
 
-  do {
+  /*
+   * We setup a few buffers we need. We should probably make them
+   * get setup on-demand in the code, as that would probably decrease
+   * the likeliness of us forgetting to init a buffer here in the future.
+   */
+  outcurl->state.headerbuff = malloc(HEADERSIZE);
+  if(!outcurl->state.headerbuff)
+    goto fail;
+  outcurl->state.headersize = HEADERSIZE;
 
-    /*
-     * We setup a few buffers we need. We should probably make them
-     * get setup on-demand in the code, as that would probably decrease
-     * the likeliness of us forgetting to init a buffer here in the future.
-     */
-    outcurl->state.headerbuff = malloc(HEADERSIZE);
-    if(!outcurl->state.headerbuff) {
-      break;
-    }
-    outcurl->state.headersize=HEADERSIZE;
+  /* copy all userdefined values */
+  if(Curl_dupset(outcurl, data) != CURLE_OK)
+    goto fail;
 
-    /* copy all userdefined values */
-    if(Curl_dupset(outcurl, data) != CURLE_OK)
-      break;
+  /* the connection cache is setup on demand */
+  outcurl->state.connc = NULL;
 
-    /* the connection cache is setup on demand */
-    outcurl->state.connc = NULL;
+  outcurl->state.lastconnect = -1;
 
-    outcurl->state.lastconnect = -1;
-
-    outcurl->progress.flags    = data->progress.flags;
-    outcurl->progress.callback = data->progress.callback;
+  outcurl->progress.flags    = data->progress.flags;
+  outcurl->progress.callback = data->progress.callback;
 
 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
-    if(data->cookies) {
-      /* If cookies are enabled in the parent handle, we enable them
-         in the clone as well! */
-      outcurl->cookies = Curl_cookie_init(data,
-                                          data->cookies->filename,
-                                          outcurl->cookies,
-                                          data->set.cookiesession);
-      if(!outcurl->cookies) {
-        break;
-      }
-    }
+  if(data->cookies) {
+    /* If cookies are enabled in the parent handle, we enable them
+       in the clone as well! */
+    outcurl->cookies = Curl_cookie_init(data,
+                                        data->cookies->filename,
+                                        outcurl->cookies,
+                                        data->set.cookiesession);
+    if(!outcurl->cookies)
+      goto fail;
+  }
 #endif   /* CURL_DISABLE_HTTP */
 
-    /* duplicate all values in 'change' */
+  /* duplicate all values in 'change' */
 
 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
-    if(data->change.cookielist) {
-      outcurl->change.cookielist =
-        Curl_slist_duplicate(data->change.cookielist);
-
-      if (!outcurl->change.cookielist)
-        break;
-    }
+  if(data->change.cookielist) {
+    outcurl->change.cookielist =
+      Curl_slist_duplicate(data->change.cookielist);
+    if(!outcurl->change.cookielist)
+      goto fail;
+  }
 #endif   /* CURL_DISABLE_HTTP */
 
-    if(data->change.url) {
-      outcurl->change.url = strdup(data->change.url);
-      if(!outcurl->change.url)
-        break;
-      outcurl->change.url_alloc = TRUE;
-    }
+  if(data->change.url) {
+    outcurl->change.url = strdup(data->change.url);
+    if(!outcurl->change.url)
+      goto fail;
+    outcurl->change.url_alloc = TRUE;
+  }
 
-    if(data->change.referer) {
-      outcurl->change.referer = strdup(data->change.referer);
-      if(!outcurl->change.referer)
-        break;
-      outcurl->change.referer_alloc = TRUE;
-    }
+  if(data->change.referer) {
+    outcurl->change.referer = strdup(data->change.referer);
+    if(!outcurl->change.referer)
+      goto fail;
+    outcurl->change.referer_alloc = TRUE;
+  }
 
 #ifdef USE_ARES
-    /* If we use ares, we clone the ares channel for the new handle */
-    if(ARES_SUCCESS != ares_dup(&outcurl->state.areschannel,
-                                data->state.areschannel))
-      break;
+  /* If we use ares, we clone the ares channel for the new handle */
+  if(ARES_SUCCESS != ares_dup(&outcurl->state.areschannel,
+                              data->state.areschannel))
+    goto fail;
 #endif
 
 #if defined(CURL_DOES_CONVERSIONS) && defined(HAVE_ICONV)
-    outcurl->inbound_cd = iconv_open(CURL_ICONV_CODESET_OF_HOST,
-                                     CURL_ICONV_CODESET_OF_NETWORK);
-    outcurl->outbound_cd = iconv_open(CURL_ICONV_CODESET_OF_NETWORK,
-                                      CURL_ICONV_CODESET_OF_HOST);
-    outcurl->utf8_cd = iconv_open(CURL_ICONV_CODESET_OF_HOST,
-                                  CURL_ICONV_CODESET_FOR_UTF8);
+  outcurl->inbound_cd = iconv_open(CURL_ICONV_CODESET_OF_HOST,
+                                   CURL_ICONV_CODESET_OF_NETWORK);
+  outcurl->outbound_cd = iconv_open(CURL_ICONV_CODESET_OF_NETWORK,
+                                    CURL_ICONV_CODESET_OF_HOST);
+  outcurl->utf8_cd = iconv_open(CURL_ICONV_CODESET_OF_HOST,
+                                CURL_ICONV_CODESET_FOR_UTF8);
 #endif
 
-    Curl_easy_initHandleData(outcurl);
+  Curl_easy_initHandleData(outcurl);
 
-    outcurl->magic = CURLEASY_MAGIC_NUMBER;
+  outcurl->magic = CURLEASY_MAGIC_NUMBER;
 
-    fail = FALSE; /* we reach this point and thus we are OK */
-
-  } while(0);
-
-  if(fail) {
-    if(outcurl) {
-      if(outcurl->state.connc &&
-         (outcurl->state.connc->type == CONNCACHE_PRIVATE))
-        Curl_rm_connc(outcurl->state.connc);
-      if(outcurl->state.headerbuff)
-        free(outcurl->state.headerbuff);
-#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
-      if(outcurl->change.cookielist)
-        curl_slist_free_all(outcurl->change.cookielist);
-#endif
-      if(outcurl->change.url)
-        free(outcurl->change.url);
-      if(outcurl->change.referer)
-        free(outcurl->change.referer);
-      Curl_freeset(outcurl);
-      free(outcurl); /* free the memory again */
-      outcurl = NULL;
-    }
-  }
+  /* we reach this point and thus we are OK */
 
   return outcurl;
+
+  fail:
+
+  if(outcurl) {
+    if(outcurl->state.connc &&
+       (outcurl->state.connc->type == CONNCACHE_PRIVATE))
+      Curl_rm_connc(outcurl->state.connc);
+    if(outcurl->state.headerbuff)
+      free(outcurl->state.headerbuff);
+#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
+    if(outcurl->change.cookielist)
+      curl_slist_free_all(outcurl->change.cookielist);
+#endif
+    if(outcurl->change.url)
+      free(outcurl->change.url);
+    if(outcurl->change.referer)
+      free(outcurl->change.referer);
+    Curl_freeset(outcurl);
+    free(outcurl);
+  }
+
+  return NULL;
 }
 
 /*

lib/file.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -146,7 +146,7 @@ static CURLcode file_range(struct connectdata *conn)
 
   if(data->state.use_range && data->state.range) {
     from=curlx_strtoofft(data->state.range, &ptr, 0);
-    while(*ptr && (isspace((int)*ptr) || (*ptr=='-')))
+    while(*ptr && (ISSPACE(*ptr) || (*ptr=='-')))
       ptr++;
     to=curlx_strtoofft(ptr, &ptr2, 0);
     if(ptr == ptr2) {
@@ -463,6 +463,13 @@ static CURLcode file_do(struct connectdata *conn, bool *done)
     fstated = TRUE;
   }
 
+  if(fstated && !data->state.range && data->set.timecondition) {
+    if(!Curl_meets_timecondition(data, data->info.filetime)) {
+      *done = TRUE;
+      return CURLE_OK;
+    }
+  }
+
   /* If we have selected NOBODY and HEADER, it means that we only want file
      information. Which for FILE can't be much more than the file size and
      date. */
@@ -480,14 +487,13 @@ static CURLcode file_do(struct connectdata *conn, bool *done)
       return result;
 
     if(fstated) {
-      const struct tm *tm;
       time_t filetime = (time_t)statbuf.st_mtime;
-#ifdef HAVE_GMTIME_R
       struct tm buffer;
-      tm = (const struct tm *)gmtime_r(&filetime, &buffer);
-#else
-      tm = gmtime(&filetime);
-#endif
+      const struct tm *tm = &buffer;
+      result = Curl_gmtime(filetime, &buffer);
+      if(result)
+        return result;
+
       /* format: "Tue, 15 Nov 1994 12:45:26 GMT" */
       snprintf(buf, BUFSIZE-1,
                "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n",

lib/formdata.c

@@ -123,6 +123,7 @@ Content-Disposition: form-data; name="FILECONTENT"
 #include "curl_rand.h"
 #include "strequal.h"
 #include "curl_memory.h"
+#include "sendf.h"
 
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -975,7 +976,7 @@ int curl_formget(struct curl_httppost *form, void *arg,
   curl_off_t size;
   struct FormData *data, *ptr;
 
-  rc = Curl_getFormData(&data, form, NULL, &size);
+  rc = Curl_getformdata(NULL, &data, form, NULL, &size);
   if(rc != CURLE_OK)
     return (int)rc;
 
@@ -1105,15 +1106,20 @@ static char *strippath(const char *fullfile)
 }
 
 /*
- * Curl_getFormData() converts a linked list of "meta data" into a complete
+ * Curl_getformdata() converts a linked list of "meta data" into a complete
  * (possibly huge) multipart formdata. The input list is in 'post', while the
  * output resulting linked lists gets stored in '*finalform'. *sizep will get
  * the total size of the whole POST.
  * A multipart/form_data content-type is built, unless a custom content-type
  * is passed in 'custom_content_type'.
+ *
+ * This function will not do a failf() for the potential memory failures but
+ * should for all other errors it spots. Just note that this function MAY get
+ * a NULL pointer in the 'data' argument.
  */
 
-CURLcode Curl_getFormData(struct FormData **finalform,
+CURLcode Curl_getformdata(struct SessionHandle *data,
+                          struct FormData **finalform,
                           struct curl_httppost *post,
                           const char *custom_content_type,
                           curl_off_t *sizep)
@@ -1271,23 +1277,6 @@ CURLcode Curl_getFormData(struct FormData **finalform,
         return result;
       }
 
-#if 0
-      /* The header Content-Transfer-Encoding: seems to confuse some receivers
-       * (like the built-in PHP engine). While I can't see any reason why it
-       * should, I can just as well skip this to the benefit of the users who
-       * are using such confused receivers.
-       */
-
-      if(file->contenttype &&
-         !checkprefix("text/", file->contenttype)) {
-        /* this is not a text content, mention our binary encoding */
-        result = AddFormDataf(&form, &size,
-                              "\r\nContent-Transfer-Encoding: binary");
-        if(result)
-          break;
-      }
-#endif
-
       result = AddFormDataf(&form, &size, "\r\n\r\n");
       if(result)
         break;
@@ -1327,50 +1316,31 @@ CURLcode Curl_getFormData(struct FormData **finalform,
                 break;
             }
           }
-
-          if(result) {
-            Curl_formclean(&firstform);
-            free(boundary);
-            return result;
-          }
-
         }
         else {
-#ifdef _FORM_DEBUG
-          fprintf(stderr,
-                  "\n==> Curl_getFormData couldn't open/read \"%s\"\n",
-                  file->contents);
-#endif
-          Curl_formclean(&firstform);
-          free(boundary);
+          if(data)
+            failf(data, "couldn't open file \"%s\"\n", file->contents);
           *finalform = NULL;
-          return CURLE_READ_ERROR;
+          result = CURLE_READ_ERROR;
         }
-
       }
-      else if(post->flags & HTTPPOST_BUFFER) {
+      else if(post->flags & HTTPPOST_BUFFER)
         /* include contents of buffer */
         result = AddFormData(&form, FORM_CONTENT, post->buffer,
                              post->bufferlength, &size);
-          if(result)
-            break;
-      }
-      else if(post->flags & HTTPPOST_CALLBACK) {
+      else if(post->flags & HTTPPOST_CALLBACK)
         /* the contents should be read with the callback and the size
            is set with the contentslength */
         result = AddFormData(&form, FORM_CALLBACK, post->userp,
                              post->contentslength, &size);
-        if(result)
-          break;
-      }
-      else {
+      else
         /* include the contents we got */
         result = AddFormData(&form, FORM_CONTENT, post->contents,
                              post->contentslength, &size);
-        if(result)
-          break;
-      }
-    } while((file = file->more) != NULL); /* for each specified file for this field */
+
+      file = file->more;
+    } while(file && !result); /* for each specified file for this field */
+
     if(result) {
       Curl_formclean(&firstform);
       free(boundary);
@@ -1666,25 +1636,25 @@ int main(int argc, argv_item_t argv[])
                   CURLFORM_END))
     ++errors;
 
-  rc = Curl_getFormData(&form, httppost, NULL, &size);
+  rc = Curl_getformdata(NULL, &form, httppost, NULL, &size);
   if(rc != CURLE_OK) {
     if(rc != CURLE_READ_ERROR) {
       const char *errortext = curl_easy_strerror(rc);
-      fprintf(stdout, "\n==> Curl_getFormData error: %s\n", errortext);
+      fprintf(stdout, "\n==> Curl_getformdata error: %s\n", errortext);
     }
     return 0;
   }
 
   Curl_FormInit(&formread, form);
 
-  do {
+  for(;;) {
     nread = Curl_FormReader(buffer, 1, sizeof(buffer),
                             (FILE *)&formread);
 
     if(nread < 1)
       break;
     fwrite(buffer, nread, 1, stdout);
-  } while(1);
+  }
 
   fprintf(stdout, "size: ");
   fprintf(stdout, "%" FORMAT_OFF_T, size);

lib/formdata.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -70,11 +70,11 @@ typedef struct FormInfo {
 
 int Curl_FormInit(struct Form *form, struct FormData *formdata );
 
-CURLcode
-Curl_getFormData(struct FormData **,
-                 struct curl_httppost *post,
-                 const char *custom_contenttype,
-                 curl_off_t *size);
+CURLcode Curl_getformdata(struct SessionHandle *data,
+                          struct FormData **,
+                          struct curl_httppost *post,
+                          const char *custom_contenttype,
+                          curl_off_t *size);
 
 /* fread() emulation */
 size_t Curl_FormReader(char *buffer,

lib/ftp.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -136,7 +136,7 @@ static CURLcode ftp_do(struct connectdata *conn, bool *done);
 static CURLcode ftp_done(struct connectdata *conn,
                          CURLcode, bool premature);
 static CURLcode ftp_connect(struct connectdata *conn, bool *done);
-static CURLcode ftp_disconnect(struct connectdata *conn);
+static CURLcode ftp_disconnect(struct connectdata *conn, bool dead_connection);
 static CURLcode ftp_nextconnect(struct connectdata *conn);
 static CURLcode ftp_multi_statemach(struct connectdata *conn, bool *done);
 static int ftp_getsock(struct connectdata *conn,
@@ -322,7 +322,7 @@ static CURLcode AllowServerConnect(struct connectdata *conn)
   curl_socklen_t size = (curl_socklen_t) sizeof(add);
 
   for(;;) {
-    timeout_ms = Curl_timeleft(conn, NULL, TRUE);
+    timeout_ms = Curl_timeleft(data, NULL, TRUE);
 
     if(timeout_ms < 0) {
       /* if a timeout was already reached, bail out */
@@ -379,7 +379,7 @@ static int ftp_endofresp(struct pingpong *pp,
   size_t len = pp->nread_resp;
 
   if((len > 3) && LASTLINE(line)) {
-    *code = atoi(line);
+    *code = curlx_sltosi(strtol(line, NULL, 10));
     return 1;
   }
   return 0;
@@ -405,13 +405,13 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
   /* FIXME: some errorchecking perhaps... ***/
   switch(code) {
   case 631:
-    code = Curl_sec_read_msg(conn, buf, prot_safe);
+    code = Curl_sec_read_msg(conn, buf, PROT_SAFE);
     break;
   case 632:
-    code = Curl_sec_read_msg(conn, buf, prot_private);
+    code = Curl_sec_read_msg(conn, buf, PROT_PRIVATE);
     break;
   case 633:
-    code = Curl_sec_read_msg(conn, buf, prot_confidential);
+    code = Curl_sec_read_msg(conn, buf, PROT_CONFIDENTIAL);
     break;
   default:
     /* normal ftp stuff we pass through! */
@@ -425,6 +425,12 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
   if(ftpcode)
     *ftpcode = code;
 
+  if(421 == code)
+    /* 421 means "Service not available, closing control connection." and FTP
+     * servers use it to signal that idle session timeout has been exceeded.
+     * If we ignored the response, it could end up hanging in some cases. */
+    return CURLE_OPERATION_TIMEDOUT;
+
   return result;
 }
 
@@ -1360,18 +1366,16 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
       else {
         curl_off_t passed=0;
         do {
-          curl_off_t readthisamountnow = (data->state.resume_from - passed);
-          curl_off_t actuallyread;
+          size_t readthisamountnow =
+            (data->state.resume_from - passed > CURL_OFF_T_C(BUFSIZE)) ?
+            BUFSIZE : curlx_sotouz(data->state.resume_from - passed);
 
-          if(readthisamountnow > BUFSIZE)
-            readthisamountnow = BUFSIZE;
-
-          actuallyread = (curl_off_t)
-            conn->fread_func(data->state.buffer, 1, (size_t)readthisamountnow,
+          size_t actuallyread =
+            conn->fread_func(data->state.buffer, 1, readthisamountnow,
                              conn->fread_in);
 
           passed += actuallyread;
-          if((actuallyread <= 0) || (actuallyread > readthisamountnow)) {
+          if((actuallyread == 0) || (actuallyread > readthisamountnow)) {
             /* this checks for greater-than only to make sure that the
                CURL_READFUNC_ABORT return code still aborts */
             failf(data, "Failed to read data");
@@ -1837,14 +1841,14 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata *conn,
          ftpc->file &&
          data->set.get_filetime &&
          (data->info.filetime>=0) ) {
-        struct tm *tm;
         time_t filetime = (time_t)data->info.filetime;
-#ifdef HAVE_GMTIME_R
         struct tm buffer;
-        tm = (struct tm *)gmtime_r(&filetime, &buffer);
-#else
-        tm = gmtime(&filetime);
-#endif
+        const struct tm *tm = &buffer;
+
+        result = Curl_gmtime(filetime, &buffer);
+        if(result)
+          return result;
+
         /* format: "Tue, 15 Nov 1994 12:45:26" */
         snprintf(buf, BUFSIZE-1,
                  "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n",
@@ -3083,6 +3087,10 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
 #endif
 
   if(conn->sock[SECONDARYSOCKET] != CURL_SOCKET_BAD) {
+    if(!result && ftpc->dont_check && data->req.maxdownload > 0)
+      /* partial download completed */
+      result = Curl_pp_sendf(pp, "ABOR");
+
     if(conn->ssl[SECONDARYSOCKET].use) {
       /* The secondary socket is using SSL so we must close down that part
          first before we close the socket for real */
@@ -3097,7 +3105,7 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
     }
   }
 
-  if((ftp->transfer == FTPTRANSFER_BODY) && ftpc->ctl_valid &&
+  if(!result && (ftp->transfer == FTPTRANSFER_BODY) && ftpc->ctl_valid &&
      pp->pending_resp && !premature) {
     /*
      * Let's see what the server says about the transfer we just performed,
@@ -3123,6 +3131,14 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
     if(result)
       return result;
 
+    if(ftpc->dont_check && data->req.maxdownload > 0) {
+      /* we have just sent ABOR and there is no reliable way to check if it was
+       * successful or not; we have to close the connection now */
+      infof(data, "partial download completed, closing connection\n");
+      conn->bits.close = TRUE; /* mark for closure */
+      return result;
+    }
+
     if(!ftpc->dont_check) {
       /* 226 Transfer complete, 250 Requested file action okay, completed. */
       if((ftpcode != 226) && (ftpcode != 250)) {
@@ -3562,14 +3578,12 @@ static CURLcode init_wc_data(struct connectdata *conn)
   return CURLE_OK;
 }
 
+/* This is called recursively */
 static CURLcode wc_statemach(struct connectdata *conn)
 {
-  struct ftp_conn *ftpc = &conn->proto.ftpc;
-  struct WildcardData *wildcard = &(conn->data->wildcard);
-  struct ftp_wc_tmpdata *ftp_tmp = wildcard->tmp;
-  char *tmp_path;
+  struct WildcardData * const wildcard = &(conn->data->wildcard);
   CURLcode ret = CURLE_OK;
-  long userresponse = 0;
+
   switch (wildcard->state) {
   case CURLWC_INIT:
     ret = init_wc_data(conn);
@@ -3580,10 +3594,10 @@ static CURLcode wc_statemach(struct connectdata *conn)
       wildcard->state = ret ? CURLWC_ERROR : CURLWC_MATCHING;
     break;
 
-  case CURLWC_MATCHING:
+  case CURLWC_MATCHING: {
     /* In this state is LIST response successfully parsed, so lets restore
        previous WRITEFUNCTION callback and WRITEDATA pointer */
-    ftp_tmp = wildcard->tmp;
+    struct ftp_wc_tmpdata *ftp_tmp = wildcard->tmp;
     conn->data->set.fwrite_func = ftp_tmp->backup.write_function;
     conn->data->set.out = ftp_tmp->backup.file_descriptor;
     wildcard->state = CURLWC_DOWNLOADING;
@@ -3598,13 +3612,14 @@ static CURLcode wc_statemach(struct connectdata *conn)
       wildcard->state = CURLWC_CLEAN;
       return CURLE_REMOTE_FILE_NOT_FOUND;
     }
-    ret = wc_statemach(conn);
-    break;
+    return wc_statemach(conn);
+  }
 
   case CURLWC_DOWNLOADING: {
     /* filelist has at least one file, lets get first one */
+    struct ftp_conn *ftpc = &conn->proto.ftpc;
     struct curl_fileinfo *finfo = wildcard->filelist->head->ptr;
-    tmp_path = malloc(strlen(conn->data->state.path) +
+    char *tmp_path = malloc(strlen(conn->data->state.path) +
                       strlen(finfo->filename) + 1);
     if(!tmp_path) {
       return CURLE_OUT_OF_MEMORY;
@@ -3623,7 +3638,7 @@ static CURLcode wc_statemach(struct connectdata *conn)
 
     infof(conn->data, "Wildcard - START of \"%s\"\n", finfo->filename);
     if(conn->data->set.chunk_bgn) {
-      userresponse = conn->data->set.chunk_bgn(
+      long userresponse = conn->data->set.chunk_bgn(
           finfo, wildcard->customptr, (int)wildcard->filelist->size);
       switch(userresponse) {
       case CURL_CHUNK_BGN_FUNC_SKIP:
@@ -3666,16 +3681,17 @@ static CURLcode wc_statemach(struct connectdata *conn)
     Curl_llist_remove(wildcard->filelist, wildcard->filelist->head, NULL);
     wildcard->state = (wildcard->filelist->size == 0) ?
                       CURLWC_CLEAN : CURLWC_DOWNLOADING;
-    ret = wc_statemach(conn);
-  } break;
+    return wc_statemach(conn);
+  }
 
-  case CURLWC_CLEAN:
+  case CURLWC_CLEAN: {
+    struct ftp_wc_tmpdata *ftp_tmp = wildcard->tmp;
     ret = CURLE_OK;
     if(ftp_tmp) {
       ret = Curl_ftp_parselist_geterror(ftp_tmp->parser);
     }
     wildcard->state = ret ? CURLWC_ERROR : CURLWC_DONE;
-    break;
+  } break;
 
   case CURLWC_DONE:
   case CURLWC_ERROR:
@@ -3766,11 +3782,12 @@ CURLcode Curl_ftpsendf(struct connectdata *conn,
 
   for(;;) {
 #if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
-    conn->data_prot = prot_cmd;
+    conn->data_prot = PROT_CMD;
 #endif
     res = Curl_write(conn, conn->sock[FIRSTSOCKET], sptr, write_len,
                      &bytes_written);
 #if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+    DEBUGASSERT(data_sec > PROT_NONE && data_sec < PROT_LAST);
     conn->data_prot = data_sec;
 #endif
 
@@ -3823,7 +3840,7 @@ static CURLcode ftp_quit(struct connectdata *conn)
  * Disconnect from an FTP server. Cleanup protocol-specific per-connection
  * resources. BLOCKING.
  */
-static CURLcode ftp_disconnect(struct connectdata *conn)
+static CURLcode ftp_disconnect(struct connectdata *conn, bool dead_connection)
 {
   struct ftp_conn *ftpc= &conn->proto.ftpc;
   struct pingpong *pp = &ftpc->pp;
@@ -3835,6 +3852,8 @@ static CURLcode ftp_disconnect(struct connectdata *conn)
      ftp_quit() will check the state of ftp->ctl_valid. If it's ok it
      will try to send the QUIT command, otherwise it will just return.
   */
+  if(dead_connection)
+    ftpc->ctl_valid = FALSE;
 
   /* The FTP session may or may not have been allocated/setup at this point! */
   (void)ftp_quit(conn); /* ignore errors on the QUIT */
@@ -3959,9 +3978,9 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
     else {
       /* parse the URL path into separate path components */
       while((slash_pos = strchr(cur_pos, '/')) != NULL) {
-        /* 1 or 0 to indicate absolute directory */
-        bool absolute_dir = (bool)((cur_pos - data->state.path > 0) &&
-                                   (ftpc->dirdepth == 0));
+        /* 1 or 0 pointer offset to indicate absolute directory */
+        ssize_t absolute_dir = ((cur_pos - data->state.path > 0) &&
+                                (ftpc->dirdepth == 0))?1:0;
 
         /* seek out the next path component */
         if(slash_pos-cur_pos) {

lib/ftplistparser.c

@@ -447,9 +447,10 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t nmemb,
           else if(c == '\n') {
             finfo->b_data[parser->item_length - 1] = 0;
             if(strncmp("total ", finfo->b_data, 6) == 0) {
-              char *endptr = NULL;
+              char *endptr = finfo->b_data+6;
               /* here we can deal with directory size */
-              curlx_strtoofft(finfo->b_data+6, &endptr, 10);
+              while(ISSPACE(*endptr))
+                endptr++;
               if(*endptr != 0) {
                 PL_ERROR(conn, CURLE_FTP_BAD_FILE_LIST);
                 return bufflen;

lib/getinfo.c

@@ -67,10 +67,10 @@ CURLcode Curl_initinfo(struct SessionHandle *data)
   info->request_size = 0;
   info->numconnects = 0;
 
-  info->ip[0] = 0;
-  info->port = 0;
-  info->localip[0] = 0;
-  info->localport = 0;
+  info->conn_primary_ip[0] = '\0';
+  info->conn_local_ip[0] = '\0';
+  info->conn_primary_port = 0;
+  info->conn_local_port = 0;
 
   return CURLE_OK;
 }
@@ -238,20 +238,20 @@ CURLcode Curl_getinfo(struct SessionHandle *data, CURLINFO info, ...)
     break;
   case CURLINFO_PRIMARY_IP:
     /* Return the ip address of the most recent (primary) connection */
-    *param_charp = data->info.ip;
+    *param_charp = data->info.conn_primary_ip;
     break;
   case CURLINFO_PRIMARY_PORT:
     /* Return the (remote) port of the most recent (primary) connection */
-    *param_longp = data->info.port;
+    *param_longp = data->info.conn_primary_port;
     break;
   case CURLINFO_LOCAL_IP:
     /* Return the source/local ip address of the most recent (primary)
        connection */
-    *param_charp = data->info.localip;
+    *param_charp = data->info.conn_local_ip;
     break;
   case CURLINFO_LOCAL_PORT:
     /* Return the local port of the most recent (primary) connection */
-    *param_longp = data->info.localport;
+    *param_longp = data->info.conn_local_port;
     break;
   case CURLINFO_CERTINFO:
     /* Return the a pointer to the certinfo struct. Not really an slist

lib/gopher.c

@@ -78,6 +78,7 @@
 #include "rawstr.h"
 #include "select.h"
 #include "url.h"
+#include "warnless.h"
 
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -156,7 +157,7 @@ static CURLcode gopher_do(struct connectdata *conn, bool *done)
 
   /* We use Curl_write instead of Curl_sendf to make sure the entire buffer is
      sent, which could be sizeable with long selectors. */
-  k = strlen(sel);
+  k = curlx_uztosz(strlen(sel));
 
   for(;;) {
     result = Curl_write(conn, sockfd, sel, k, &amount);

lib/gtls.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -78,6 +78,7 @@ static void tls_log_func(int level, const char *str)
 }
 #endif
 static bool gtls_inited = FALSE;
+
 /*
  * Custom push and pull callback functions used by GNU TLS to read and write
  * to the socket.  These functions are simple wrappers to send() and recv()
@@ -85,15 +86,54 @@ static bool gtls_inited = FALSE;
  * We use custom functions rather than the GNU TLS defaults because it allows
  * us to get specific about the fourth "flags" argument, and to use arbitrary
  * private data with gnutls_transport_set_ptr if we wish.
+ *
+ * When these custom push and pull callbacks fail, GNU TLS checks its own
+ * session-specific error variable, and when not set also its own global
+ * errno variable, in order to take appropriate action. GNU TLS does not
+ * require that the transport is actually a socket. This implies that for
+ * Windows builds these callbacks should ideally set the session-specific
+ * error variable using function gnutls_transport_set_errno or as a last
+ * resort global errno variable using gnutls_transport_set_global_errno,
+ * with a transport agnostic error value. This implies that some winsock
+ * error translation must take place in these callbacks.
  */
+
+#ifdef USE_WINSOCK
+#  define gtls_EINTR  4
+#  define gtls_EIO    5
+#  define gtls_EAGAIN 11
+static int gtls_mapped_sockerrno(void)
+{
+  switch(SOCKERRNO) {
+  case WSAEWOULDBLOCK:
+    return gtls_EAGAIN;
+  case WSAEINTR:
+    return gtls_EINTR;
+  default:
+    break;
+  }
+  return gtls_EIO;
+}
+#endif
+
 static ssize_t Curl_gtls_push(void *s, const void *buf, size_t len)
 {
-  return swrite(GNUTLS_POINTER_TO_INT_CAST(s), buf, len);
+  ssize_t ret = swrite(GNUTLS_POINTER_TO_INT_CAST(s), buf, len);
+#ifdef USE_WINSOCK
+  if(ret < 0)
+    gnutls_transport_set_global_errno(gtls_mapped_sockerrno());
+#endif
+  return ret;
 }
 
 static ssize_t Curl_gtls_pull(void *s, void *buf, size_t len)
 {
-  return sread(GNUTLS_POINTER_TO_INT_CAST(s), buf, len);
+  ssize_t ret = sread(GNUTLS_POINTER_TO_INT_CAST(s), buf, len);
+#ifdef USE_WINSOCK
+  if(ret < 0)
+    gnutls_transport_set_global_errno(gtls_mapped_sockerrno());
+#endif
+  return ret;
 }
 
 /* Curl_gtls_init()
@@ -130,13 +170,12 @@ static void showtime(struct SessionHandle *data,
                      const char *text,
                      time_t stamp)
 {
-  struct tm *tm;
-#ifdef HAVE_GMTIME_R
   struct tm buffer;
-  tm = (struct tm *)gmtime_r(&stamp, &buffer);
-#else
-  tm = gmtime(&stamp);
-#endif
+  const struct tm *tm = &buffer;
+  CURLcode result = Curl_gmtime(stamp, &buffer);
+  if(result)
+    return;
+
   snprintf(data->state.buffer,
            BUFSIZE,
            "\t %s: %s, %02d %s %4d %02d:%02d:%02d GMT\n",
@@ -196,9 +235,9 @@ static CURLcode handshake(struct connectdata *conn,
   int rc;
   int what;
 
-  while(1) {
+  for(;;) {
     /* check allowed time left */
-    timeout_ms = Curl_timeleft(conn, NULL, duringconnect);
+    timeout_ms = Curl_timeleft(data, NULL, duringconnect);
 
     if(timeout_ms < 0) {
       /* no need to continue if time already is up */
@@ -216,19 +255,18 @@ static CURLcode handshake(struct connectdata *conn,
         connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
 
       what = Curl_socket_ready(readfd, writefd,
-                               nonblocking?0:(int)timeout_ms);
+                               nonblocking?0:(int)timeout_ms?1000:timeout_ms);
       if(what < 0) {
         /* fatal error */
         failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
         return CURLE_SSL_CONNECT_ERROR;
       }
       else if(0 == what) {
-        if(nonblocking) {
+        if(nonblocking)
           return CURLE_OK;
-        }
-        else {
+        else if(timeout_ms) {
           /* timeout */
-          failf(data, "SSL connection timeout");
+          failf(data, "SSL connection timeout at %ld", timeout_ms);
           return CURLE_OPERATION_TIMEDOUT;
         }
       }
@@ -241,12 +279,14 @@ static CURLcode handshake(struct connectdata *conn,
       connssl->connecting_state =
         gnutls_record_get_direction(session)?
         ssl_connect_2_writing:ssl_connect_2_reading;
-      if(nonblocking) {
+      if(nonblocking)
         return CURLE_OK;
-      }
-    } else if (rc < 0) {
+    }
+    else if (rc < 0) {
       failf(data, "gnutls_handshake() failed: %s", gnutls_strerror(rc));
-    } else {
+      return CURLE_SSL_CONNECT_ERROR;
+    }
+    else {
       /* Reset our connect state machine */
       connssl->connecting_state = ssl_connect_1;
       return CURLE_OK;
@@ -305,6 +345,29 @@ gtls_connect_step1(struct connectdata *conn,
     return CURLE_SSL_CONNECT_ERROR;
   }
 
+#ifdef USE_TLS_SRP
+  if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
+    infof(data, "Using TLS-SRP username: %s\n", data->set.ssl.username);
+
+    rc = gnutls_srp_allocate_client_credentials(
+           &conn->ssl[sockindex].srp_client_cred);
+    if(rc != GNUTLS_E_SUCCESS) {
+      failf(data, "gnutls_srp_allocate_client_cred() failed: %s",
+            gnutls_strerror(rc));
+      return CURLE_OUT_OF_MEMORY;
+    }
+
+    rc = gnutls_srp_set_client_credentials(conn->ssl[sockindex].srp_client_cred,
+                                           data->set.ssl.username,
+                                           data->set.ssl.password);
+    if(rc != GNUTLS_E_SUCCESS) {
+      failf(data, "gnutls_srp_set_client_cred() failed: %s",
+            gnutls_strerror(rc));
+      return CURLE_BAD_FUNCTION_ARGUMENT;
+    }
+  }
+#endif
+
   if(data->set.ssl.CAfile) {
     /* set the trusted CA cert bundle file */
     gnutls_certificate_set_verify_flags(conn->ssl[sockindex].cred,
@@ -390,9 +453,18 @@ gtls_connect_step1(struct connectdata *conn,
     }
   }
 
+#ifdef USE_TLS_SRP
   /* put the credentials to the current session */
-  rc = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE,
-                              conn->ssl[sockindex].cred);
+  if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
+    rc = gnutls_credentials_set(session, GNUTLS_CRD_SRP,
+                                conn->ssl[sockindex].srp_client_cred);
+    if (rc != GNUTLS_E_SUCCESS) {
+      failf(data, "gnutls_credentials_set() failed: %s", gnutls_strerror(rc));
+    }
+  } else
+#endif
+    rc = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE,
+                                conn->ssl[sockindex].cred);
 
   /* set the connection handle (file descriptor for the socket) */
   gnutls_transport_set_ptr(session,
@@ -442,6 +514,7 @@ gtls_connect_step3(struct connectdata *conn,
   int rc;
   int incache;
   void *ssl_sessionid;
+  CURLcode result = CURLE_OK;
 
   /* This function will return the peer's raw certificate (chain) as sent by
      the peer. These certificates are in raw format (DER encoded for
@@ -454,8 +527,21 @@ gtls_connect_step3(struct connectdata *conn,
     if(data->set.ssl.verifypeer ||
        data->set.ssl.verifyhost ||
        data->set.ssl.issuercert) {
-      failf(data, "failed to get server cert");
-      return CURLE_PEER_FAILED_VERIFICATION;
+#ifdef USE_TLS_SRP
+      if(data->set.ssl.authtype == CURL_TLSAUTH_SRP
+         && data->set.ssl.username != NULL
+         && !data->set.ssl.verifypeer
+         && gnutls_cipher_get(session)) {
+        /* no peer cert, but auth is ok if we have SRP user and cipher and no
+           peer verify */
+      }
+      else {
+#endif
+        failf(data, "failed to get server cert");
+        return CURLE_PEER_FAILED_VERIFICATION;
+#ifdef USE_TLS_SRP
+      }
+#endif
     }
     infof(data, "\t common name: WARNING couldn't obtain\n");
   }
@@ -488,8 +574,10 @@ gtls_connect_step3(struct connectdata *conn,
     else
       infof(data, "\t server certificate verification OK\n");
   }
-  else
+  else {
     infof(data, "\t server certificate verification SKIPPED\n");
+    goto after_server_cert_verification;
+  }
 
   /* initialize an X.509 certificate structure. */
   gnutls_x509_crt_init(&x509_cert);
@@ -619,6 +707,8 @@ gtls_connect_step3(struct connectdata *conn,
 
   gnutls_x509_crt_deinit(x509_cert);
 
+after_server_cert_verification:
+
   /* compression algorithm (if any) */
   ptr = gnutls_compression_get_name(gnutls_compression_get(session));
   /* the *_get_name() says "NULL" if GNUTLS_COMP_NULL is returned */
@@ -660,11 +750,17 @@ gtls_connect_step3(struct connectdata *conn,
       }
 
       /* store this session id */
-      return Curl_ssl_addsessionid(conn, connect_sessionid, connect_idsize);
+      result = Curl_ssl_addsessionid(conn, connect_sessionid, connect_idsize);
+      if(result) {
+        free(connect_sessionid);
+        result = CURLE_OUT_OF_MEMORY;
+      }
     }
+    else
+      result = CURLE_OUT_OF_MEMORY;
   }
 
-  return CURLE_OK;
+  return result;
 }
 
 
@@ -772,6 +868,12 @@ static void close_one(struct connectdata *conn,
     gnutls_certificate_free_credentials(conn->ssl[idx].cred);
     conn->ssl[idx].cred = NULL;
   }
+#ifdef USE_TLS_SRP
+  if (conn->ssl[idx].srp_client_cred) {
+    gnutls_srp_free_client_credentials(conn->ssl[idx].srp_client_cred);
+    conn->ssl[idx].srp_client_cred = NULL;
+  }
+#endif
 }
 
 void Curl_gtls_close(struct connectdata *conn, int sockindex)
@@ -841,6 +943,12 @@ int Curl_gtls_shutdown(struct connectdata *conn, int sockindex)
   }
   gnutls_certificate_free_credentials(conn->ssl[sockindex].cred);
 
+#ifdef USE_TLS_SRP
+  if(data->set.ssl.authtype == CURL_TLSAUTH_SRP
+     && data->set.ssl.username != NULL)
+    gnutls_srp_free_client_credentials(conn->ssl[sockindex].srp_client_cred);
+#endif
+
   conn->ssl[sockindex].cred = NULL;
   conn->ssl[sockindex].session = NULL;
 

lib/hmac.c

@@ -60,7 +60,7 @@ Curl_HMAC_init(const HMAC_params * hashparams,
 
   /* Create HMAC context. */
   i = sizeof *ctxt + 2 * hashparams->hmac_ctxtsize + hashparams->hmac_resultlen;
-  ctxt = (HMAC_context *) malloc(i);
+  ctxt = malloc(i);
 
   if(!ctxt)
     return ctxt;
@@ -85,9 +85,9 @@ Curl_HMAC_init(const HMAC_params * hashparams,
   (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt2);
 
   for (i = 0; i < keylen; i++) {
-    b = *key ^ hmac_ipad;
+    b = (unsigned char)(*key ^ hmac_ipad);
     (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, &b, 1);
-    b = *key++ ^ hmac_opad;
+    b = (unsigned char)(*key++ ^ hmac_opad);
     (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, &b, 1);
   }
 

lib/hostares.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -224,17 +224,12 @@ CURLcode Curl_wait_for_resolv(struct connectdata *conn,
   long timeout;
   struct timeval now = Curl_tvnow();
 
-  /* now, see if there's a connect timeout or a regular timeout to
-     use instead of the default one */
-  if(conn->data->set.connecttimeout)
-    timeout = conn->data->set.connecttimeout;
-  else if(conn->data->set.timeout)
-    timeout = conn->data->set.timeout;
-  else
+  timeout = Curl_timeleft(data, &now, TRUE);
+  if(!timeout)
     timeout = CURL_TIMEOUT_RESOLVE * 1000; /* default name resolve timeout */
 
   /* Wait for the name resolve query to complete. */
-  while(1) {
+  for(;;) {
     struct timeval *tvp, tv, store;
     long timediff;
     int itimeout;
@@ -265,8 +260,10 @@ CURLcode Curl_wait_for_resolv(struct connectdata *conn,
       timeout = -1; /* trigger the cancel below */
     }
     else {
-      timediff = Curl_tvdiff(Curl_tvnow(), now); /* spent time */
+      struct timeval now2 = Curl_tvnow();
+      timediff = Curl_tvdiff(now2, now); /* spent time */
       timeout -= timediff?timediff:1; /* always deduct at least 1 */
+      now = now2; /* for next loop */
     }
     if(timeout < 0) {
       /* our timeout, so we cancel the ares operation */
@@ -335,8 +332,17 @@ static void ares_query_completed_cb(void *arg,  /* (struct connectdata *) */
   (void)timeouts; /* ignored */
 #endif
 
-  if (status == CURL_ASYNC_SUCCESS) {
+  switch(status) {
+  case CURL_ASYNC_SUCCESS:
     ai = Curl_he2ai(hostent, conn->async.port);
+    break;
+  case ARES_EDESTRUCTION:
+    /* this ares handle is getting destroyed, the 'arg' pointer may not be
+       valid! */
+    return;
+  default:
+    /* do nothing */
+    break;
   }
 
   (void)Curl_addrinfo_callback(arg, status, ai);
@@ -378,7 +384,7 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
     return Curl_ip2addr(AF_INET6, &in6, hostname, port);
   }
 
-  switch(data->set.ip_version) {
+  switch(conn->ip_version) {
   default:
 #if ARES_VERSION >= 0x010601
     family = PF_UNSPEC; /* supported by c-ares since 1.6.1, so for older
@@ -401,13 +407,30 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
     Curl_safefree(conn->async.hostname);
     conn->async.hostname = bufp;
     conn->async.port = port;
-    conn->async.done = FALSE; /* not done */
-    conn->async.status = 0;   /* clear */
-    conn->async.dns = NULL;   /* clear */
+    conn->async.done = FALSE;   /* not done */
+    conn->async.status = 0;     /* clear */
+    conn->async.dns = NULL;     /* clear */
+    conn->async.temp_ai = NULL; /* clear */
 
-    /* areschannel is already setup in the Curl_open() function */
-    ares_gethostbyname(data->state.areschannel, hostname, family,
-                       (ares_host_callback)ares_query_completed_cb, conn);
+#ifdef ENABLE_IPV6 /* CURLRES_IPV6 */
+    if(family == PF_UNSPEC) {
+      conn->async.num_pending = 2;
+
+      /* areschannel is already setup in the Curl_open() function */
+      ares_gethostbyname(data->state.areschannel, hostname, PF_INET,
+                         ares_query_completed_cb, conn);
+      ares_gethostbyname(data->state.areschannel, hostname, PF_INET6,
+                         ares_query_completed_cb, conn);
+    }
+    else
+#endif /* CURLRES_IPV6 */
+    {
+      conn->async.num_pending = 1;
+
+      /* areschannel is already setup in the Curl_open() function */
+      ares_gethostbyname(data->state.areschannel, hostname, family,
+                         ares_query_completed_cb, conn);
+    }
 
     *waitp = 1; /* expect asynchronous response */
   }

lib/hostasyn.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -72,6 +72,20 @@
  **********************************************************************/
 #ifdef CURLRES_ASYNCH
 
+/*
+ * Cancel all possibly still on-going resolves for this connection.
+ */
+void Curl_async_cancel(struct connectdata *conn)
+{
+  /* If we have a "half" response already received, we first clear that off
+     so that nothing is tempted to use it */
+  if(conn->async.temp_ai) {
+    Curl_freeaddrinfo(conn->async.temp_ai);
+    conn->async.temp_ai = NULL;
+  }
+}
+
+
 /*
  * Curl_addrinfo_callback() gets called by ares, gethostbyname_thread()
  * or getaddrinfo_thread() when we got the name resolved (or not!).
@@ -82,7 +96,7 @@
  *
  * The storage operation locks and unlocks the DNS cache.
  */
-CURLcode Curl_addrinfo_callback(struct connectdata * conn,
+CURLcode Curl_addrinfo_callback(struct connectdata *conn,
                                 int status,
                                 struct Curl_addrinfo *ai)
 {
@@ -95,6 +109,24 @@ CURLcode Curl_addrinfo_callback(struct connectdata * conn,
     if(ai) {
       struct SessionHandle *data = conn->data;
 
+#if defined(ENABLE_IPV6) && defined(CURLRES_ARES) /* CURLRES_IPV6 */
+      Curl_addrinfo *ai_tail = ai;
+
+      while (ai_tail->ai_next)
+        ai_tail = ai_tail->ai_next;
+
+      /* Add the new results to the list of old results. */
+      ai_tail->ai_next = conn->async.temp_ai;
+      conn->async.temp_ai = ai;
+
+      if(--conn->async.num_pending > 0)
+        /* We are not done yet. Just return. */
+        return CURLE_OK;
+
+      /* make sure the temp pointer is cleared and isn't pointing to something
+         we take care of below */
+      conn->async.temp_ai = NULL;
+#endif
       if(data->share)
         Curl_share_lock(data, CURL_LOCK_DATA_DNS, CURL_LOCK_ACCESS_SINGLE);
 
@@ -110,9 +142,53 @@ CURLcode Curl_addrinfo_callback(struct connectdata * conn,
       if(data->share)
         Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
     }
-    else
+    else {
+#if defined(ENABLE_IPV6) && defined(CURLRES_ARES) /* CURLRES_IPV6 */
+      if(--conn->async.num_pending > 0) {
+        /* We are not done yet. Clean up and return.
+	   This function will be called again. */
+        if(conn->async.temp_ai) {
+          Curl_freeaddrinfo(conn->async.temp_ai);
+          conn->async.temp_ai = NULL;
+        }
+        return CURLE_OUT_OF_MEMORY;
+      }
+#endif
       rc = CURLE_OUT_OF_MEMORY;
+    }
   }
+#if defined(ENABLE_IPV6) && defined(CURLRES_ARES) /* CURLRES_IPV6 */
+  else
+  {
+      if(--conn->async.num_pending > 0)
+        /* We are not done yet. Just return. */
+        return CURLE_OK;
+
+      if(conn->async.temp_ai) {
+        /* We are done, and while this latest request
+           failed, some previous results exist. */
+        struct SessionHandle *data = conn->data;
+
+        if(data->share)
+          Curl_share_lock(data, CURL_LOCK_DATA_DNS, CURL_LOCK_ACCESS_SINGLE);
+
+        dns = Curl_cache_addr(data, conn->async.temp_ai,
+                              conn->async.hostname,
+                              conn->async.port);
+        if(!dns) {
+          /* failed to store, cleanup and return error */
+          Curl_freeaddrinfo(conn->async.temp_ai);
+          rc = CURLE_OUT_OF_MEMORY;
+        }
+        if(data->share)
+          Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
+
+        /* make sure the temp pointer is cleared and isn't pointing to
+           something we've taken care of already */
+        conn->async.temp_ai = NULL;
+      }
+  }
+#endif
 
   conn->async.dns = dns;
 

lib/hostip.c

@@ -67,6 +67,7 @@
 #include "strerror.h"
 #include "url.h"
 #include "inet_ntop.h"
+#include "warnless.h"
 
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -366,7 +367,7 @@ Curl_cache_addr(struct SessionHandle *data,
   dns = dns2;
   dns->inuse++;         /* mark entry as in-use */
 
-  /* free the allocated entry_id again */
+  /* free the allocated entry_id */
   free(entry_id);
 
   return dns;
@@ -421,6 +422,9 @@ int Curl_resolv(struct connectdata *conn,
   /* See if its already in our dns cache */
   dns = Curl_hash_pick(data->dns.hostcache, entry_id, entry_len+1);
 
+  /* free the allocated entry_id again */
+  free(entry_id);
+
   /* See whether the returned entry is stale. Done before we release lock */
   if( remove_entry_if_stale(data, dns) )
     dns = NULL; /* the memory deallocation is being handled by the hash */
@@ -433,9 +437,6 @@ int Curl_resolv(struct connectdata *conn,
   if(data->share)
     Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
 
-  /* free the allocated entry_id again */
-  free(entry_id);
-
   if(!dns) {
     /* The entry was not in the cache. Resolve it to IP address */
 
@@ -444,7 +445,7 @@ int Curl_resolv(struct connectdata *conn,
 
     /* Check what IP specifics the app has requested and if we can provide it.
      * If not, bail out. */
-    if(!Curl_ipvalid(data))
+    if(!Curl_ipvalid(conn))
       return CURLRESOLV_ERROR;
 
     /* If Curl_getaddrinfo() returns NULL, 'respwait' might be set to a
@@ -597,7 +598,7 @@ int Curl_resolv_timeout(struct connectdata *conn,
 
   /* alarm() makes a signal get sent when the timeout fires off, and that
      will abort system calls */
-  prev_alarm = alarm((unsigned int) (timeout/1000L));
+  prev_alarm = alarm(curlx_sltoui(timeout/1000L));
 
   /* This allows us to time-out from the name resolver, as the timeout
      will generate a signal and we will siglongjmp() from that here.

lib/hostip.h

@@ -70,6 +70,12 @@ struct hostent;
 struct SessionHandle;
 struct connectdata;
 
+#ifdef CURLRES_ASYNCH
+void Curl_async_cancel(struct connectdata *conn);
+#else
+#define Curl_async_cancel(x) do {} while(0)
+#endif
+
 /*
  * Curl_global_host_cache_init() initializes and sets up a global DNS cache.
  * Global DNS cache is general badness. Do not use. This will be removed in
@@ -111,7 +117,7 @@ int Curl_resolv_timeout(struct connectdata *conn, const char *hostname,
  * Curl_ipvalid() checks what CURL_IPRESOLVE_* requirements that might've
  * been set and returns TRUE if they are OK.
  */
-bool Curl_ipvalid(struct SessionHandle *data);
+bool Curl_ipvalid(struct connectdata *conn);
 
 /*
  * Curl_getaddrinfo() is the generic low-level name resolve API within this

lib/hostip4.c

@@ -77,9 +77,9 @@
  * Curl_ipvalid() checks what CURL_IPRESOLVE_* requirements that might've
  * been set and returns TRUE if they are OK.
  */
-bool Curl_ipvalid(struct SessionHandle *data)
+bool Curl_ipvalid(struct connectdata *conn)
 {
-  if(data->set.ip_version == CURL_IPRESOLVE_V6)
+  if(conn->ip_version == CURL_IPRESOLVE_V6)
     /* an ipv6 address was requested and we can't get/use one */
     return FALSE;
 

lib/hostip6.c

@@ -112,9 +112,9 @@ int curl_dogetnameinfo(GETNAMEINFO_QUAL_ARG1 GETNAMEINFO_TYPE_ARG1 sa,
  * Curl_ipvalid() checks what CURL_IPRESOLVE_* requirements that might've
  * been set and returns TRUE if they are OK.
  */
-bool Curl_ipvalid(struct SessionHandle *data)
+bool Curl_ipvalid(struct connectdata *conn)
 {
-  if(data->set.ip_version == CURL_IPRESOLVE_V6) {
+  if(conn->ip_version == CURL_IPRESOLVE_V6) {
     /* see if we have an IPv6 stack */
     curl_socket_t s = socket(PF_INET6, SOCK_DGRAM, 0);
     if(s == CURL_SOCKET_BAD)
@@ -174,7 +174,7 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
   /*
    * Check if a limited name resolve has been requested.
    */
-  switch(data->set.ip_version) {
+  switch(conn->ip_version) {
   case CURL_IPRESOLVE_V4:
     pf = PF_INET;
     break;

lib/hostthre.c

@@ -518,7 +518,7 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
   /*
    * Check if a limited name resolve has been requested.
    */
-  switch(data->set.ip_version) {
+  switch(conn->ip_version) {
   case CURL_IPRESOLVE_V4:
     pf = PF_INET;
     break;

lib/http.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -98,6 +98,7 @@
 #include "rawstr.h"
 #include "content_encoding.h"
 #include "rtsp.h"
+#include "warnless.h"
 
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -519,7 +520,7 @@ output_auth_headers(struct connectdata *conn,
   struct SessionHandle *data = conn->data;
   const char *auth=NULL;
   CURLcode result = CURLE_OK;
-#ifdef HAVE_GSSAPI
+#ifdef USE_HTTP_NEGOTIATE
   struct negotiatedata *negdata = proxy?
     &data->state.proxyneg:&data->state.negotiate;
 #endif
@@ -529,7 +530,7 @@ output_auth_headers(struct connectdata *conn,
   (void)path;
 #endif
 
-#ifdef HAVE_GSSAPI
+#ifdef USE_HTTP_NEGOTIATE
   if((authstatus->picked == CURLAUTH_GSSNEGOTIATE) &&
      negdata->context && !GSS_ERROR(negdata->status)) {
     auth="GSS-Negotiate";
@@ -726,7 +727,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
    *
    */
 
-#ifdef HAVE_GSSAPI
+#ifdef USE_HTTP_NEGOTIATE
   if(checkprefix("GSS-Negotiate", start) ||
       checkprefix("Negotiate", start)) {
     int neg;
@@ -1880,10 +1881,22 @@ static int https_getsock(struct connectdata *conn,
   (void)numsocks;
   return GETSOCK_BLANK;
 }
-#endif
-#endif
-#endif
-#endif
+#else
+#ifdef USE_AXTLS
+static int https_getsock(struct connectdata *conn,
+                         curl_socket_t *socks,
+                         int numsocks)
+{
+  (void)conn;
+  (void)socks;
+  (void)numsocks;
+  return GETSOCK_BLANK;
+}
+#endif /* USE_AXTLS */
+#endif /* USE_POLARSSL */
+#endif /* USE_QSOSSL */
+#endif /* USE_NSS */
+#endif /* USE_SSLEAY || USE_GNUTLS */
 
 /*
  * Curl_http_done() gets called from Curl_done() after a single HTTP request
@@ -2039,9 +2052,17 @@ CURLcode Curl_add_custom_headers(struct connectdata *conn,
 CURLcode Curl_add_timecondition(struct SessionHandle *data,
                                 Curl_send_buffer *req_buffer)
 {
-  struct tm *tm;
+  const struct tm *tm;
   char *buf = data->state.buffer;
   CURLcode result = CURLE_OK;
+  struct tm keeptime;
+
+  result = Curl_gmtime(data->set.timevalue, &keeptime);
+  if(result) {
+    failf(data, "Invalid TIMEVALUE\n");
+    return result;
+  }
+  tm = &keeptime;
 
   /* The If-Modified-Since header family should have their times set in
    * GMT as RFC2616 defines: "All HTTP date/time stamps MUST be
@@ -2050,14 +2071,6 @@ CURLcode Curl_add_timecondition(struct SessionHandle *data,
    * Time)." (see page 20 of RFC2616).
    */
 
-#ifdef HAVE_GMTIME_R
-  /* thread-safe version */
-  struct tm keeptime;
-  tm = (struct tm *)gmtime_r(&data->set.timevalue, &keeptime);
-#else
-  tm = gmtime(&data->set.timevalue);
-#endif
-
   /* format: "Tue, 15 Nov 1994 12:45:26 GMT" */
   snprintf(buf, BUFSIZE-1,
            "%s, %02d %s %4d %02d:%02d:%02d GMT",
@@ -2375,19 +2388,15 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
 #endif /* CURL_DISABLE_PROXY */
 
   if(HTTPREQ_POST_FORM == httpreq) {
-    /* we must build the whole darned post sequence first, so that we have
-       a size of the whole shebang before we start to send it */
-     result = Curl_getFormData(&http->sendit, data->set.httppost,
-                               Curl_checkheaders(data, "Content-Type:"),
-                               &http->postsize);
-     if(CURLE_OK != result) {
-       /* Curl_getFormData() doesn't use failf() */
-       failf(data, "failed creating formpost data");
-       return result;
-     }
+    /* we must build the whole post sequence first, so that we have a size of
+       the whole transfer before we start to send it */
+    result = Curl_getformdata(data, &http->sendit, data->set.httppost,
+                              Curl_checkheaders(data, "Content-Type:"),
+                              &http->postsize);
+    if(result)
+      return result;
   }
 
-
   http->p_accept = Curl_checkheaders(data, "Accept:")?NULL:"Accept: */*\r\n";
 
   if(( (HTTPREQ_POST == httpreq) ||
@@ -2428,27 +2437,25 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
         /* when seekerr == CURL_SEEKFUNC_CANTSEEK (can't seek to offset) */
         else {
           curl_off_t passed=0;
-
           do {
-            size_t readthisamountnow = (size_t)(data->state.resume_from -
-                                                passed);
-            size_t actuallyread;
+            size_t readthisamountnow =
+              (data->state.resume_from - passed > CURL_OFF_T_C(BUFSIZE)) ?
+              BUFSIZE : curlx_sotouz(data->state.resume_from - passed);
 
-            if(readthisamountnow > BUFSIZE)
-              readthisamountnow = BUFSIZE;
-
-            actuallyread = data->set.fread_func(data->state.buffer, 1,
-                                                (size_t)readthisamountnow,
-                                                data->set.in);
+            size_t actuallyread =
+              data->set.fread_func(data->state.buffer, 1, readthisamountnow,
+                                   data->set.in);
 
             passed += actuallyread;
-            if(actuallyread != readthisamountnow) {
+            if((actuallyread == 0) || (actuallyread > readthisamountnow)) {
+              /* this checks for greater-than only to make sure that the
+                 CURL_READFUNC_ABORT return code still aborts */
               failf(data, "Could only read %" FORMAT_OFF_T
                     " bytes from the input",
                     passed);
               return CURLE_READ_ERROR;
             }
-          } while(passed != data->state.resume_from); /* loop until done */
+          } while(passed < data->state.resume_from);
         }
       }
 
@@ -2647,7 +2654,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
 #endif
 
   if(data->set.timecondition) {
-      result = Curl_add_timecondition(data, req_buffer);
+    result = Curl_add_timecondition(data, req_buffer);
     if(result)
       return result;
   }
@@ -3716,7 +3723,8 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data,
         return result;
     }
     else if((k->httpcode >= 300 && k->httpcode < 400) &&
-            checkprefix("Location:", k->p)) {
+            checkprefix("Location:", k->p) &&
+            !data->req.location) {
       /* this is the URL that the server advises us to use instead */
       char *location = Curl_copy_header_value(k->p);
       if (!location)
@@ -3725,7 +3733,6 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data,
         /* ignore empty data */
         free(location);
       else {
-        DEBUGASSERT(!data->req.location);
         data->req.location = location;
 
         if(data->set.http_follow_location) {

lib/http_chunks.c

@@ -342,7 +342,6 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
             return CHUNKE_OUT_OF_MEMORY;
           conn->trailer = ptr;
         }
-        fprintf(stderr, "MOO: %c\n", *datap);
         conn->trailer[conn->trlPos++]=*datap;
       }
       datap++;