RELEASE-NOTES: synced with ef60fdbd73

Just before 7.26.0 is about to ship
smtp: Fixed an issue with the multi-interface always sending postdata
2012-05-24 18:04:41 +02:00 · 2012-05-22 22:08:25 +01:00 · 2012-05-22 20:20:59 +01:00 · 2012-05-22 16:40:09 +02:00 · 2012-05-22 11:56:19 +02:00 · 2012-05-22 11:12:25 +02:00
619 changed files with 41623 additions and 20580 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -14,6 +14,7 @@ Makefile
 Makefile.in
 aclocal.m4
 autom4te.cache
+config.cache
 config.guess
 config.log
 config.status
--- a/Android.mk
+++ b/Android.mk
@@ -2,7 +2,7 @@
 #
 # Place the curl source (including this makefile) into external/curl/ in the
 # Android source tree.  Then build them with 'make curl' or just 'make libcurl'
-# from the Android root. Tested with Android 1.5 and 2.1
+# from the Android root. Tested with Android versions 1.5, 2.1-2.3
 #
 # Note: you must first create a curl_config.h file by running configure in the
 # Android environment. The only way I've found to do this is tricky. Perform a
@@ -42,7 +42,7 @@
 # into the right place (but see the note about this below).
 #
 # Dan Fandrich
-# August 2010
+# November 2011

 LOCAL_PATH:= $(call my-dir)

@@ -62,8 +62,7 @@ CURL_HEADERS := \
 	mprintf.h \
 	multi.h \
 	stdcheaders.h \
-	typecheck-gcc.h \
-	types.h
+	typecheck-gcc.h

 LOCAL_SRC_FILES := $(addprefix lib/,$(CSOURCES))
 LOCAL_C_INCLUDES += $(LOCAL_PATH)/include/
@@ -73,6 +72,7 @@ LOCAL_COPY_HEADERS_TO := libcurl/curl
 LOCAL_COPY_HEADERS := $(addprefix include/curl/,$(CURL_HEADERS))

 LOCAL_MODULE:= libcurl
+LOCAL_MODULE_TAGS := optional

 # Copy the licence to a place where Android will find it.
 # Actually, this doesn't quite work because the build system searches
@@ -93,6 +93,7 @@ include $(LOCAL_PATH)/src/Makefile.inc
 LOCAL_SRC_FILES := $(addprefix src/,$(CURL_CFILES))

 LOCAL_MODULE := curl
+LOCAL_MODULE_TAGS := optional
 LOCAL_STATIC_LIBRARIES := libcurl
 LOCAL_SYSTEM_SHARED_LIBRARIES := libc

--- a/CMake/FindCARES.cmake
+++ b/CMake/FindCARES.cmake
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -23,7 +23,6 @@ include(Utilities)

 project( CURL C )

-
 file (READ ${CURL_SOURCE_DIR}/include/curl/curlver.h CURL_VERSION_H_CONTENTS)
 string (REGEX MATCH "LIBCURL_VERSION_MAJOR[ \t]+([0-9]+)"
  LIBCURL_VERSION_MJ ${CURL_VERSION_H_CONTENTS})
@@ -58,10 +57,6 @@ set(OS "\"${CMAKE_SYSTEM_NAME}\"")
 include_directories(${PROJECT_BINARY_DIR}/include/curl)
 include_directories( ${CURL_SOURCE_DIR}/include )

-if(WIN32)
-  set(NATIVE_WINDOWS ON)
-endif()
-
 option(BUILD_CURL_EXE "Set to ON to build cURL executable." ON)
 option(BUILD_CURL_TESTS "Set to ON to build cURL tests." ON)
 option(CURL_STATICLIB "Set to ON to build libcurl with static linking." OFF)
@@ -114,22 +109,11 @@ mark_as_advanced(CURL_DISABLE_HTTP)

 option(CURL_DISABLE_LDAPS "to disable LDAPS" OFF)
 mark_as_advanced(CURL_DISABLE_LDAPS)
-if(WIN32)
-  set(CURL_DEFAULT_DISABLE_LDAP OFF)
-  # some windows compilers do not have wldap32
-  if( NOT HAVE_WLDAP32)
-    set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE)
-    message(STATUS "wldap32 not found CURL_DISABLE_LDAP set ON")
-    option(CURL_LDAP_WIN "Use Windows LDAP implementation" OFF)
-  else()
-    option(CURL_LDAP_WIN "Use Windows LDAP implementation" ON)
-  endif()
-  mark_as_advanced(CURL_LDAP_WIN)
-endif()

 if(HTTP_ONLY)
  set(CURL_DISABLE_FTP ON)
  set(CURL_DISABLE_LDAP ON)
+  set(CURL_DISABLE_LDAPS ON)
  set(CURL_DISABLE_TELNET ON)
  set(CURL_DISABLE_DICT ON)
  set(CURL_DISABLE_FILE ON)
@@ -149,6 +133,8 @@ option(ENABLE_IPV6 "Define if you want to enable IPv6 support" OFF)
 mark_as_advanced(ENABLE_IPV6)

 if(WIN32)
+  # Windows standard libraries are located in C:/Program Files/Microsoft SDKs/[...]
+  # They are already included in the default MSVC LIBPATH => no find_library is needed!
  list_spaces_append_once(CMAKE_C_STANDARD_LIBRARIES wsock32.lib ws2_32.lib)  # bufferoverflowu.lib
  if(CURL_DISABLE_LDAP)
    # Remove wldap32.lib from space-separated list
@@ -191,12 +177,12 @@ if(WIN32)
 endif(WIN32)

 # This macro checks if the symbol exists in the library and if it
-# does, it appends library to the list.
+# does, it prepends library to the list.
 macro(CHECK_LIBRARY_EXISTS_CONCAT LIBRARY SYMBOL VARIABLE)
-  check_library_exists("${LIBRARY};${CURL_LIBS}" ${SYMBOL} ""
+  check_library_exists("${LIBRARY};${CURL_LIBS}" ${SYMBOL} "${CMAKE_LIBRARY_PATH}"
    ${VARIABLE})
  if(${VARIABLE})
-    set(CURL_LIBS ${CURL_LIBS} ${LIBRARY})
+    set(CURL_LIBS ${LIBRARY} ${CURL_LIBS})
  endif(${VARIABLE})
 endmacro(CHECK_LIBRARY_EXISTS_CONCAT)

@@ -220,29 +206,24 @@ check_library_exists_concat("ws2_32" getch        HAVE_LIBWS2_32)
 check_library_exists_concat("winmm"  getch        HAVE_LIBWINMM)
 check_library_exists("wldap32" cldap_open "" HAVE_WLDAP32)

+if(WIN32)
+  set(CURL_DEFAULT_DISABLE_LDAP OFF)
+  # some windows compilers do not have wldap32
+  if(NOT HAVE_WLDAP32)
+    set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE)
+    message(STATUS "wldap32 not found CURL_DISABLE_LDAP set ON")
+    option(CURL_LDAP_WIN "Use Windows LDAP implementation" OFF)
+  else()
+    option(CURL_LDAP_WIN "Use Windows LDAP implementation" ON)
+  endif()
+  mark_as_advanced(CURL_LDAP_WIN)
+endif()
+
+
 # IF(NOT CURL_SPECIAL_LIBZ)
 #  CHECK_LIBRARY_EXISTS_CONCAT("z"      inflateEnd   HAVE_LIBZ)
 # ENDIF(NOT CURL_SPECIAL_LIBZ)

-option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ON)
-mark_as_advanced(CMAKE_USE_OPENSSL)
-if(CMAKE_USE_OPENSSL)
-  if(WIN32)
-    find_package(OpenSSL)
-    if(OPENSSL_FOUND)
-      set(USE_SSLEAY TRUE)
-      set(USE_OPENSSL TRUE)
-      list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES} )
-    else()
-      set(CMAKE_USE_OPENSSL FALSE)
-      message(STATUS "OpenSSL NOT Found, disabling CMAKE_USE_OPENSSL")
-    endif()
-  else(WIN32)
-    check_library_exists_concat("crypto" CRYPTO_lock  HAVE_LIBCRYPTO)
-    check_library_exists_concat("ssl"    SSL_connect  HAVE_LIBSSL)
-  endif(WIN32)
-endif(CMAKE_USE_OPENSSL)
-
 # Check for idn
 check_library_exists_concat("idn" idna_to_ascii_lz HAVE_LIBIDN)

@@ -271,6 +252,25 @@ if(CURL_ZLIB)  # AND CURL_CONFIG_HAS_BEEN_RUN_BEFORE
  endif()
 endif()

+option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ON)
+mark_as_advanced(CMAKE_USE_OPENSSL)
+if(CMAKE_USE_OPENSSL)
+  if(WIN32)
+    find_package(OpenSSL)
+    if(OPENSSL_FOUND)
+      set(USE_SSLEAY TRUE)
+      set(USE_OPENSSL TRUE)
+      list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES} )
+    else()
+      set(CMAKE_USE_OPENSSL FALSE)
+      message(STATUS "OpenSSL NOT Found, disabling CMAKE_USE_OPENSSL")
+    endif()
+  else(WIN32)
+    check_library_exists_concat("crypto" CRYPTO_lock  HAVE_LIBCRYPTO)
+    check_library_exists_concat("ssl"    SSL_connect  HAVE_LIBSSL)
+  endif(WIN32)
+endif(CMAKE_USE_OPENSSL)
+
 # If we have features.h, then do the _BSD_SOURCE magic
 check_include_file("features.h"       HAVE_FEATURES_H)

@@ -386,6 +386,13 @@ if(NOT HAVE_LDAP_H)
  set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE)
 endif()

+# No ldap, no ldaps.
+if(CURL_DISABLE_LDAP)
+  if(NOT CURL_DISABLE_LDAPS)
+    message(STATUS "LDAP needs to be enabled to support LDAPS")
+    set(CURL_DISABLE_LDAPS ON CACHE BOOL "" FORCE)
+  endif()
+endif()

 check_type_size(size_t  SIZEOF_SIZE_T)
 check_type_size(ssize_t  SIZEOF_SSIZE_T)
@@ -425,7 +432,7 @@ if(SIZEOF_LONG EQUAL 8)
  set(CURL_FORMAT_CURL_OFF_TU "lu")
  set(CURL_FORMAT_OFF_T "%ld")
  set(CURL_SUFFIX_CURL_OFF_T L)
-  set(CURL_SUFFIX_CURL_OFF_TU LU)
+  set(CURL_SUFFIX_CURL_OFF_TU UL)
 endif(SIZEOF_LONG EQUAL 8)

 if(SIZEOF_LONG_LONG EQUAL 8)
@@ -435,7 +442,7 @@ if(SIZEOF_LONG_LONG EQUAL 8)
  set(CURL_FORMAT_CURL_OFF_TU "llu")
  set(CURL_FORMAT_OFF_T "%lld")
  set(CURL_SUFFIX_CURL_OFF_T LL)
-  set(CURL_SUFFIX_CURL_OFF_TU LLU)
+  set(CURL_SUFFIX_CURL_OFF_TU ULL)
 endif(SIZEOF_LONG_LONG EQUAL 8)

 if(NOT CURL_TYPEOF_CURL_OFF_T)
@@ -852,3 +859,13 @@ endif()
 if(NOT CURL_CONFIG_HAS_BEEN_RUN_BEFORE)
  set(CURL_CONFIG_HAS_BEEN_RUN_BEFORE 1 CACHE INTERNAL "Flag to track whether this is the first time running CMake or if CMake has been configured before")
 endif()
+
+# Installation.
+# First, install generated curlbuild.h
+install(FILES "${CMAKE_CURRENT_BINARY_DIR}/include/curl/curlbuild.h"
+    DESTINATION include/curl )
+# Next, install other headers excluding curlbuild.h
+install(DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}/include/curl"
+    DESTINATION include
+    FILES_MATCHING PATTERN "*.h"
+    PATTERN "curlbuild.h" EXCLUDE)
--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 COPYRIGHT AND PERMISSION NOTICE

-Copyright (c) 1996 - 2011, Daniel Stenberg, <daniel@haxx.se>.
+Copyright (c) 1996 - 2012, Daniel Stenberg, <daniel@haxx.se>.

 All rights reserved.

--- a/Makefile.am
+++ b/Makefile.am
@@ -36,12 +36,12 @@ winbuild/MakefileBuild.vc winbuild/Makefile.vc
 EXTRA_DIST = CHANGES COPYING maketgz Makefile.dist curl-config.in	\
 curl-style.el sample.emacs RELEASE-NOTES buildconf 	\
 libcurl.pc.in vc6curl.dsw MacOSX-Framework Android.mk $(CMAKE_DIST)	\
- Makefile.msvc.names $(WINBUILD_DIST)
+ Makefile.msvc.names $(WINBUILD_DIST) lib/libcurl.vers.in

 bin_SCRIPTS = curl-config

-SUBDIRS = lib src
-DIST_SUBDIRS = $(SUBDIRS) tests include packages docs
+SUBDIRS = lib src include
+DIST_SUBDIRS = $(SUBDIRS) tests packages docs

 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libcurl.pc
@@ -155,3 +155,7 @@ ca-bundle: lib/mk-ca-bundle.pl
 ca-firefox: lib/firefox-db2pem.sh
 	@echo "generate a fresh ca-bundle.crt"
 	./lib/firefox-db2pem.sh lib/ca-bundle.crt
+
+checksrc:
+	cd lib && $(MAKE) checksrc
+	cd src && $(MAKE) checksrc
--- a/Makefile.dist
+++ b/Makefile.dist
@@ -70,29 +70,22 @@ mingw32:
 	$(MAKE) -C lib -f Makefile.m32
 	$(MAKE) -C src -f Makefile.m32

-mingw32-zlib:
-	$(MAKE) -C lib -f Makefile.m32 ZLIB=1
-	$(MAKE) -C src -f Makefile.m32 ZLIB=1
-
-mingw32-ssl-zlib:
-	$(MAKE) -C lib -f Makefile.m32 SSL=1 ZLIB=1
-	$(MAKE) -C src -f Makefile.m32 SSL=1 ZLIB=1
-
-mingw32-ssh2-ssl-zlib:
-	$(MAKE) -C lib -f Makefile.m32 SSH2=1 SSL=1 ZLIB=1
-	$(MAKE) -C src -f Makefile.m32 SSH2=1 SSL=1 ZLIB=1
-
-mingw32-ssh2-ssl-sspi-zlib:
-	$(MAKE) -C lib -f Makefile.m32 SSH2=1 SSL=1 SSPI=1 ZLIB=1
-	$(MAKE) -C src -f Makefile.m32 SSH2=1 SSL=1 SSPI=1 ZLIB=1
-
-mingw32-rtmp-ssh2-ssl-sspi-zlib:
-	$(MAKE) -C lib -f Makefile.m32 RTMP=1 SSH2=1 SSL=1 SSPI=1 ZLIB=1
-	$(MAKE) -C src -f Makefile.m32 RTMP=1 SSH2=1 SSL=1 SSPI=1 ZLIB=1
-
 mingw32-clean:
 	$(MAKE) -C lib -f Makefile.m32 clean
 	$(MAKE) -C src -f Makefile.m32 clean
+	$(MAKE) -C docs/examples -f Makefile.m32 clean
+
+mingw32-vclean mingw32-distclean:
+	$(MAKE) -C lib -f Makefile.m32 vclean
+	$(MAKE) -C src -f Makefile.m32 vclean
+	$(MAKE) -C docs/examples -f Makefile.m32 vclean
+
+mingw32-examples%:
+	$(MAKE) -C docs/examples -f Makefile.m32 CFG=$@
+
+mingw32%:
+	$(MAKE) -C lib -f Makefile.m32 CFG=$@
+	$(MAKE) -C src -f Makefile.m32 CFG=$@

 vc-clean: $(VC)
 	cd lib
@@ -229,34 +222,27 @@ netware:
 	$(MAKE) -C lib -f Makefile.netware
 	$(MAKE) -C src -f Makefile.netware

-netware-ares:
-	$(MAKE) -C lib -f Makefile.netware WITH_ARES=1
-	$(MAKE) -C src -f Makefile.netware WITH_ARES=1
-
-netware-ssl:
-	$(MAKE) -C lib -f Makefile.netware WITH_SSL=1
-	$(MAKE) -C src -f Makefile.netware WITH_SSL=1
-
-netware-ssl-zlib:
-	$(MAKE) -C lib -f Makefile.netware WITH_SSL=1 WITH_ZLIB=1
-	$(MAKE) -C src -f Makefile.netware WITH_SSL=1 WITH_ZLIB=1
-
-netware-ssh2-ssl-zlib:
-	$(MAKE) -C lib -f Makefile.netware WITH_SSH2=1 WITH_SSL=1 WITH_ZLIB=1
-	$(MAKE) -C src -f Makefile.netware WITH_SSH2=1 WITH_SSL=1 WITH_ZLIB=1
-
-netware-zlib:
-	$(MAKE) -C lib -f Makefile.netware WITH_ZLIB=1
-	$(MAKE) -C src -f Makefile.netware WITH_ZLIB=1
-
 netware-clean:
 	$(MAKE) -C lib -f Makefile.netware clean
 	$(MAKE) -C src -f Makefile.netware clean
+	$(MAKE) -C docs/examples -f Makefile.netware clean
+
+netware-vclean netware-distclean:
+	$(MAKE) -C lib -f Makefile.netware vclean
+	$(MAKE) -C src -f Makefile.netware vclean
+	$(MAKE) -C docs/examples -f Makefile.netware vclean

 netware-install:
 	$(MAKE) -C lib -f Makefile.netware install
 	$(MAKE) -C src -f Makefile.netware install

+netware-examples-%:
+	$(MAKE) -C docs/examples -f Makefile.netware CFG=$@
+
+netware-%:
+	$(MAKE) -C lib -f Makefile.netware CFG=$@
+	$(MAKE) -C src -f Makefile.netware CFG=$@
+
 unix: all

 unix-ssl: ssl
--- a/128
+++ b/128
@@ -1,69 +1,54 @@
-Curl and libcurl 7.21.5
+Curl and libcurl 7.26.0

- Public curl releases:         121
- Command line options:         143
- curl_easy_setopt() options:   185
+ Public curl releases:         127
+ Command line options:         151
+ curl_easy_setopt() options:   199
 Public functions in libcurl:  58
 Known libcurl bindings:       39
- Contributors:                 854
+ Contributors:                 929

 This release includes the following changes:

- o SOCKOPTFUNCTION: callback can say already-connected
- o Added --netrc-file
- o Added (new) support for cyassl
- o TSL-SRP: enabled with OpenSSL
- o Added CURLE_NOT_BUILT_IN and CURLE_UNKNOWN_OPTION
+ o nss: the minimal supported version of NSS bumped to 3.12.x
+ o nss: human-readable names are now provided for NSS errors if available
+ o add a manual page for mk-ca-bundle
+ o added --post303 and the CURL_REDIR_POST_303 option for CURLOPT_POSTREDIR
+ o smtp: Add support for DIGEST-MD5 authentication
+ o pop3: Added support for additional pop3 commands

 This release includes the following bugfixes:

- o nss: avoid memory leak on SSL connection failure
- o nss: do not ignore failure of SSL handshake
- o multi: better failed connect handling when using FTP, SMTP, POP3 and IMAP
- o runtests.pl: fix pid number concatenation that prevented it from killing
-   the correct process at times
- o PolarSSL: Return 0 on receiving TLS CLOSE_NOTIFY alert
- o curl_easy_setopt.3: Removed wrong reference to CURLOPT_USERPASSWORD
- o multi: close connection on timeout
- o IMAP in multi mode does SSL connections non-blocking
- o honours the --disable-ldaps configure option
- o Force setopt constants written by --libcurl to be long
- o ssh_connect: treat libssh2 return code better
- o SFTP upload could stall the state machine when the multi_socket API was
-   used
- o SFTP and SCP could leak memory when used with the multi interface and 
-   the connection was closed
- o Added missing file to repair the MSVC makefiles
- o Fixed detection of recvfrom arguments on Android/bionic
- o GSS: handle reuse fix
- o transfer: avoid insane conversion of time_t
- o nss: do not ignore value of CURLOPT_SSL_VERIFYPEER in certain cases
- o SMTP-multi: non-blocking connect
- o SFTP-multi: set cselect for sftp and scp to fix "stall" risk
- o configure: removed wrongly claimed default paths
- o pop3: fixed torture tests to succeed
- o symbols-in-versions: many corrections
- o if a HTTP request gets retried because the connection was dead, rewind if
-   any data was sent as part of it
- o only probe for working ipv6 once and then re-use that info for further
-   requests
- o requests that are asked to bound to a local interface/port will no longer
-   wrongly re-use connections that aren't
- o libcurl.m4: Add missing quotes in AC_LINK_IFELSE
- o progress output: don't print the last update on a separate line
- o POP3: the command to send is STLS, not STARTTLS
- o POP3: PASS command was not sent after upgrade to TLS
- o configure: fix libtool warning
- o nss: allow to use multiple client certificates for a single host
- o HTTP pipelining: Fix handling of zero-length responses
- o Don't list NTLM in curl-config when HTTP is disabled
- o curl_easy_setopt.3: CURLOPT_RESOLVE typo version
- o OpenSSL: build fine with no-sslv2 versions
- o checkconnection: don't call with NULL pointer with RTSP and multi interface
- o Borland makefile updates
- o configure: libssh2 link fix without pkg-config
- o certinfo crash
- o CCC crash
+ o nss: libcurl now uses NSS_InitContext() to prevent collisions if available
+   [1]
+ o URL parse: reject numerical IPv6 addresses outside brackets [4]
+ o MD5: fix OOM memory leak [5]
+ o OpenSSL cert: provide more details when cert check fails
+ o HTTP: empty chunked POST ended up in two zero size chunks [6]
+ o fixed a regression when curl resolved to multiple addresses and the first
+   isn't supported [7]
+ o -# progress meter: avoid superfluous updates and duplicate lines [8]
+ o headers: surround GCC attribute names with double underscores [9]
+ o PolarSSL: correct return code for CRL matches
+ o PolarSSL: include version number in version string
+ o PolarSSL: add support for asynchronous connect
+ o mk-ca-bundle: revert the LWP usage [12]
+ o IPv6 cookie domain: get rid of the first bracket before the second
+ o connect.c: return changed to CURLE_COULDNT_CONNECT when opensocket fails
+ o OpenSSL: Made cert hostname check conform to RFC 6125 [10]
+ o HTTP: reset expected DL/UL sizes on redirects [11]
+ o CMake: fix Windows LDAP/LDAPS option handling [2]
+ o CMake: fix MS Visual Studio x64 unsigned long long literal suffix [3]
+ o configure: update detection logic of getaddrinfo() thread-safeness
+ o configure: check for gethostbyname in the watt lib
+ o curl-config.1: fix curl-config usage in example [13]
+ o smtp: Fixed non-escaping of dot character at beginning of line
+ o MakefileBuild.vc: use the correct IDN variable
+ o autoconf: improve handling of versioned symbols
+ o curl.1: clarify -x usage
+ o curl: shorten user-agent
+ o smtp: issue with the multi-interface always sending postdata [14]
+ o compile error with GnuTLS+Nettle fixed
+ o winbuild: fix IPv6 enabled build

 This release includes the following known bugs:

@@ -72,10 +57,29 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:

- Mike Crowe, Kamil Dudka, Julien Chaffraix, Hoi-Ho Chan, Ben Noordhuis,
- Dan Fandrich, Henry Ludemann, Karl M, Manuel Massing, Marcus Sundberg,
- Stefan Krause, Todd A Ouska, Saqib Ali, Andre Guibert de Bruet,
- Tor Arntsen, Vincent Torri, Dave Reisner, Chris Smowton, Tinus van den Berg,
- Hongli Lai, Gisle Vanem, Andrei Benea, Mehmet Bozkurt
+ Andrei Cipu, Armel Asselin, Benjamin Johnson, Dag Ekengren, Dave Reisner,
+ Gokhan Sengun, Guenter Knauf, Jan Schaumann, Jonathan Nieder, Kamil Dudka,
+ Lijo Antony, Olaf Flebbe, Rodrigo Silva, Steve Holme, Tatsuhiro Tsujikawa,
+ Tim Heckman, Yang Tse, Arnaud Compan, Blaise Potard, Daniel Theron,
+ Michael Mueller, Michael Wallner, Tim Heckman, Roman Mamedov, Julian Taylor,
+ Claes Jakobsson, Pierre Chapuis, Jan Ehrhardt

        Thanks! (and sorry if I forgot to mention someone)
+
+References to bug reports and discussions on issues:
+
+ [1] = https://bugzilla.redhat.com/738456
+ [2] = http://curl.haxx.se/mail/lib-2012-03/0278.html
+ [3] = http://curl.haxx.se/mail/lib-2012-03/0255.html
+ [4] = http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670126
+ [5] = http://curl.haxx.se/mail/lib-2012-04/0246.html
+ [6] = http://curl.haxx.se/mail/archive-2012-04/0060.html
+ [7] = http://curl.haxx.se/bug/view.cgi?id=3516508
+ [8] = http://curl.haxx.se/bug/view.cgi?id=3517418
+ [9] = http://curl.haxx.se/mail/lib-2012-04/0127.html
+ [10] = http://tools.ietf.org/html/rfc6125#section-6.4.3
+ [11] = http://curl.haxx.se/bug/view.cgi?id=3510057
+ [12] = http://curl.haxx.se/mail/lib-2012-03/0238.html
+ [13] = http://curl.haxx.se/bug/view.cgi?id=3528241
+ [14] = http://curl.haxx.se/mail/lib-2012-05/0108.html
+ 
--- a/17
+++ b/17
@@ -1,15 +1,10 @@
-To be addressed in 7.21.6
-=========================
+To be addressed in 7.27
+=======================

-284 - bug 3172608 "No re-authentication when HTTP connecton is closed"
-      http://curl.haxx.se/bug/view.cgi?id=3172608
-      Would be nice if someone could verify the suggested patch
+309 - metalink support for the curl tool

-285 - bug 3163118 "Allow programatic use of telnet on Windows"
-      http://curl.haxx.se/bug/view.cgi?id=3163118
-      Would appreciate a Windows developer to give it a look before we apply
-      the suggested patch
+310 - a new authentication callback

-287 - bug 3215314 Post quote operation to rename fails in Windows
+311 - support for SSPI schannel for SSL on windows

-289 -
+312 - 
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -51,7 +51,7 @@ CURL_DEF_TOKEN $1
  ],[
    tmp_exp=`eval "$ac_cpp conftest.$ac_ext" 2>/dev/null | \
      "$GREP" CURL_DEF_TOKEN 2>/dev/null | \
-      "$SED" 's/.*CURL_DEF_TOKEN[[ ]]//' 2>/dev/null | \
+      "$SED" 's/.*CURL_DEF_TOKEN[[ ]][[ ]]*//' 2>/dev/null | \
      "$SED" 's/[["]][[ ]]*[["]]//g' 2>/dev/null`
    if test -z "$tmp_exp" || test "$tmp_exp" = "$1"; then
      tmp_exp=""
@@ -228,12 +228,7 @@ AC_DEFUN([CURL_CHECK_NATIVE_WINDOWS], [
      ])
    fi
  ])
-  case "$ac_cv_native_windows" in
-    yes)
-      AC_DEFINE_UNQUOTED(NATIVE_WINDOWS, 1,
-        [Define to 1 if you are building a native Windows target.])
-      ;;
-  esac
+  AM_CONDITIONAL(DOING_NATIVE_WINDOWS, test "x$ac_cv_native_windows" = xyes)
 ])


@@ -1663,7 +1658,7 @@ AC_DEFUN([CURL_CHECK_FUNC_RECVFROM], [
          for recvfrom_arg2 in 'char *' 'void *'; do
            for recvfrom_arg3 in 'size_t' 'int' 'socklen_t' 'unsigned int'; do
              for recvfrom_arg4 in 'int' 'unsigned int'; do
-                for recvfrom_arg5 in 'const struct sockaddr *' 'struct sockaddr *' 'void *'; do
+                for recvfrom_arg5 in 'struct sockaddr *' 'void *' 'const struct sockaddr *'; do
                  for recvfrom_arg6 in 'socklen_t *' 'int *' 'unsigned int *' 'size_t *' 'void *'; do
                    if test "$curl_cv_func_recvfrom_args" = "unknown"; then
                      AC_COMPILE_IFELSE([
@@ -1731,7 +1726,7 @@ AC_DEFUN([CURL_CHECK_FUNC_RECVFROM], [
      shift
      #
      recvfrom_ptrt_arg2=$[2]
-      recvfrom_ptrt_arg5=$[5]
+      recvfrom_qual_ptrt_arg5=$[5]
      recvfrom_ptrt_arg6=$[6]
      #
      AC_DEFINE_UNQUOTED(RECVFROM_TYPE_ARG1, $[1],
@@ -1753,12 +1748,25 @@ AC_DEFUN([CURL_CHECK_FUNC_RECVFROM], [
          ;;
      esac
      #
+      case "$recvfrom_qual_ptrt_arg5" in
+        const*)
+          recvfrom_qual_arg5=const
+          recvfrom_ptrt_arg5=`echo $recvfrom_qual_ptrt_arg5 | sed 's/^const //'`
+        ;;
+        *)
+          recvfrom_qual_arg5=
+          recvfrom_ptrt_arg5=$recvfrom_qual_ptrt_arg5
+        ;;
+      esac
+      #
      recvfrom_type_arg2=`echo $recvfrom_ptrt_arg2 | sed 's/ \*//'`
      recvfrom_type_arg5=`echo $recvfrom_ptrt_arg5 | sed 's/ \*//'`
      recvfrom_type_arg6=`echo $recvfrom_ptrt_arg6 | sed 's/ \*//'`
      #
      AC_DEFINE_UNQUOTED(RECVFROM_TYPE_ARG2, $recvfrom_type_arg2,
        [Define to the type pointed by arg 2 for recvfrom.])
+      AC_DEFINE_UNQUOTED(RECVFROM_QUAL_ARG5, $recvfrom_qual_arg5,
+        [Define to the type qualifier pointed by arg 5 for recvfrom.])
      AC_DEFINE_UNQUOTED(RECVFROM_TYPE_ARG5, $recvfrom_type_arg5,
        [Define to the type pointed by arg 5 for recvfrom.])
      AC_DEFINE_UNQUOTED(RECVFROM_TYPE_ARG6, $recvfrom_type_arg6,
@@ -2843,7 +2851,7 @@ AC_DEFUN([DO_CURL_OFF_T_CHECK], [
    tmp_includes=""
    tmp_source=""
    tmp_fmt=""
-    case AS_TR_SH([$1]) in
+    case XC_SH_TR_SH([$1]) in
      int64_t)
        tmp_includes="$curl_includes_inttypes"
        tmp_source="char f@<:@@:>@ = PRId64;"
@@ -2901,7 +2909,7 @@ AC_DEFUN([DO_CURL_OFF_T_SUFFIX_CHECK], [
  curl_suffix_curl_off_t="unknown"
  curl_suffix_curl_off_tu="unknown"
  #
-  case AS_TR_SH([$1]) in
+  case XC_SH_TR_SH([$1]) in
    long_long | __longlong | __longlong_t)
      tst_suffixes="LL::"
      ;;
@@ -3073,7 +3081,7 @@ AC_DEFUN([CURL_CONFIGURE_CURL_OFF_T], [
    curl_format_curl_off_tu=`echo "$curl_format_curl_off_tu" | "$SED" 's/D$/U/'`
  else
    x_pull_headers="no"
-    case AS_TR_SH([$curl_typeof_curl_off_t]) in
+    case XC_SH_TR_SH([$curl_typeof_curl_off_t]) in
      long_long | __longlong | __longlong_t)
        curl_format_curl_off_t="lld"
        curl_format_curl_off_tu="llu"
--- a/171
+++ b/171
@@ -6,7 +6,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -21,9 +21,12 @@
 #
 ###########################################################################

+#--------------------------------------------------------------------------
+# die prints argument string to stdout and exits this shell script.
+#
 die(){
-	echo "$@"
-	exit
+  echo "buildconf: $@"
+  exit 1
 }

 #--------------------------------------------------------------------------
@@ -33,11 +36,8 @@ die(){
 findtool(){
  file="$1"

-  if { echo $file | grep "/" >/dev/null 2>&1; } then
-    # we only check for the explicit file name if the file is given
-    # including a slash. Use ./ for current dir. Previously this would
-    # otherwise always cause findtool to search the local dir first, which
-    # is wrong.
+  if { echo "$file" | grep "/" >/dev/null 2>&1; } then
+    # when file is given with a path check it first
    if test -f "$file"; then
      echo "$file"
      return
@@ -80,16 +80,19 @@ removethis(){
 # Ensure that buildconf runs from the subdirectory where configure.ac lives
 #
 if test ! -f configure.ac ||
-  test ! -f src/main.c ||
+  test ! -f src/tool_main.c ||
  test ! -f lib/urldata.h ||
-  test ! -f include/curl/curl.h; then
+  test ! -f include/curl/curl.h ||
+  test ! -f m4/curl-functions.m4; then
  echo "Can not run buildconf from outside of curl's source subdirectory!"
  echo "Change to the subdirectory where buildconf is found, and try again."
  exit 1
 fi

 #--------------------------------------------------------------------------
-# autoconf 2.57 or newer
+# autoconf 2.57 or newer. Unpatched version 2.67 does not generate proper
+# configure script. Unpatched version 2.68 is simply unusable, we should
+# disallow 2.68 usage.
 #
 need_autoconf="2.57"
 ac_version=`${AUTOCONF:-autoconf} --version 2>/dev/null|head -n 1| sed -e 's/^[^0-9]*//' -e 's/[a-z]* *$//'`
@@ -108,7 +111,15 @@ if test "$1" = "2" -a "$2" -lt "57" || test "$1" -lt "2"; then
  exit 1
 fi

+if test "$1" = "2" -a "$2" -eq "67"; then
+  echo "buildconf: autoconf version $ac_version (BAD)"
+  echo "            Unpatched version generates broken configure script."
+elif test "$1" = "2" -a "$2" -eq "68"; then
+  echo "buildconf: autoconf version $ac_version (BAD)"
+  echo "            Unpatched version generates unusable configure script."
+else
  echo "buildconf: autoconf version $ac_version (ok)"
+fi

 am4te_version=`${AUTOM4TE:-autom4te} --version 2>/dev/null|head -n 1| sed -e 's/autom4te\(.*\)/\1/' -e 's/^[^0-9]*//' -e 's/[a-z]* *$//'`
 if test -z "$am4te_version"; then
@@ -178,27 +189,24 @@ else
 fi

 #--------------------------------------------------------------------------
-# libtool check
+# GNU libtool preliminary check
 #
-LIBTOOL_WANTED_MAJOR=1
-LIBTOOL_WANTED_MINOR=4
-LIBTOOL_WANTED_PATCH=2
-LIBTOOL_WANTED_VERSION=1.4.2
+want_lt_major=1
+want_lt_minor=4
+want_lt_patch=2
+want_lt_version=1.4.2
+
+# This approach that tries 'glibtool' first is intended for systems that
+# have GNU libtool named as 'glibtool' and libtool not being GNU's.

-# this approach that tries 'glibtool' first is some kind of work-around for
-# some BSD-systems I believe that use to provide the GNU libtool named
-# glibtool, with 'libtool' being something completely different.
 libtool=`findtool glibtool 2>/dev/null`
 if test ! -x "$libtool"; then
  libtool=`findtool ${LIBTOOL:-libtool}`
 fi
-
-if test -z "$LIBTOOLIZE"; then
-  # set the LIBTOOLIZE here so that glibtoolize is used if glibtool was found
-  # $libtool is already the full path
-  libtoolize="${libtool}ize"
-else
-  libtoolize=`findtool $LIBTOOLIZE`
+if test -z "$libtool"; then
+  echo "buildconf: libtool not found."
+  echo "            You need GNU libtool $want_lt_version or newer installed."
+  exit 1
 fi

 lt_pver=`$libtool --version 2>/dev/null|head -n 1`
@@ -206,42 +214,55 @@ lt_qver=`echo $lt_pver|sed -e "s/([^)]*)//g" -e "s/^[^0-9]*//g"`
 lt_version=`echo $lt_qver|sed -e "s/[- ].*//" -e "s/\([a-z]*\)$//"`
 if test -z "$lt_version"; then
  echo "buildconf: libtool not found."
-  echo "            You need libtool version $LIBTOOL_WANTED_VERSION or newer installed"
+  echo "            You need GNU libtool $want_lt_version or newer installed."
  exit 1
 fi
 old_IFS=$IFS; IFS='.'; set $lt_version; IFS=$old_IFS
 lt_major=$1
 lt_minor=$2
 lt_patch=$3
-lt_status="good"

-if test "$lt_major" = "$LIBTOOL_WANTED_MAJOR"; then
-   if test "$lt_minor" -lt "$LIBTOOL_WANTED_MINOR"; then
+if test -z "$lt_major"; then
  lt_status="bad"
-   elif test -n "$LIBTOOL_WANTED_PATCH"; then
-       if test "$lt_minor" -gt "$LIBTOOL_WANTED_MINOR"; then
+elif test "$lt_major" -gt "$want_lt_major"; then
  lt_status="good"
-       elif test -n "$lt_patch"; then
-          if test "$lt_patch" -lt "$LIBTOOL_WANTED_PATCH"; then
+elif test "$lt_major" -lt "$want_lt_major"; then
+  lt_status="bad"
+elif test -z "$lt_minor"; then
+  lt_status="bad"
+elif test "$lt_minor" -gt "$want_lt_minor"; then
+  lt_status="good"
+elif test "$lt_minor" -lt "$want_lt_minor"; then
+  lt_status="bad"
+elif test -z "$lt_patch"; then
+  lt_status="bad"
+elif test "$lt_patch" -gt "$want_lt_patch"; then
+  lt_status="good"
+elif test "$lt_patch" -lt "$want_lt_patch"; then
  lt_status="bad"
-          fi
 else
-          lt_status="bad"
+  lt_status="good"
 fi
-   fi
-fi
-if test $lt_status != "good"; then
+if test "$lt_status" != "good"; then
  echo "buildconf: libtool version $lt_version found."
-  echo "            You need libtool version $LIBTOOL_WANTED_VERSION or newer installed"
+  echo "            You need GNU libtool $want_lt_version or newer installed."
  exit 1
 fi

 echo "buildconf: libtool version $lt_version (ok)"

-if test -f "$libtoolize"; then
-  echo "buildconf: libtoolize found"
+#--------------------------------------------------------------------------
+# GNU libtoolize check
+#
+if test -z "$LIBTOOLIZE"; then
+  # use (g)libtoolize from same location as (g)libtool
+  libtoolize="${libtool}ize"
 else
-  echo "buildconf: libtoolize not found. Weird libtool installation!"
+  libtoolize=`findtool $LIBTOOLIZE`
+fi
+if test ! -f "$libtoolize"; then
+  echo "buildconf: libtoolize not found."
+  echo "            You need GNU libtoolize $want_lt_version or newer installed."
  exit 1
 fi

@@ -266,6 +287,10 @@ fi
 # perl check
 #
 PERL=`findtool ${PERL:-perl}`
+if test -z "$PERL"; then
+  echo "buildconf: perl not found"
+  exit 1
+fi

 #--------------------------------------------------------------------------
 # Remove files generated on previous buildconf/configure run.
@@ -301,6 +326,7 @@ for fname in .deps \
    libcurl.pc \
    libtool \
    libtool.m4 \
+    libtool.m4.tmp \
    ltmain.sh \
    ltoptions.m4 \
    ltsugar.m4 \
@@ -317,32 +343,49 @@ done
 #

 echo "buildconf: running libtoolize"
-$libtoolize --copy --automake --force || die "The libtoolize command failed"
+${libtoolize} --copy --automake --force || die "libtoolize command failed"

-if test ! -f m4/curl-functions.m4; then
-  echo "buildconf: cURL m4 macros not found"
-  exit 1
+# When using libtool 1.5.X (X < 26) we copy libtool.m4 to our local m4
+# subdirectory and this local copy is patched to fix some warnings that
+# are triggered when running aclocal and using autoconf 2.62 or later.
+
+if test "$lt_major" = "1" && test "$lt_minor" = "5"; then
+  if test -z "$lt_patch" || test "$lt_patch" -lt "26"; then
+    echo "buildconf: copying libtool.m4 to local m4 subdir"
+    ac_dir=`${ACLOCAL:-aclocal} --print-ac-dir`
+    if test -f $ac_dir/libtool.m4; then
+      cp -f $ac_dir/libtool.m4 m4/libtool.m4
+    else
+      echo "buildconf: $ac_dir/libtool.m4 not found"
+    fi
+    if test -f m4/libtool.m4; then
+      echo "buildconf: renaming some variables in local m4/libtool.m4"
+      $PERL -i.tmp -pe \
+        's/lt_prog_compiler_pic_works/lt_cv_prog_compiler_pic_works/g; \
+         s/lt_prog_compiler_static_works/lt_cv_prog_compiler_static_works/g;' \
+        m4/libtool.m4
+      rm -f m4/libtool.m4.tmp
+    fi
+  fi
+fi
+
+if test -f m4/libtool.m4; then
+  echo "buildconf: converting all mv to mv -f in local m4/libtool.m4"
+  $PERL -i.tmp -pe 's/\bmv +([^-\s])/mv -f $1/g' m4/libtool.m4
+  rm -f m4/libtool.m4.tmp
 fi

 echo "buildconf: running aclocal"
-${ACLOCAL:-aclocal} -I m4 $ACLOCAL_FLAGS || die "The aclocal command line failed"
+${ACLOCAL:-aclocal} -I m4 $ACLOCAL_FLAGS || die "aclocal command failed"

-if test -n "$PERL"; then
-  echo "buildconf: running aclocal hack to convert all mv to mv -f"
+echo "buildconf: converting all mv to mv -f in local aclocal.m4"
 $PERL -i.bak -pe 's/\bmv +([^-\s])/mv -f $1/g' aclocal.m4
-else
-  echo "buildconf: perl not found"
-  exit 1
-fi

 echo "buildconf: running autoheader"
-${AUTOHEADER:-autoheader} || die "The autoheader command failed"
-
-echo "buildconf: cp lib/curl_config.h.in src/curl_config.h.in"
-cp lib/curl_config.h.in src/curl_config.h.in
+${AUTOHEADER:-autoheader} || die "autoheader command failed"

 echo "buildconf: running autoconf"
-${AUTOCONF:-autoconf}     || die "The autoconf command failed"
+${AUTOCONF:-autoconf} || die "autoconf command failed"

 if test -d ares; then
  cd ares
@@ -352,14 +395,15 @@ if test -d ares; then
 fi

 echo "buildconf: running automake"
-${AUTOMAKE:-automake} -a -c  || die "The automake command failed"
+${AUTOMAKE:-automake} --add-missing --copy || die "automake command failed"

 #--------------------------------------------------------------------------
+# GNU libtool complementary check
+#
 # Depending on the libtool and automake versions being used, config.guess
 # might not be installed in the subdirectory until automake has finished.
 # So we can not attempt to use it until this very last buildconf stage.
 #
-
 if test ! -f ./config.guess; then
  echo "buildconf: config.guess not found"
 else
@@ -403,7 +447,7 @@ else
    if test "$lt_status" != "good"; then
      need_lt_version="$need_lt_major.$need_lt_minor.$need_lt_patch"
      echo "buildconf: libtool version $lt_version found."
-      echo "            $buildhost requires libtool $need_lt_version or newer installed."
+      echo "            $buildhost requires GNU libtool $need_lt_version or newer installed."
      rm -f configure
      exit 1
    fi
@@ -411,8 +455,7 @@ else
 fi

 #--------------------------------------------------------------------------
-# Finished succesfully.
+# Finished successfully.
 #
-
 echo "buildconf: OK"
 exit 0
--- a/configure.ac
+++ b/configure.ac
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -26,6 +26,7 @@ AC_PREREQ(2.57)
 dnl We don't know the version number "statically" so we use a dash here
 AC_INIT([curl], [-], [a suitable curl mailing list: http://curl.haxx.se/mail/])

+XC_OVR_ZZ50
 CURL_OVERRIDE_AUTOCONF

 dnl configure script copyright
@@ -34,7 +35,7 @@ This configure script may be copied, distributed and modified under the
 terms of the curl license; see COPYING for more details])

 AC_CONFIG_SRCDIR([lib/urldata.h])
-AM_CONFIG_HEADER(lib/curl_config.h src/curl_config.h include/curl/curlbuild.h)
+AM_CONFIG_HEADER(lib/curl_config.h include/curl/curlbuild.h)
 AC_CONFIG_MACRO_DIR([m4])
 AM_MAINTAINER_MODE

@@ -43,6 +44,7 @@ CURL_CHECK_OPTION_OPTIMIZE
 CURL_CHECK_OPTION_WARNINGS
 CURL_CHECK_OPTION_WERROR
 CURL_CHECK_OPTION_CURLDEBUG
+CURL_CHECK_OPTION_SYMBOL_HIDING
 CURL_CHECK_OPTION_ARES

 CURL_CHECK_PATH_SEPARATOR_REQUIRED
@@ -154,6 +156,7 @@ curl_tls_srp_msg="no      (--enable-tls-srp)"
   curl_ipv6_msg="no      (--enable-ipv6)"
    curl_idn_msg="no      (--with-libidn)"
 curl_manual_msg="no      (--enable-manual)"
+curl_libcurl_msg="enabled (--disable-libcurl-option)"
 curl_verbose_msg="enabled (--disable-verbose)"
   curl_sspi_msg="no      (--enable-sspi)"
   curl_ldap_msg="no      (--enable-ldap / --with-ldap-lib / --with-lber-lib)"
@@ -234,21 +237,18 @@ esac
 AC_MSG_RESULT($mimpure)
 AM_CONDITIONAL(MIMPURE, test x$mimpure = xyes)

-dnl 'STATICLIB' is, in spite of its name, not generic but only for static-only
-dnl builds on Windows
-AM_CONDITIONAL(STATICLIB, false)
-
 AC_MSG_CHECKING([if we need BUILDING_LIBCURL])
+use_cppflag_building_libcurl="no"
+use_cppflag_curl_staticlib="no"
 case $host in
  *-*-mingw*)
-    AC_DEFINE(BUILDING_LIBCURL, 1, [when building libcurl itself])
    AC_MSG_RESULT(yes)
+    use_cppflag_building_libcurl="yes"
    AC_MSG_CHECKING([if we need CURL_STATICLIB])
    if test "X$enable_shared" = "Xno"
    then
-      AC_DEFINE(CURL_STATICLIB, 1, [when not building a shared library])
      AC_MSG_RESULT(yes)
-      AM_CONDITIONAL(STATICLIB, true)
+      use_cppflag_curl_staticlib="yes"
    else
      AC_MSG_RESULT(no)
    fi
@@ -257,6 +257,8 @@ case $host in
    AC_MSG_RESULT(no)
    ;;
 esac
+AM_CONDITIONAL(USE_CPPFLAG_BUILDING_LIBCURL, test x$use_cppflag_building_libcurl = xyes)
+AM_CONDITIONAL(USE_CPPFLAG_CURL_STATICLIB, test x$use_cppflag_curl_staticlib = xyes)

 # Determine whether all dependent libraries must be specified when linking
 if test "X$enable_shared" = "Xyes" -a "X$link_all_deplibs" = "Xno"
@@ -298,6 +300,7 @@ fi

 CURL_CHECK_COMPILER_HALT_ON_ERROR
 CURL_CHECK_COMPILER_ARRAY_SIZE_NEGATIVE
+CURL_CHECK_COMPILER_SYMBOL_HIDING

 CURL_CHECK_NO_UNDEFINED
 AM_CONDITIONAL(NO_UNDEFINED, test x$need_no_undefined = xyes)
@@ -305,6 +308,44 @@ AM_CONDITIONAL(NO_UNDEFINED, test x$need_no_undefined = xyes)
 CURL_CHECK_CURLDEBUG
 AM_CONDITIONAL(CURLDEBUG, test x$want_curldebug = xyes)

+supports_unittests=yes
+# cross-compilation of unit tests static library/programs fails when
+# libcurl shared library is built. This might be due to a libtool or
+# automake issue. In this case we disable unit tests.
+if test "x$cross_compiling" != "xno" &&
+   test "x$enable_shared" != "xno"; then
+  supports_unittests=no
+fi
+
+# IRIX 6.5.24 gcc 3.3 autobuilds fail unittests library compilation due to
+# a problem related with OpenSSL headers and library versions not matching.
+# Disable unit tests while time to further investigate this is found.
+case $host in
+  mips-sgi-irix6.5)
+    if test "$compiler_id" = "GNU_C"; then
+      supports_unittests=no
+    fi
+    ;;
+esac
+
+# All AIX autobuilds fails unit tests linking against unittests library
+# due to unittests library being built with no symbols or members. Libtool ?
+# Disable unit tests while time to further investigate this is found.
+case $host_os in
+  aix*)
+    supports_unittests=no
+    ;;
+esac
+
+dnl Build unit tests when option --enable-debug is given.
+if test "x$want_debug" = "xyes" &&
+   test "x$supports_unittests" = "xyes"; then
+  want_unittests=yes
+else
+  want_unittests=no
+fi
+AM_CONDITIONAL(BUILD_UNITTESTS, test x$want_unittests = xyes)
+
 dnl **********************************************************************
 dnl Compilation based checks should not be done before this point.
 dnl **********************************************************************
@@ -612,6 +653,25 @@ AC_HELP_STRING([--disable-manual],[Disable built-in manual]),
 dnl The actual use of the USE_MANUAL variable is done much later in this
 dnl script to allow other actions to disable it as well.

+dnl ************************************************************
+dnl disable C code generation support
+dnl
+AC_MSG_CHECKING([whether to enable generation of C code])
+AC_ARG_ENABLE(libcurl_option,
+AC_HELP_STRING([--enable-libcurl-option],[Enable --libcurl C code generation support])
+AC_HELP_STRING([--disable-libcurl-option],[Disable --libcurl C code generation support]),
+[ case "$enableval" in
+  no)
+       AC_MSG_RESULT(no)
+       AC_DEFINE(CURL_DISABLE_LIBCURL_OPTION, 1, [to disable --libcurl C code generation option])
+       curl_libcurl_msg="no"
+       ;;
+  *)   AC_MSG_RESULT(yes)
+       ;;
+  esac ],
+       AC_MSG_RESULT(yes)
+)
+
 dnl **********************************************************************
 dnl Checks for libraries.
 dnl **********************************************************************
@@ -637,6 +697,17 @@ then
               ])
 fi

+if test "$HAVE_GETHOSTBYNAME" != "1"
+then
+  dnl gethostbyname in the watt lib?
+  AC_CHECK_LIB(watt, gethostbyname,
+               [HAVE_GETHOSTBYNAME="1"
+               CPPFLAGS="-I/dev/env/WATT_ROOT/inc"
+               LDFLAGS="-L/dev/env/WATT_ROOT/lib"
+               LIBS="$LIBS -lwatt"
+               ])
+fi
+
 dnl At least one system has been identified to require BOTH nsl and socket
 dnl libs at the same time to link properly.
 if test "$HAVE_GETHOSTBYNAME" != "1"
@@ -1312,7 +1383,7 @@ if test X"$OPT_SSL" != Xno; then
    dnl the user told us to look
    OPENSSL_PCDIR="$OPT_SSL/lib/pkgconfig"
    AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$OPENSSL_PCDIR"])
-    if test -e "$OPENSSL_PCDIR/openssl.pc"; then
+    if test -f "$OPENSSL_PCDIR/openssl.pc"; then
      PKGTEST="yes"
    fi

@@ -1476,7 +1547,8 @@ if test X"$OPT_SSL" != Xno; then
                    RAND_egd \
                    ENGINE_cleanup \
                    CRYPTO_cleanup_all_ex_data \
-                    SSL_get_shutdown )
+                    SSL_get_shutdown \
+                    SSLv2_client_method )

    dnl Make an attempt to detect if this is actually yassl's headers and
    dnl OpenSSL emulation layer. We still leave everything else believing
@@ -1508,12 +1580,14 @@ if test X"$OPT_SSL" != Xno; then
       dnl when the ssl shared libs were found in a path that the run-time
       dnl linker doesn't search through, we need to add it to LD_LIBRARY_PATH
       dnl to prevent further configure tests to fail due to this
-
+       if test "x$cross_compiling" != "xyes"; then
         LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$LIB_OPENSSL"
         export LD_LIBRARY_PATH
         AC_MSG_NOTICE([Added $LIB_OPENSSL to LD_LIBRARY_PATH])
       fi
    fi
+    CURL_CHECK_OPENSSL_API
+  fi

 fi

@@ -1624,8 +1698,12 @@ if test X"$OPENSSL_ENABLED" = X"1"; then
                 [read randomness from FILE (default=/dev/urandom)]),
      [ RANDOM_FILE="$withval" ],
      [
+          if test x$cross_compiling != xyes; then
            dnl Check for random device
            AC_CHECK_FILE("/dev/urandom", [ RANDOM_FILE="/dev/urandom"] )
+          else
+            AC_MSG_WARN([skipped the /dev/urandom detection when cross-compiling])
+          fi
      ]
  )
  if test -n "$RANDOM_FILE" && test X"$RANDOM_FILE" != Xno ; then
@@ -1742,12 +1820,13 @@ if test "$OPENSSL_ENABLED" != "1"; then
          dnl linker doesn't search through, we need to add it to
          dnl LD_LIBRARY_PATH to prevent further configure tests to fail
          dnl due to this
-
+          if test "x$cross_compiling" != "xyes"; then 
            LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$gtlslib"
            export LD_LIBRARY_PATH
            AC_MSG_NOTICE([Added $gtlslib to LD_LIBRARY_PATH])
          fi
        fi
+      fi

    fi

@@ -1756,17 +1835,33 @@ if test "$OPENSSL_ENABLED" != "1"; then
 fi dnl OPENSSL != 1

 dnl ---
-dnl If GnuTLS is enabled, we MUST verify that it uses libgcrypt since
-dnl curl code relies on that but recent GnuTLS versions can in fact build
-dnl with different crypto libraries which curl right now cannot handle
+dnl Check which crypto backend GnuTLS uses
 dnl ---

 if test "$GNUTLS_ENABLED" = "1"; then
-  AC_CHECK_LIB(gcrypt,
-               gcry_control, ,
-    [
-      AC_MSG_ERROR([need GnuTLS built with gcrypt to function with GnuTLS])
-    ])
+  USE_GNUTLS_NETTLE=
+  # First check if we can detect either crypto library via transitive linking
+  AC_CHECK_LIB(gnutls, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
+  if test "$USE_GNUTLS_NETTLE" = ""; then
+    AC_CHECK_LIB(gnutls, gcry_control, [ USE_GNUTLS_NETTLE=0 ])
+  fi
+  # If not, try linking directly to both of them to see if they are available
+  if test "$USE_GNUTLS_NETTLE" = ""; then
+    AC_CHECK_LIB(nettle, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
+  fi
+  if test "$USE_GNUTLS_NETTLE" = ""; then
+    AC_CHECK_LIB(gcrypt, gcry_control, [ USE_GNUTLS_NETTLE=0 ])
+  fi
+  if test "$USE_GNUTLS_NETTLE" = ""; then
+    AC_MSG_ERROR([GnuTLS found, but neither gcrypt nor nettle found])
+  fi
+  if test "$USE_GNUTLS_NETTLE" = "1"; then
+    AC_DEFINE(USE_GNUTLS_NETTLE, 1, [if GnuTLS uses nettle as crypto backend])
+    AC_SUBST(USE_GNUTLS_NETTLE, [1])
+    LIBS="$LIBS -lnettle"
+  else
+    LIBS="$LIBS -lgcrypt"
+  fi
 fi

 dnl ---
@@ -1852,12 +1947,12 @@ if test "$OPENSSL_ENABLED" != "1"; then
        dnl linker doesn't search through, we need to add it to
        dnl LD_LIBRARY_PATH to prevent further configure tests to fail
        dnl due to this
-
+        if test "x$cross_compiling" != "xyes"; then
          LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$polarssllib"
          export LD_LIBRARY_PATH
          AC_MSG_NOTICE([Added $polarssllib to LD_LIBRARY_PATH])
        fi
-
+      fi
    fi

  fi dnl PolarSSL not disabled
@@ -1874,7 +1969,7 @@ OPT_CYASSL=no
 _cppflags=$CPPFLAGS
 _ldflags=$LDFLAGS
 AC_ARG_WITH(cyassl,dnl
-AC_HELP_STRING([--with-cyassl=PATH],[where to look for CyaSSL, PATH points to the installation root (default: /usr/local/cyassl)])
+AC_HELP_STRING([--with-cyassl=PATH],[where to look for CyaSSL, PATH points to the installation root (default: system lib default)])
 AC_HELP_STRING([--without-cyassl], [disable CyaSSL detection]),
  OPT_CYASSL=$withval)

@@ -1887,14 +1982,9 @@ if test "$OPENSSL_ENABLED" != "1"; then
    fi

    if test -z "$OPT_CYASSL" ; then
-      dnl check for lib in default first
+      dnl check for lib in system default first

-      trycyassldir="/usr/local/cyassl"
-
-      LDFLAGS="$LDFLAGS -L$trycyassldir/lib"
-      CPPFLAGS="$CPPFLAGS -I$trycyassldir/include"
-
-      AC_CHECK_LIB(cyassl, InitCyaSSL,
+      AC_CHECK_LIB(cyassl, CyaSSL_Init,
      dnl libcyassl found, set the variable
       [
         AC_DEFINE(USE_CYASSL, 1, [if CyaSSL is enabled])
@@ -1916,7 +2006,7 @@ if test "$OPENSSL_ENABLED" != "1"; then
         CPPFLAGS="$CPPFLAGS $addcflags"
      fi

-      AC_CHECK_LIB(cyassl, InitCyaSSL,
+      AC_CHECK_LIB(cyassl, CyaSSL_Init,
       [
       AC_DEFINE(USE_CYASSL, 1, [if CyaSSL is enabled])
       AC_SUBST(USE_CYASSL, [1])
@@ -1941,11 +2031,12 @@ if test "$OPENSSL_ENABLED" != "1"; then
        dnl linker doesn't search through, we need to add it to
        dnl LD_LIBRARY_PATH to prevent further configure tests to fail
        dnl due to this
-
+        if test "x$cross_compiling" != "xyes"; then
          LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$cyassllib"
          export LD_LIBRARY_PATH
          AC_MSG_NOTICE([Added $cyassllib to LD_LIBRARY_PATH])
        fi
+      fi

    fi

@@ -2000,13 +2091,6 @@ if test "$OPENSSL_ENABLED" != "1" -a "$GNUTLS_ENABLED" != "1"; then
        nssprefix=$OPT_NSS
    fi

-    dnl Check for functionPK11_CreateGenericObject
-    dnl this is needed for using the PEM PKCS#11 module
-    AC_CHECK_LIB(nss3, PK11_CreateGenericObject,
-     [
-     AC_DEFINE(HAVE_PK11_CREATEGENERICOBJECT, 1, [if you have the function PK11_CreateGenericObject])
-     AC_SUBST(HAVE_PK11_CREATEGENERICOBJECT, [1])
-     ])
    if test -n "$addlib"; then

      CLEANLIBS="$LIBS"
@@ -2017,7 +2101,8 @@ if test "$OPENSSL_ENABLED" != "1" -a "$GNUTLS_ENABLED" != "1"; then
         CPPFLAGS="$CPPFLAGS $addcflags"
      fi

-      AC_CHECK_LIB(nss3, NSS_Initialize,
+      dnl The function PK11_CreateGenericObject is needed to load libnsspem.so
+      AC_CHECK_LIB(nss3, PK11_CreateGenericObject,
       [
       AC_DEFINE(USE_NSS, 1, [if NSS is enabled])
       AC_SUBST(USE_NSS, [1])
@@ -2033,15 +2118,24 @@ if test "$OPENSSL_ENABLED" != "1" -a "$GNUTLS_ENABLED" != "1"; then
      if test "x$USE_NSS" = "xyes"; then
        AC_MSG_NOTICE([detected NSS version $version])

+        dnl NSS_InitContext() was introduced in NSS 3.12.5 and helps to prevent
+        dnl collisions on NSS initialization/shutdown with other libraries
+        AC_CHECK_FUNC(NSS_InitContext,
+        [
+          AC_DEFINE(HAVE_NSS_INITCONTEXT, 1, [if you have the NSS_InitContext function])
+          AC_SUBST(HAVE_NSS_INITCONTEXT, [1])
+        ])
+
        dnl when shared libs were found in a path that the run-time
        dnl linker doesn't search through, we need to add it to
        dnl LD_LIBRARY_PATH to prevent further configure tests to fail
        dnl due to this
-
+        if test "x$cross_compiling" != "xyes"; then
          LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$nssprefix/lib$libsuff"
          export LD_LIBRARY_PATH
          AC_MSG_NOTICE([Added $nssprefix/lib$libsuff to LD_LIBRARY_PATH])
        fi
+      fi

    fi

@@ -2197,11 +2291,12 @@ if test X"$OPT_LIBSSH2" != Xno; then
       dnl libssh2_session_handshake was added in 1.2.8
       AC_CHECK_FUNCS( libssh2_version libssh2_init libssh2_exit \
                       libssh2_scp_send64 libssh2_session_handshake)
-
+       if test "x$cross_compiling" != "xyes"; then
         LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$DIR_SSH2"
         export LD_LIBRARY_PATH
         AC_MSG_NOTICE([Added $DIR_SSH2 to LD_LIBRARY_PATH])
       fi
+    fi
  else
    dnl no libssh2, revert back to clean variables
    LDFLAGS=$CLEANLDFLAGS
@@ -2288,55 +2383,196 @@ if test X"$OPT_LIBRTMP" != Xno; then

 fi

+dnl **********************************************************************
+dnl Check for linker switch for versioned symbols
+dnl **********************************************************************
+
+versioned_symbols_flavour=
+AC_MSG_CHECKING([whether versioned symbols are wanted])
+AC_ARG_ENABLE(versioned-symbols,
+AC_HELP_STRING([--enable-versioned-symbols], [Enable versioned symbols in shared library])
+AC_HELP_STRING([--disable-versioned-symbols], [Disable versioned symbols in shared library]),
+[ case "$enableval" in
+  yes) AC_MSG_RESULT(yes)
+    AC_MSG_CHECKING([if libraries can be versioned])
+    GLD=`$LD --help < /dev/null 2>/dev/null | grep version-script`
+    if test -z "$GLD"; then
+        AC_MSG_RESULT(no)
+        AC_MSG_WARN([You need an ld version supporting the --version-script option])
+    else
+        AC_MSG_RESULT(yes)
+        if test "x$OPENSSL_ENABLED" = "x1"; then
+          versioned_symbols_flavour="OPENSSL_"
+        elif test "x$GNUTLS_ENABLED" == "x1"; then
+          versioned_symbols_flavour="GNUTLS_"
+        elif test "x$NSS_ENABLED" == "x1"; then
+          versioned_symbols_flavour="NSS_"
+        elif test "x$POLARSSL_ENABLED" == "x1"; then
+          versioned_symbols_flavour="POLARSSL_"
+        elif test "x$CYASSL_ENABLED" == "x1"; then
+          versioned_symbols_flavour="CYASSL_"
+        elif test "x$AXTLS_ENABLED" == "x1"; then
+          versioned_symbols_flavour="AXTLS_"
+        else
+          versioned_symbols_flavour=""
+        fi
+        versioned_symbols="yes"
+    fi
+    ;;
+
+  *)   AC_MSG_RESULT(no)
+    ;;
+  esac
+], [
+AC_MSG_RESULT(no)
+]
+)
+
+AC_SUBST(VERSIONED_FLAVOUR, ["$versioned_symbols_flavour"])
+AM_CONDITIONAL(VERSIONED_SYMBOLS, test "x$versioned_symbols" = "xyes")
+
+
 dnl **********************************************************************
 dnl Check for the presence of IDN libraries and headers
 dnl **********************************************************************

 AC_MSG_CHECKING([whether to build with libidn])
+OPT_IDN="default"
 AC_ARG_WITH(libidn,
 AC_HELP_STRING([--with-libidn=PATH],[Enable libidn usage])
 AC_HELP_STRING([--without-libidn],[Disable libidn usage]),
-  [LIBIDN="$withval"])
-
-case "$LIBIDN" in
+  [OPT_IDN=$withval])
+case "$OPT_IDN" in
  no)
-       AC_MSG_RESULT(no)
+    dnl --without-libidn option used
+    want_idn="no"
+    AC_MSG_RESULT([no])
    ;;
-  *)   AC_MSG_RESULT(yes)
+  default)
+    dnl configure option not specified
+    want_idn="yes"
+    want_idn_path="default"
+    AC_MSG_RESULT([(assumed) yes])
+    ;;
+  yes)
+    dnl --with-libidn option used without path
+    want_idn="yes"
+    want_idn_path="default"
+    AC_MSG_RESULT([yes])
+    ;;
+  *)
+    dnl --with-libidn option used with path
+    want_idn="yes"
+    want_idn_path="$withval"
+    AC_MSG_RESULT([yes ($withval)])
+    ;;
+esac

-       idn=""
-       dnl if there is a given path, check that FIRST
-       if test -n "$LIBIDN"; then
-         if test "x$LIBIDN" != "xyes"; then
-            oldLDFLAGS=$LDFLAGS
-            oldCPPFLAGS=$CPPFLAGS
-            LDFLAGS="$LDFLAGS -L$LIBIDN/lib"
-            CPPFLAGS="$CPPFLAGS -I$LIBIDN/include"
-            idn="yes"
-            AC_CHECK_LIB(idn, idna_to_ascii_4i, ,
-                         idn=""
-                         LDFLAGS=$oldLDFLAGS
-                         CPPFLAGS=$oldCPPFLAGS)
+if test "$want_idn" = "yes"; then
+  dnl idn library support has been requested
+  clean_CPPFLAGS="$CPPFLAGS"
+  clean_LDFLAGS="$LDFLAGS"
+  clean_LIBS="$LIBS"
+  PKGCONFIG="no"
+  #
+  if test "$want_idn_path" != "default"; then
+    dnl path has been specified
+    IDN_PCDIR="$want_idn_path/lib$libsuff/pkgconfig"
+    CURL_CHECK_PKGCONFIG(libidn, [$IDN_PCDIR])
+    if test "$PKGCONFIG" != "no"; then
+      IDN_LIBS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+        $PKGCONFIG --libs-only-l libidn 2>/dev/null`
+      IDN_LDFLAGS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+        $PKGCONFIG --libs-only-L libidn 2>/dev/null`
+      IDN_CPPFLAGS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+        $PKGCONFIG --cflags-only-I libidn 2>/dev/null`
+      IDN_DIR=`echo $IDN_LDFLAGS | $SED -e 's/-L//'`
+    else
+      dnl pkg-config not available or provides no info
+      IDN_LIBS="-lidn"
+      IDN_LDFLAGS="-L$want_idn_path/lib$libsuff"
+      IDN_CPPFLAGS="-I$want_idn_path/include"
+      IDN_DIR="$want_idn_path/lib$libsuff"
+    fi
+  else
+    dnl path not specified
+    CURL_CHECK_PKGCONFIG(libidn)
+    if test "$PKGCONFIG" != "no"; then
+      IDN_LIBS=`$PKGCONFIG --libs-only-l libidn 2>/dev/null`
+      IDN_LDFLAGS=`$PKGCONFIG --libs-only-L libidn 2>/dev/null`
+      IDN_CPPFLAGS=`$PKGCONFIG --cflags-only-I libidn 2>/dev/null`
+      IDN_DIR=`echo $IDN_LDFLAGS | $SED -e 's/-L//'`
+    else
+      dnl pkg-config not available or provides no info
+      IDN_LIBS="-lidn"
    fi
  fi
-
-       if test "x$idn" != "xyes"; then
-          dnl check with default paths
-          idn="yes"
-          AC_CHECK_LIB(idn, idna_to_ascii_lz, ,
-                       idn="")
+  #
+  if test "$PKGCONFIG" != "no"; then
+    AC_MSG_NOTICE([pkg-config: IDN_LIBS: "$IDN_LIBS"])
+    AC_MSG_NOTICE([pkg-config: IDN_LDFLAGS: "$IDN_LDFLAGS"])
+    AC_MSG_NOTICE([pkg-config: IDN_CPPFLAGS: "$IDN_CPPFLAGS"])
+    AC_MSG_NOTICE([pkg-config: IDN_DIR: "$IDN_DIR"])
+  else
+    AC_MSG_NOTICE([IDN_LIBS: "$IDN_LIBS"])
+    AC_MSG_NOTICE([IDN_LDFLAGS: "$IDN_LDFLAGS"])
+    AC_MSG_NOTICE([IDN_CPPFLAGS: "$IDN_CPPFLAGS"])
+    AC_MSG_NOTICE([IDN_DIR: "$IDN_DIR"])
  fi
-
-       if test "x$idn" = "xyes"; then
-         curl_idn_msg="enabled"
-         AC_SUBST(IDN_ENABLED, [1])
+  #
+  CPPFLAGS="$IDN_CPPFLAGS $CPPFLAGS"
+  LDFLAGS="$IDN_LDFLAGS $LDFLAGS"
+  LIBS="$IDN_LIBS $LIBS"
+  #
+  AC_MSG_CHECKING([if idna_to_ascii_4i can be linked])
+  AC_LINK_IFELSE([
+    AC_LANG_FUNC_LINK_TRY([idna_to_ascii_4i])
+  ],[
+    AC_MSG_RESULT([yes])
+    tst_links_libidn="yes"
+  ],[
+    AC_MSG_RESULT([no])
+    tst_links_libidn="no"
+  ])
+  if test "$tst_links_libidn" = "no"; then
+    AC_MSG_CHECKING([if idna_to_ascii_lz can be linked])
+    AC_LINK_IFELSE([
+      AC_LANG_FUNC_LINK_TRY([idna_to_ascii_lz])
+    ],[
+      AC_MSG_RESULT([yes])
+      tst_links_libidn="yes"
+    ],[
+      AC_MSG_RESULT([no])
+      tst_links_libidn="no"
+    ])
+  fi
+  #
+  if test "$tst_links_libidn" = "yes"; then
+    AC_DEFINE(HAVE_LIBIDN, 1, [Define to 1 if you have the `idn' library (-lidn).])
    dnl different versions of libidn have different setups of these:
    AC_CHECK_FUNCS( idn_free idna_strerror tld_strerror )
    AC_CHECK_HEADERS( idn-free.h tld.h )
+    if test "x$ac_cv_header_tld_h" = "xyes"; then
+      AC_SUBST([IDN_ENABLED], [1])
+      curl_idn_msg="enabled"
+      if test -n "$IDN_DIR"; then
+        LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
+        export LD_LIBRARY_PATH
+        AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
+      fi
+    else
+      AC_MSG_WARN([Libraries for IDN support too old: IDN disabled])
+      CPPFLAGS="$clean_CPPFLAGS"
+      LDFLAGS="$clean_LDFLAGS"
+      LIBS="$clean_LIBS"
+    fi
+  else
+    AC_MSG_WARN([Cannot find libraries for IDN support: IDN disabled])
+    CPPFLAGS="$clean_CPPFLAGS"
+    LDFLAGS="$clean_LDFLAGS"
+    LIBS="$clean_LIBS"
+  fi
 fi
-
-       ;;
-esac


 dnl Let's hope this split URL remains working:
@@ -2396,6 +2632,7 @@ AC_CHECK_HEADERS(
        stdbool.h \
        arpa/tftp.h \
        sys/filio.h \
+        sys/wait.h \
        setjmp.h,
 dnl to do if not found
 [],
@@ -2517,6 +2754,7 @@ CURL_CHECK_FUNC_FREEIFADDRS
 CURL_CHECK_FUNC_FSETXATTR
 CURL_CHECK_FUNC_FTRUNCATE
 CURL_CHECK_FUNC_GETADDRINFO
+CURL_CHECK_FUNC_GAI_STRERROR
 CURL_CHECK_FUNC_GETHOSTBYADDR
 CURL_CHECK_FUNC_GETHOSTBYADDR_R
 CURL_CHECK_FUNC_GETHOSTBYNAME
@@ -2540,6 +2778,7 @@ CURL_CHECK_FUNC_SIGINTERRUPT
 CURL_CHECK_FUNC_SIGNAL
 CURL_CHECK_FUNC_SIGSETJMP
 CURL_CHECK_FUNC_SOCKET
+CURL_CHECK_FUNC_SOCKETPAIR
 CURL_CHECK_FUNC_STRCASECMP
 CURL_CHECK_FUNC_STRCASESTR
 CURL_CHECK_FUNC_STRCMPI
@@ -2593,7 +2832,7 @@ AC_CHECK_FUNCS([fork \
    ],[
      AC_MSG_RESULT([yes])
      eval "ac_cv_func_$func=yes"
-      AC_DEFINE_UNQUOTED(AS_TR_CPP([HAVE_$func]), [1],
+      AC_DEFINE_UNQUOTED(XC_SH_TR_CPP([HAVE_$func]), [1],
        [Define to 1 if you have the $func function.])
    ],[
      AC_MSG_RESULT([but still no])
@@ -2770,6 +3009,10 @@ AC_HELP_STRING([--disable-crypto-auth],[Disable cryptographic authentication]),
       AC_MSG_RESULT(yes)
 )

+CURL_CHECK_OPTION_NTLM_WB
+
+CURL_CHECK_NTLM_WB
+
 dnl ************************************************************
 dnl disable TLS-SRP authentication
 dnl
@@ -2816,48 +3059,9 @@ AC_HELP_STRING([--disable-cookies],[Disable cookies support]),
 )

 dnl ************************************************************
-dnl Enable hiding of internal symbols in library to reduce its size and
-dnl speed dynamic linking of applications.  This currently is only supported
-dnl on gcc >= 4.0 and SunPro C.
+dnl hiding of library internal symbols
 dnl
-AC_MSG_CHECKING([whether to enable hidden symbols in the library])
-AC_ARG_ENABLE(hidden-symbols,
-AC_HELP_STRING([--enable-hidden-symbols],[Hide internal symbols in library])
-AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibility in library]),
-[ case "$enableval" in
-  no)
-       AC_MSG_RESULT(no)
-       ;;
-  *)
-       AC_MSG_CHECKING([whether $CC supports it])
-       if test "$GCC" = yes ; then
-         if $CC --help --verbose 2>&1 | grep fvisibility= > /dev/null ||
-           dnl clang always supports -fvisibility= but it doesn't show up
-           dnl under --help.
-           test "$compiler_id" = "CLANG"; then
-           AC_MSG_RESULT(yes)
-           AC_DEFINE(CURL_HIDDEN_SYMBOLS, 1, [to enable hidden symbols])
-           AC_DEFINE(CURL_EXTERN_SYMBOL, [__attribute__ ((visibility ("default")))], [to make a symbol visible])
-           CFLAGS="$CFLAGS -fvisibility=hidden"
-         else
-            AC_MSG_RESULT(no)
-          fi
-
-       else
-         dnl Test for SunPro cc
-         if $CC 2>&1 | grep flags >/dev/null && $CC -flags | grep xldscope= >/dev/null ; then
-           AC_MSG_RESULT(yes)
-           AC_DEFINE(CURL_HIDDEN_SYMBOLS, 1, [to enable hidden symbols])
-           AC_DEFINE(CURL_EXTERN_SYMBOL, [__global], [to make a symbol visible])
-           CFLAGS="$CFLAGS -xldscope=hidden"
-         else
-           AC_MSG_RESULT(no)
-         fi
-       fi
-       ;;
-  esac ],
-       AC_MSG_RESULT(no)
-)
+CURL_CONFIGURE_SYMBOL_HIDING

 dnl ************************************************************
 dnl enforce SONAME bump
@@ -2945,6 +3149,9 @@ if test "x$CURL_DISABLE_HTTP" != "x1"; then
  if test "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
      -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1"; then
    SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
+    if test "x$NTLM_WB_ENABLED" = "x1"; then
+      SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM_WB"
+    fi
  fi
 fi
 if test "x$USE_TLS_SRP" = "x1"; then
@@ -3055,6 +3262,7 @@ AC_CONFIG_FILES([Makefile \
           include/curl/Makefile \
           src/Makefile \
           lib/Makefile \
+           lib/libcurl.vers \
           tests/Makefile \
           tests/data/Makefile \
           tests/server/Makefile \
@@ -3099,6 +3307,7 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
  IDN support:      ${curl_idn_msg}
  Build libcurl:    Shared=${enable_shared}, Static=${enable_static}
  Built-in manual:  ${curl_manual_msg}
+  --libcurl option: ${curl_libcurl_msg}
  Verbose errors:   ${curl_verbose_msg}
  SSPI support:     ${curl_sspi_msg}
  ca cert bundle:   ${ca}
--- a/curl-config.in
+++ b/curl-config.in
@@ -6,7 +6,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 2001 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 2001 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -94,7 +94,7 @@ while test $# -gt 0; do
 	;;

    --version)
-	echo libcurl @VERSION@
+	echo libcurl @CURLVERSION@
 	exit 0
 	;;

@@ -113,7 +113,7 @@ while test $# -gt 0; do
 	  # silent success
 	  exit 0
 	else
-	  echo "requested version $checkfor is newer than existing @VERSION@"
+	  echo "requested version $checkfor is newer than existing @CURLVERSION@"
 	  exit 1
 	fi
 	;;
@@ -142,9 +142,9 @@ while test $# -gt 0; do
 	   CURLLIBDIR=""
 	fi
 	if test "X@REQUIRE_LIB_DEPS@" = "Xyes"; then
-	  echo ${CURLLIBDIR}-lcurl @LDFLAGS@ @LIBCURL_LIBS@ @LIBS@
+	  echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@ @LIBS@
 	else
-	  echo ${CURLLIBDIR}-lcurl @LDFLAGS@ @LIBS@
+	  echo ${CURLLIBDIR}-lcurl @LIBS@
 	fi
 	;;

--- a/docs/BUGS
+++ b/docs/BUGS
@@ -6,21 +6,34 @@

 BUGS

+ 1. Bugs
+  1.1 There are still bugs
+  1.2 Where to report
+  1.3 What to report
+  1.4 libcurl problems
+  1.5 Who will fix the problems
+  1.6 How to get a stack trace
+  1.7 Bugs in libcurl bindings
+
+==============================================================================
+
+1.1 There are still bugs
+
  Curl and libcurl have grown substantially since the beginning. At the time
-  of writing (July 2007), there are about 47000 lines of source code, and by
-  the time you read this it has probably grown even more.
+  of writing (September 2011), there are about 66000 lines of source code, and
+  by the time you read this it has probably grown even more.

  Of course there are lots of bugs left. And lots of misfeatures.

  To help us make curl the stable and solid product we want it to be, we need
  bug reports and bug fixes.

-WHERE TO REPORT
+1.2 Where to report

  If you can't fix a bug yourself and submit a fix for it, try to report an as
  detailed report as possible to a curl mailing list to allow one of us to
-  have a go at a solution. You should also post your bug/problem at curl's bug
-  tracking system over at
+  have a go at a solution. You can optionally also post your bug/problem at
+  curl's bug tracking system over at

        http://sourceforge.net/bugs/?group_id=976

@@ -29,16 +42,18 @@ WHERE TO REPORT
  If you feel you need to ask around first, find a suitable mailing list and
  post there. The lists are available on http://curl.haxx.se/mail/

-WHAT TO REPORT
+1.3 What to report

  When reporting a bug, you should include all information that will help us
  understand what's wrong, what you expected to happen and how to repeat the
  bad behavior. You therefore need to tell us:

-   - your operating system's name and version number (uname -a under a unix
-     is fine)
+   - your operating system's name and version number
+
   - what version of curl you're using (curl -V is fine)
+
   - versions of the used libraries that libcurl is built to use
+
   - what URL you were working with (if possible), at least which protocol

  and anything and everything else you think matters. Tell us what you
@@ -59,7 +74,48 @@ WHAT TO REPORT
  The address and how to subscribe to the mailing lists are detailed in the
  MANUAL file.

-HOW TO GET A STACK TRACE
+1.4 libcurl problems
+
+  First, post all libcurl problems on the curl-library mailing list.
+
+  When you've written your own application with libcurl to perform transfers,
+  it is even more important to be specific and detailed when reporting bugs.
+
+  Tell us the libcurl version and your operating system. Tell us the name and
+  version of all relevant sub-components like for example the SSL library
+  you're using and what name resolving your libcurl uses. If you use SFTP or
+  SCP, the libssh2 version is relevant etc.
+
+  Showing us a real source code example repeating your problem is the best way
+  to get our attention and it will greatly increase our chances to understand
+  your problem and to work on a fix (if we agree it truly is a problem).
+
+  Lots of problems that appear to be libcurl problems are actually just abuses
+  of the libcurl API or other malfunctions in your applications. It is adviced
+  that you run your problematic program using a memory debug tool like
+  valgrind or similar before you post memory-related or "crashing" problems to
+  us.
+
+1.5 Who will fix the problems
+
+  If the problems or bugs you describe are considered to be bugs, we want to
+  have the problems fixed.
+
+  There are no developers in the curl project that are paid to work on bugs.
+  All developers that take on reported bugs do this on a voluntary basis. We
+  do it out of an ambition to keep curl and libcurl excellent products and out
+  of pride.
+
+  But please do not assume that you can just lump over something to us and it
+  will then magically be fixed after some given time. Most often we need
+  feedback and help to understand what you've experienced and how to repeat a
+  problem. Then we may only be able to assist YOU to debug the problem and to
+  track down the proper fix.
+
+  We get reports from many people every month and each report can take a
+  considerable amount of time to really go to the bottom with.
+
+1.6 How to get a stack trace

  First, you must make sure that you compile all sources with -g and that you
  don't 'strip' the final executable. Try to avoid optimizing the code as
@@ -79,3 +135,12 @@ HOW TO GET A STACK TRACE
  crashed. Include the stack trace with your detailed bug report. It'll help a
  lot.

+1.7 Bugs in libcurl bindings
+
+  There will of course pop up bugs in libcurl bindings. You should then
+  primarily approach the team that works on that particular binding and see
+  what you can do to help them fix the problem.
+
+  If you suspect that the problem exists in the underlying libcurl, then
+  please convert your program over to plain C and follow the steps outlined
+  above.
--- a/docs/CONTRIBUTE
+++ b/docs/CONTRIBUTE
@@ -34,6 +34,7 @@
 3.3 How To Make a Patch without git
 3.4 How to get your changes into the main sources
 3.5 Write good commit messages
+ 3.6 Please don't send pull requests

 ==============================================================================

@@ -276,3 +277,27 @@
 and make sure that you have your own user and email setup correctly in git
 before you commit

+3.6 Please don't send pull requests
+
+ With git (and expecially github) it is easy and tempting to send a pull
+ request to one or more people in the curl project to have changes merged this
+ way instead of mailing patches to the curl-library mailing list.
+
+ We don't like that. We want them mailed for these reasons:
+
+ - Peer review. Anyone and everyone on the list can review, comment and
+   improve on the patch. Pull requests limit this ability.
+
+ - Anyone can merge the patch into their own trees for testing and those who
+   have push rights can push it to the main repo. It doesn't have to be anyone
+   the patch author knows beforehand.
+
+ - Commit messages can be tweaked and changed if merged locally instead of
+   using github. Merges directly on github requires the changes to be perfect
+   already, which they seldomly are.
+
+ - Merges on github prevents rebases and even enforces --no-ff which is a git
+   style we don't otherwise use in the project
+
+ However: once patches have been reviewed and deemed fine on list they are
+ perfectly OK to be pulled from a published git tree.
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -1,4 +1,4 @@
-Updated: March 8, 2011 (http://curl.haxx.se/docs/faq.html)
+Updated: December 7, 2011 (http://curl.haxx.se/docs/faq.html)
                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
@@ -36,7 +36,7 @@ FAQ
  3.2 How do I tell curl to resume a transfer?
  3.3 Why doesn't my posting using -F work?
  3.4 How do I tell curl to run custom FTP commands?
-  3.5 How can I disable the Pragma: nocache header?
+  3.5 How can I disable the Accept: */* header?
  3.6 Does curl support ASP, XML, XHTML or HTML version Y?
  3.7 Can I use curl to delete/rename a file through FTP?
  3.8 How do I tell curl to follow HTTP redirects?
@@ -306,41 +306,10 @@ FAQ
  We don't know how many users that downloaded or installed curl and then
  never use it.

-  Some facts to use as input to the math:
+  In May 2012 Daniel did a counting game and came up with a number that may
+  be completely wrong or somewhat accurate. 300 million!

-  curl packages are downloaded from the curl.haxx.se and mirrors over a
-  million times per year. curl is installed by default with most Linux
-  distributions. curl is installed by default with Mac OS X. curl and libcurl
-  as used by numerous applications that include libcurl binaries in their
-  distribution packages (like Adobe Acrobat Reader and Google Earth).
-
-  More than a hundred known named companies use curl in commercial
-  environments and products and more than a hundred known named open source
-  projects depend on (lib)curl.
-
-  In a poll on the curl web site mid-2005, more than 50% of the 300+ answers
-  estimated a user base of one million users or more.
-
-  In March 2005, the "Linux Counter project" estimated a total Linux user base
-  of some 29 millions, while Netcraft detected some 4 million "active" Linux
-  based web servers. A guess is that a fair amount of these Linux
-  installations have curl installed.
-
-  The Debian project maintains statistics on packages installed by people
-  who have voluntarily run their package counting application.  In mid-2010,
-  libcurl3 was installed on over 55000 such systems (62% of reporting systems)
-  and was one of the 320 most popular installed packages (out of about 107000
-  possible packages).
-
-  All this taken together, there is no doubt that there are millions of
-  (lib)curl users.
-
-  http://curl.haxx.se/docs/companies.html
-  http://curl.haxx.se/docs/programs.html
-  http://curl.haxx.se/libcurl/using/apps.html
-  http://counter.li.org/estimates.php
-  http://news.netcraft.com/archives/2005/03/14/fedora_makes_rapid_progress.html
-  http://qa.debian.org/popcon.php?package=curl
+  See http://daniel.haxx.se/blog/2012/05/16/300m-users/

  1.11 Why don't you update ca-bundle.crt

@@ -491,7 +460,6 @@ FAQ
  3.2 How do I tell curl to resume a transfer?

  Curl supports resumed transfers both ways on both FTP and HTTP.
-
  Try the -C option.

  3.3 Why doesn't my posting using -F work?
@@ -517,11 +485,11 @@ FAQ
  FTP commands without transferring anything. Therefore you must always specify
  a URL to transfer to/from even when doing custom FTP commands.

-  3.5 How can I disable the Pragma: nocache header?
+  3.5 How can I disable the Accept: */* header?

  You can change all internally generated headers by adding a replacement with
  the -H/--header option. By adding a header with empty contents you safely
-  disable that one. Use -H "Pragma:" to disable that specific header.
+  disable that one. Use -H "Accept:" to disable that specific header.

  3.6 Does curl support ASP, XML, XHTML or HTML version Y?

@@ -565,6 +533,12 @@ FAQ
  install and use them, in the libcurl section of the curl web site:
  http://curl.haxx.se/libcurl/

+  All the various bindings to libcurl are made by other projects and people,
+  outside of the cURL project. The cURL project itself only produces libcurl
+  with its plain C API. If you don't find anywhere else to ask you can ask
+  about bindings on the curl-library list too, but be prepared that people on
+  that list may not know anything about bindings.
+
  In October 2009, there were interfaces available for the following
  languages: Ada95, Basic, C, C++, Ch, Cocoa, D, Dylan, Eiffel, Euphoria,
  Ferite, Gambas, glib/GTK+, Haskell, ILE/RPG, Java, Lisp, Lua, Mono, .NET,
@@ -721,6 +695,12 @@ FAQ

    curl --header "Host: www.example.com" http://127.0.0.1/

+  You can also opt to add faked host name entries to curl with the --resolve
+  option. That has the added benefit that things like redirects will also work
+  properly. The above operation would instead be done as:
+
+    curl --resolve www.example.com:80:127.0.0.1 http://www.example.com/
+
  3.20 How to SFTP from my user's home directory?

  Contrary to how FTP works, SFTP and SCP URLs specify the exact directory to
@@ -1152,6 +1132,11 @@ FAQ
  libcurl will reuse connections for all transfers that are made using the
  same libcurl handle.

+  When you use the easy interface, the connection cache is kept within the
+  easy handle. If you instead use the multi interface, the connection cache
+  will be kept within the multi handle and will be shared among all the easy
+  handles that are used within the same multi handle.
+
  5.7 Link errors when building libcurl on Windows!

  You need to make sure that your project, and all the libraries (both static
@@ -1260,14 +1245,13 @@ FAQ
  With the easy interface you make sure to return the correct error code from
  one of the callbacks, but none of them are instant. There is no function you
  can call from another thread or similar that will stop it immediately.
-  Instead you need to make sure that one of the callbacks you use return an
-  appropriate value that will stop the transfer.
-
-  Suitable callbacks that you can do this with include the progress callback,
-  the read callback and the write callback.
+  Instead, you need to make sure that one of the callbacks you use returns an
+  appropriate value that will stop the transfer.  Suitable callbacks that you
+  can do this with include the progress callback, the read callback and the
+  write callback.

  If you're using the multi interface, you can also stop a transfer by
-  removing the particular easy handle from the multi stack. At any moment you
+  removing the particular easy handle from the multi stack at any moment you
  think the transfer is done.

  5.14 Using C++ non-static functions for callbacks?
--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -14,6 +14,12 @@ Installing Binary Packages
   binary package. This document describes how to compile, build and install
   curl and libcurl from source code.

+Building from git
+=================
+
+   If you get your code off a git repository, see the GIT-INFO file in the
+   root directory for specific instructions on how to proceed.
+
 UNIX
 ====
   A normal unix installation is made in three or four steps (after you've
@@ -211,9 +217,9 @@ Win32
   adjust as necessary. It is also possible to override these paths with
   environment variables, for example:

-     set ZLIB_PATH=c:\zlib-1.2.5
-     set OPENSSL_PATH=c:\openssl-0.9.8r
-     set LIBSSH2_PATH=c:\libssh2-1.2.7
+     set ZLIB_PATH=c:\zlib-1.2.7
+     set OPENSSL_PATH=c:\openssl-0.9.8x
+     set LIBSSH2_PATH=c:\libssh2-1.4.2

   ATTENTION: if you want to build with libssh2 support you have to use latest
   version 0.17 - previous versions will NOT work with 7.17.0 and later!
@@ -314,7 +320,7 @@ Win32
   documentation on how to compile zlib. Define the ZLIB_PATH environment
   variable to the location of zlib.h and zlib.lib, for example:

-     set ZLIB_PATH=c:\zlib-1.2.5
+     set ZLIB_PATH=c:\zlib-1.2.7

   Then run 'nmake vc-zlib' in curl's root directory.

@@ -328,7 +334,7 @@ Win32
   Before running nmake define the OPENSSL_PATH environment variable with
   the root/base directory of OpenSSL, for example:

-     set OPENSSL_PATH=c:\openssl-0.9.8q
+     set OPENSSL_PATH=c:\openssl-0.9.8x

   Then run 'nmake vc-ssl' or 'nmake vc-ssl-dll' in curl's root
   directory.  'nmake vc-ssl' will create a libcurl static and dynamic
@@ -461,6 +467,34 @@ Win32
     in the vc6libcurl.dsw/vc6libcurl.dsp Visual C++ 6 IDE project.


+   Using BSD-style lwIP instead of Winsock TCP/IP stack in Win32 builds
+   --------------------------------------------------------------------
+
+   In order to compile libcurl and curl using BSD-style lwIP TCP/IP stack
+   it is necessary to make definition of preprocessor symbol USE_LWIPSOCK
+   visible to libcurl and curl compilation processes. To set this definition
+   you have the following alternatives:
+
+   - Modify lib/config-win32.h and src/config-win32.h
+   - Modify lib/Makefile.vc6
+   - Add definition to Project/Settings/C/C++/General/Preprocessor Definitions
+     in the vc6libcurl.dsw/vc6libcurl.dsp Visual C++ 6 IDE project.
+
+   Once that libcurl has been built with BSD-style lwIP TCP/IP stack support,
+   in order to use it with your program it is mandatory that your program
+   includes lwIP header file <lwip/opt.h> (or another lwIP header that includes
+   this) before including any libcurl header. Your program does not need the
+   USE_LWIPSOCK preprocessor definition which is for libcurl internals only.
+
+   Compilation has been verified with lwIP 1.4.0 and contrib-1.4.0 from:
+
+   http://download.savannah.gnu.org/releases/lwip/lwip-1.4.0.zip
+   http://download.savannah.gnu.org/releases/lwip/contrib-1.4.0.zip
+
+   This BSD-style lwIP TCP/IP stack support must be considered experimental
+   given that it has been verified that lwIP 1.4.0 still needs some polish,
+   and libcurl might yet need some additional adjustment, caveat emptor.
+
   Important static libcurl usage note
   -----------------------------------

@@ -806,7 +840,30 @@ VxWorks

 Android
 =======
-   See the build notes in the Android.mk file.
+   Method using the static makefile:
+      - see the build notes in the Android.mk file.
+
+   Method using a configure cross-compile (tested with Android NDK r7b):
+      - prepare the toolchain of the Android NDK for standalone use; this can
+        be done by invoking the script:
+        ./tools/make-standalone-toolchain.sh
+        which creates a usual cross-compile toolchain. Lets assume that you put
+        this toolchain below /opt then invoke configure with something like:
+        export PATH=/opt/arm-linux-androideabi-4.4.3/bin:$PATH
+        ./configure --host=arm-linux-androideabi [more configure options]
+        make
+      - if you want to compile directly from our GIT repo you might run into
+        this issue with older automake stuff:
+        checking host system type...
+        Invalid configuration `arm-linux-androideabi':
+        system `androideabi' not recognized
+        configure: error: /bin/sh ./config.sub arm-linux-androideabi failed
+        this issue can be fixed with using more recent versions of config.sub
+        and config.guess which can be obtained here:
+        http://git.savannah.gnu.org/gitweb/?p=config.git;a=tree
+        you need to replace your system-own versions which usually can be
+        found in your automake folder:
+        find /usr -name config.sub


 CROSS COMPILE
--- a/docs/INSTALL.cmake
+++ b/docs/INSTALL.cmake
@@ -18,6 +18,17 @@ Building with CMake
   CMake builds can be configured either from the command line, or from one
   of CMake's GUI's.

+Important notice
+==================
+   If you got your curl sources from a distribution tarball, make sure to
+   delete the generic 'include/curl/curlbuild.h' file that comes with it:
+       rm -f curl/include/curl/curlbuild.h
+
+   The purpose of this file is to provide reasonable definitions for systems
+   where autoconfiguration is not available. CMake will create its own
+   version of this file in its build directory. If the "generic" version
+   is not deleted, weird build errors may occur on some systems.
+
 Command Line CMake
 ==================
   A command line build of Curl is similar to the autotools build of Curl. It
@@ -32,9 +43,10 @@ Command Line CMake
       # variable prior to running CMake.
       cmake ../curl
       make
-       # currently make test and make install are not implemented
+       # currently make test is not implemented
       #make test
-       #make install
+       # Install to default location:
+       make install

 ccmake
 =========
--- a/docs/INTERNALS
+++ b/docs/INTERNALS
@@ -39,11 +39,11 @@ Portability
 libssh2      0.16
 c-ares       1.6.0
 libidn       0.4.1
- cyassl       1.4.0
+ cyassl       2.0.0
 openldap     2.0
 MIT krb5 lib 1.2.4
 qsossl       V5R2M0
- NSS          3.11.x
+ NSS          3.12.x
 axTLS        1.2.7
 Heimdal      ?

@@ -68,7 +68,7 @@ Portability
 GNU Autoconf 2.57
 GNU Automake 1.7 (we currently avoid 1.10 due to Solaris-related bugs)
 GNU M4       1.4
- perl         4
+ perl         5.004
 roffit       0.5
 groff        ? (any version that supports "groff -Tps -man [in] [out]")
 ps2pdf (gs)  ?
@@ -104,9 +104,9 @@ Windows vs Unix
 Inside the source code, We make an effort to avoid '#ifdef [Your OS]'. All
 conditionals that deal with features *should* instead be in the format
 '#ifdef HAVE_THAT_WEIRD_FUNCTION'. Since Windows can't run configure scripts,
- we maintain two curl_config-win32.h files (one in lib/ and one in src/) that
- are supposed to look exactly as a curl_config.h file would have looked like on
- a Windows machine!
+ we maintain a curl_config-win32.h file in lib directory that is supposed to
+ look exactly as a curl_config.h file would have looked like on a Windows
+ machine!

 Generally speaking: always remember that this will be compiled on dozens of
 operating systems. Don't walk on the edge.
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -3,6 +3,15 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!

+78. curl and libcurl don't always signal the client properly when "sending"
+  zero bytes files - it makes for example the command line client not creating
+  any file at all. Like when using FTP.
+  http://curl.haxx.se/bug/view.cgi?id=3438362
+
+77. CURLOPT_FORBID_REUSE on a handle prevents NTLM from working since it
+  "absuses" the underlying connection re-use system and if connections are
+  forced to close they break the NTLM support.
+
 76. The SOCKET type in Win64 is 64 bits large (and thus so is curl_socket_t on
  that platform), and long is only 32 bits. It makes it impossible for
  curl_easy_getinfo() to return a socket properly with the CURLINFO_LASTSOCKET
@@ -12,12 +21,6 @@ may have been fixed since this was written!
  http://curl.haxx.se/mail/lib-2009-10/0024.html
  http://curl.haxx.se/bug/view.cgi?id=2944325

-74. The HTTP spec allows headers to be merged and become comma-separated
-  instead of being repeated several times. This also include Authenticate: and
-  Proxy-Authenticate: headers and while this hardly every happens in real life
-  it will confuse libcurl which does not properly support it for all headers -
-  like those Authenticate headers.
-
 73. if a connection is made to a FTP server but the server then just never
  sends the 220 response or otherwise is dead slow, libcurl will not
  acknowledge the connection timeout during that phase but only the "real"
--- a/docs/MAIL-ETIQUETTE
+++ b/docs/MAIL-ETIQUETTE
@@ -13,6 +13,7 @@ MAIL ETIQUETTE
  1.4 Subscription Required
  1.5 Moderation of new posters
  1.6 Handling trolls and spam
+  1.7 How to unsubscribe

 2. Sending mail
  2.1 Reply or New Mail
@@ -110,6 +111,20 @@ MAIL ETIQUETTE

  Don't feed the trolls!

+  1.7 How to unsubscribe
+
+  You unsubscribe the same way you subscribed in the first place. You go to
+  the page for the particular mailing list you're subscribed to and you enter
+  your email address and password and press the unsubscribe button.
+
+  Also, this information is included in the headers of every mail that is sent
+  out to all curl related mailing lists and there's footer in each mail that
+  links to the "admin" page on which you can unsubscribe and change other
+  options.
+
+  You NEVER EVER email the mailing list requesting someone else to get you off
+  the list.
+

 2. Sending mail

--- a/docs/MANUAL
+++ b/docs/MANUAL
@@ -328,7 +328,7 @@ POST (HTTP)
  If the content-type is not specified, curl will try to guess from the file
  extension (it only knows a few), or use the previously specified type (from
  an earlier file if several files are specified in a list) or else it will
-  using the default type 'text/plain'.
+  use the default type 'application/octet-stream'.

  Emulate a fill-in form with -F. Let's say you fill in three fields in a
  form. One field is a file name which to post, one field is your name and one
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -22,9 +22,9 @@

 AUTOMAKE_OPTIONS = foreign no-dependencies

-man_MANS = curl.1 curl-config.1
-GENHTMLPAGES = curl.html curl-config.html
-PDFPAGES = curl.pdf curl-config.pdf
+man_MANS = curl.1 curl-config.1 mk-ca-bundle.1
+GENHTMLPAGES = curl.html curl-config.html mk-ca-bundle.html
+PDFPAGES = curl.pdf curl-config.pdf mk-ca-bundle.pdf

 HTMLPAGES = $(GENHTMLPAGES) index.html

--- a/docs/README.cmake
+++ b/docs/README.cmake
--- a/docs/THANKS
+++ b/docs/THANKS
@@ -5,21 +5,28 @@
 If you have contributed but are missing here, please let us know!

 Aaron Oneal
+Aaron Orenstein
 Adam D. Moss
 Adam Light
 Adam Piggott
+Adam Tkac
 Adrian Schuur
+Adriano Meirelles
 Akos Pasztory
 Alan Pinstein
+Albert Chin
 Albert Chin-A-Young
 Albert Choy
 Ale Vesely
+Alejandro Alvarez
 Aleksandar Milivojevic
+Alessandro Ghedini
 Alessandro Vesely
 Alex Bligh
 Alex Fishman
 Alex Neblett
 Alex Suykov
+Alex Vinnik
 Alex aka WindEagle
 Alexander Beedie
 Alexander Kourakos
@@ -29,6 +36,7 @@ Alexander Zhuravlev
 Alexey Borzov
 Alexey Pesternikov
 Alexey Simak
+Alexey Zakhlestin
 Alexis Carvalho
 Alfred Gebert
 Allen Pulsifer
@@ -47,6 +55,7 @@ Andreas Rieke
 Andreas Schuldei
 Andreas Wurf
 Andrei Benea
+Andrei Cipu
 Andres Garcia
 Andrew Benham
 Andrew Biggs
@@ -63,10 +72,12 @@ Andy Tsouladze
 Angus Mackay
 Anthony Bryan
 Antoine Calando
+Anton Bychkov
 Anton Kalmykov
 Arkadiusz Miskiewicz
 Armel Asselin
 Arnaud Ebalard
+Arthur Murray
 Arve Knudsen
 Ates Goral
 Augustus Saunders
@@ -78,10 +89,13 @@ Bas Mevissen
 Ben Darnell
 Ben Greear
 Ben Madsen
+Ben Noordhuis
 Ben Van Hof
+Ben Winslow
 Benbuck Nason
 Benjamin Gerard
 Bernard Leak
+Bernhard Reutner-Fischer
 Bertrand Demiddelaer
 Bill Egert
 Bill Hoffman
@@ -96,6 +110,7 @@ Brad Burdick
 Brad Hards
 Brad King
 Bradford Bruce
+Brandon Wang
 Brendan Jurd
 Brent Beardsley
 Brian Akins
@@ -112,7 +127,9 @@ Camille Moncelier
 Caolan McNamara
 Carsten Lange
 Casey O'Donnell
+Cedric Deltheil
 Chad Monroe
+Chandrakant Bagul
 Charles Kerr
 Chih-Chung Chang
 Chris "Bob Bob"
@@ -123,6 +140,9 @@ Chris Flerackers
 Chris Gaukroger
 Chris Maltby
 Chris Mumford
+Chris Smowton
+Christian Grothoff
+Christian Hagele
 Christian Krause
 Christian Kurz
 Christian Robottom Reis
@@ -133,6 +153,7 @@ Christophe Legry
 Christopher Conroy
 Christopher Palow
 Christopher R. Palmer
+Christopher Stone
 Ciprian Badescu
 Claes Jakobsson
 Clarence Gardner
@@ -147,8 +168,10 @@ Craig A West
 Craig Davison
 Craig Markwardt
 Cris Bailiff
+Cristian Rodriguez
 Curt Bogmine
 Cyrill Osterwalder
+Dagobert Michelsen
 Damien Adant
 Dan Becker
 Dan C
@@ -216,6 +239,7 @@ Dmitry Rechkin
 Dolbneff A.V
 Domenico Andreoli
 Dominick Meglio
+Dominique Leuenberger
 Doug Kaufman
 Doug Porter
 Douglas E. Wegscheid
@@ -256,6 +280,7 @@ Erwin Authried
 Eugene Kotlyarov
 Evan Jordan
 Eygene Ryabinkin
+Fabian Hiernaux
 Fabian Keil
 Fabrizio Ammollo
 Fedor Karpelevitch
@@ -268,11 +293,13 @@ Frank Keeney
 Frank McGeough
 Frank Meier
 Frank Ticheler
+Frank Van Uffelen
 Fred Machado
 Fred New
 Fred Noz
 Frederic Lepied
 Gabriel Kuri
+Garrett Holmstrom
 Gary Maxwell
 Gautam Kachroo
 Gautam Mani
@@ -296,6 +323,7 @@ Giuseppe Attardi
 Giuseppe D'Ambrosio
 Glen Nakamura
 Glen Scott
+Gokhan Sengun
 Grant Erickson
 Greg Hewgill
 Greg Morse
@@ -320,6 +348,8 @@ Heikki Korpela
 Heinrich Ko
 Hendrik Visage
 Henrik Storner
+Henry Ludemann
+Herve Amblard
 Hidemoto Nakada
 Hoi-Ho Chan
 Hongli Lai
@@ -361,6 +391,8 @@ Jan Kunder
 Jan Van Boghout
 Jared Lundell
 Jari Sundell
+Jason Glasgow
+Jason Liu
 Jason McDonald
 Jason S. Priebe
 Jay Austin
@@ -381,11 +413,13 @@ Jeffrey Pohlmeyer
 Jeremy Friesner
 Jerome Muffat-Meridol
 Jerome Vouillon
+Jerry Wu
 Jes Badwal
 Jesper Jensen
 Jesse Noller
 Jim Drash
 Jim Freeman
+Jim Hollinger
 Jim Meyering
 Jocelyn Jaubert
 Joe Halpin
@@ -395,11 +429,13 @@ Jofell Gallardo
 Johan Anderson
 Johan Nilsson
 Johan van Selst
+Johannes Bauer
 John Bradshaw
 John Crow
 John Dennis
 John E. Malmberg
 John Janssen
+John Joseph Bachir
 John Kelly
 John Lask
 John Lightsey
@@ -414,6 +450,7 @@ Jon Sargeant
 Jon Travis
 Jon Turner
 Jonas Forsman
+Jonas Schnelli
 Jonatan Lander
 Jonathan Hseu
 Jongki Suwandi
@@ -421,6 +458,8 @@ Jose Kahan
 Josef Wolf
 Josh Kapell
 Joshua Kwan
+Josue Andrade Gomes
+Juan Barreto
 Juan F. Codagnone
 Juan Ignacio Herv<72>s
 Judson Bishop
@@ -428,6 +467,7 @@ Juergen Wilke
 Jukka Pihl
 Julian Noble
 Julien Chaffraix
+Julien Royer
 Jun-ichiro itojun Hagino
 Jurij Smakov
 Justin Fletcher
@@ -438,6 +478,7 @@ Kai-Uwe Rommel
 Kalle Vahlman
 Kamil Dudka
 Kang-Jin Lee
+Karl M
 Karl Moerder
 Karol Pietrzak
 Kaspar Brand
@@ -498,16 +539,22 @@ Luke Call
 Luong Dinh Dung
 Maciej Karpiuk
 Maciej W. Rozycki
+Mamoru Tasaka
+Mandy Wu
 Manfred Schwarb
+Manuel Massing
 Marc Boucher
 Marc Kleine-Budde
 Marcel Roelofs
 Marcelo Juchem
+Marcin Adamski
 Marcin Konicki
 Marco G. Salvagno
 Marco Maggi
+Marcus Sundberg
 Marcus Webster
 Mario Schroeder
+Mark Brand
 Mark Butler
 Mark Davies
 Mark Eichin
@@ -537,6 +584,7 @@ Matt Kraai
 Matt Veenstra
 Matt Witherspoon
 Matt Wixson
+Matteo Rocco
 Matthew Blain
 Matthew Clarke
 Matthias Bolte
@@ -545,16 +593,20 @@ Mauro Iorio
 Max Katsev
 Maxim Ivanov
 Maxim Perenesenko
+Maxim Prohorov
+Mehmet Bozkurt
 Mekonikum
 Mettgut Jamalla
 Michael Benedict
 Michael Calmer
 Michael Cronenworth
 Michael Curtis
+Michael Day
 Michael Goffioul
 Michael Jahn
 Michael Jerris
 Michael Mealling
+Michael Mueller
 Michael Smith
 Michael Stillwell
 Michael Wallner
@@ -580,6 +632,7 @@ Moonesamy
 Nathan Coulter
 Nathan O'Sullivan
 Nathanael Nerode
+Naveen Chandran
 Naveen Noel
 Neil Dunbar
 Neil Spring
@@ -597,6 +650,7 @@ Nikita Schmidt
 Nikitinskit Dmitriy
 Niklas Angebrand
 Nikolai Kondrashov
+Nikos Mavrogiannopoulos
 Ning Dong
 Nir Soffer
 Nis Jorgensen
@@ -607,15 +661,19 @@ Ofer
 Olaf Stueben
 Olaf St<53>ben
 Oren Tirosh
+Ori Avtalion
 P R Schaffner
+Paolo Piacentini
 Pascal Terjan
 Pasha Kuznetsov
 Pat Ray
+Patrice Guerin
 Patrick Bihan-Faou
 Patrick Monnerat
 Patrick Scott
 Patrick Smith
 Patrik Thunstrom
+Pau Garcia i Quiles
 Paul Harrington
 Paul Howarth
 Paul Marquis
@@ -633,6 +691,7 @@ Pete Su
 Peter Bray
 Peter Forret
 Peter Heuchert
+Peter Hjalmarsson
 Peter Korsgaard
 Peter Lamberg
 Peter O'Gorman
@@ -656,6 +715,7 @@ Philippe Vaucher
 Pierre
 Pierre Brico
 Pierre Joye
+Pierre Ynard
 Pooyan McSporran
 Pramod Sharma
 Puneet Pawaia
@@ -666,6 +726,7 @@ Rafa Muyo
 Rafael Sagula
 Rainer Canavan
 Rainer Koenig
+Rajesh Naganathan
 Ralf S. Engelschall
 Ralph Beckmann
 Ralph Mitchell
@@ -681,6 +742,7 @@ Renaud Duhaut
 Rene Bernhardt
 Rene Rebe
 Reuven Wachtfogel
+Reza Arbab
 Ricardo Cadime
 Rich Gray
 Rich Rauenzahn
@@ -691,16 +753,19 @@ Richard Clayton
 Richard Cooper
 Richard Gorton
 Richard Prescott
+Richard Silverman
 Rick Jones
 Rick Richardson
 Rob Crittenden
 Rob Jones
 Rob Stanzel
+Rob Ward
 Robert A. Monat
 Robert D. Young
 Robert Foreman
 Robert Iakobashvili
 Robert Olson
+Robert Schumann
 Robert Weaver
 Robin Cornelius
 Robin Johnson
@@ -720,6 +785,7 @@ Ruslan Gazizov
 Rutger Hofman
 Ryan Chan
 Ryan Nelson
+Ryan Schmidt
 S. Moonesamy
 Salvador D<>vila
 Salvatore Sorrentino
@@ -730,6 +796,7 @@ Samuel Listopad
 Samuel Thibault
 Sander Gates
 Sandor Feldi
+Saqib Ali
 Saul good
 Scott Barrett
 Scott Cantor
@@ -767,6 +834,8 @@ Stephen Kick
 Stephen More
 Sterling Hughes
 Steve Green
+Steve H Truong
+Steve Holme
 Steve Lhomme
 Steve Little
 Steve Marx
@@ -775,6 +844,7 @@ Steve Roskowski
 Steven Bazyl
 Steven G. Johnson
 Steven M. Schweda
+Steven Parkes
 Stoned Elipot
 Sven Anders
 Sven Neuhaus
@@ -782,10 +852,12 @@ Sven Wegener
 S<EFBFBD>bastien Willemijns
 T. Bharath
 T. Yamada
+Taneli Vahakangas
 Tanguy Fautre
 Temprimus
 Thomas J. Moore
 Thomas Klausner
+Thomas L. Shinnick
 Thomas Lopatic
 Thomas Schwinge
 Thomas Tonino
@@ -794,11 +866,15 @@ Tim Baker
 Tim Bartley
 Tim Chen
 Tim Costello
+Tim Harder
 Tim Newsome
 Tim Sneddon
+Tinus van den Berg
 Tobias Rundstr<74>m
 Toby Peterson
+Todd A Ouska
 Todd Kulesza
+Todd Ouska
 Todd Vierling
 Tom Benoist
 Tom Donovan
@@ -807,6 +883,7 @@ Tom Mattison
 Tom Moers
 Tom Mueller
 Tom Regner
+Tom Wright
 Tom Zerucha
 Tomas Pospisek
 Tomas Szepe
@@ -814,6 +891,7 @@ Tomasz Lacki
 Tommie Gannert
 Tommy Tam
 Ton Voon
+Toni Moreno
 Toon Verwaest
 Tor Arntsen
 Torsten Foertsch
@@ -833,13 +911,16 @@ Vincent Bronner
 Vincent Le Normand
 Vincent Penquerc'h
 Vincent Sanders
+Vincent Torri
 Vlad Grachov
 Vlad Ureche
+Vladimir Grishchenko
 Vladimir Lazarenko
 Vojtech Janota
 Vojtech Minarik
 Vsevolod Novikov
 Walter J. Mack
+Ward Willats
 Wayne Haigh
 Werner Koch
 Wesley Laxton
@@ -847,10 +928,12 @@ Wesley Miaw
 Wez Furlong
 Wilfredo Sanchez
 Wojciech Zwiefka
+Wu Yongzheng
 Xavier Bouchoux
 Yang Tse
 Yarram Sunil
 Yehoshua Hershberg
+Yukihiro Kawada
 Yuriy Sosov
 Yves Lejeune
 Zmey Petroff
--- a/docs/TODO
+++ b/docs/TODO
@@ -12,16 +12,16 @@
 All bugs documented in the KNOWN_BUGS document are subject for fixing!

 1. libcurl
- 1.1 Zero-copy interface
 1.2 More data sharing
 1.3 struct lifreq
 1.4 signal-based resolver timeouts
 1.5 get rid of PATH_MAX
+ 1.6 progress callback without doubles
+ 1.7 Happy Eyeball dual stack connect

 2. libcurl - multi interface
 2.1 More non-blocking
 2.2 Remove easy interface internally
- 2.3 Avoid having to remove/readd handles
 2.4 Fix HTTP Pipelining for PUT

 3. Documentation
@@ -54,63 +54,69 @@
 7.5 Export session ids
 7.6 Provide callback for cert verification
 7.7 Support other SSL libraries
- 7.8  Support SRP on the TLS layer
 7.9 improve configure --with-ssl

 8. GnuTLS
 8.1 SSL engine stuff
- 8.2 SRP
 8.3 check connection
 8.4 non-gcrypt

- 9. Other protocols
+ 9. SMTP
+ 9.1 Other authentication mechanims
+ 9.2 Specify the preferred authentication mechanism
+ 9.3 Initial response
+ 9.4 Pipelining
 
- 10. New protocols
- 10.1 RSYNC
+ 10. POP3
+ 10.1 APOP Authentication
+ 10.2 Other authentication mechanims
+ 10.3 auth= in URLs
 
- 11. Client
- 11.1 sync
- 11.2 glob posts
- 11.3 prevent file overwriting
- 11.4 simultaneous parallel transfers
- 11.5 provide formpost headers
- 11.6 url-specific options
- 11.7 metalink support
- 11.8 warning when setting an option
+ 11. Other protocols

- 12. Build
- 12.1 roffit
+ 12. New protocols
+ 12.1 RSYNC

- 13. Test suite
- 13.1 SSL tunnel
- 13.2 nicer lacking perl message
- 13.3 more protocols supported
- 13.4 more platforms supported
+ 13. Client
+ 13.1 sync
+ 13.2 glob posts
+ 13.3 prevent file overwriting
+ 13.4 simultaneous parallel transfers
+ 13.5 provide formpost headers
+ 13.6 url-specific options
+ 13.7 metalink support
+ 13.8 warning when setting an option
+ 13.9 IPv6 addresses with globbing

- 14. Next SONAME bump
- 14.1 http-style HEAD output for ftp
- 14.2 combine error codes
- 14.3 extend CURLOPT_SOCKOPTFUNCTION prototype
+ 14. Build
+ 14.1 roffit

- 15. Next major release
- 15.1 cleanup return codes
- 15.2 remove obsolete defines
- 15.3 size_t
- 15.4 remove several functions
- 15.5 remove CURLOPT_FAILONERROR
- 15.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
- 15.7 remove progress meter from libcurl
+ 15. Test suite
+ 15.1 SSL tunnel
+ 15.2 nicer lacking perl message
+ 15.3 more protocols supported
+ 15.4 more platforms supported
+
+ 16. Next SONAME bump
+ 16.1 http-style HEAD output for ftp
+ 16.2 combine error codes
+ 16.3 extend CURLOPT_SOCKOPTFUNCTION prototype
+
+ 17. Next major release
+ 17.1 cleanup return codes
+ 17.2 remove obsolete defines
+ 17.3 size_t
+ 17.4 remove several functions
+ 17.5 remove CURLOPT_FAILONERROR
+ 17.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
+ 17.7 remove progress meter from libcurl
+ 17.8 remove 'curl_httppost' from public
+ 17.9 have form functions use CURL handle argument

 ==============================================================================

 1. libcurl

-1.1 Zero-copy interface
-
- Introduce another callback interface for upload/download that makes one less
- copy of data and thus a faster operation.
- [http://curl.haxx.se/dev/no_copy_callbacks.txt]
-
 1.2 More data sharing

 curl_share_* functions already exist and work, and they can be extended to
@@ -144,6 +150,28 @@
 we need libssh2 to properly tell us when we pass in a too small buffer and
 its current API (as of libssh2 1.2.7) doesn't.

+1.6 progress callback without doubles
+
+ The progress callback was introduced way back in the days and the choice to
+ use doubles in the arguments was possibly good at the time. Today the doubles
+ only confuse users and make the amounts less precise. We should introduce
+ another progress callback option that take precedence over the old one and
+ have both co-exist for a forseeable time until we can remove the double-using
+ one.
+
+1.7 Happy Eyeball dual stack connect
+
+ In order to make alternative technologies not suffer when transitioning, like
+ when introducing IPv6 as an alternative to IPv4 and there are more than one
+ option existing simultaneously there are reasons to reconsider internal
+ choices.
+
+ To make libcurl do blazing fast IPv6 in a dual-stack configuration, this needs
+ to be addressed:
+
+    http://tools.ietf.org/html/rfc6555
+
+
 2. libcurl - multi interface

 2.1 More non-blocking
@@ -153,7 +181,6 @@

 - Name resolves on non-windows unless c-ares is used
 - NSS SSL connections
- - Active FTP connections
 - HTTP proxy CONNECT operations
 - SOCKS proxy handshakes
 - file:// transfers
@@ -170,23 +197,6 @@
 internally use and assume the multi interface. The select()-loop should use
 curl_multi_socket().

-2.3 Avoid having to remove/readd handles
-
- curl_multi_handle_control() - this can control the easy handle (while) added
- to a multi handle in various ways:
-
- o RESTART, unconditionally restart this easy handle's transfer from the
-   start, re-init the state
-
- o RESTART_COMPLETED, restart this easy handle's transfer but only if the
-   existing transfer has already completed and it is in a "finished state".
-
- o STOP, just stop this transfer and consider it completed
-
- o PAUSE?
-
- o RESUME?
-
 2.4 Fix HTTP Pipelining for PUT

 HTTP Pipelining can be a way to greatly enhance performance for multiple
@@ -334,12 +344,6 @@ to provide the data to send.
 Make curl's SSL layer capable of using other free SSL libraries.  Such as
 MatrixSSL (http://www.matrixssl.org/).

-7.8  Support SRP on the TLS layer
-
- Peter Sylvester's patch for SRP on the TLS layer.  Awaits OpenSSL support for
- this, no need to support this in libcurl before there's an OpenSSL release
- that does it.
-
 7.9 improve configure --with-ssl

 make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
@@ -351,11 +355,6 @@ to provide the data to send.

 Is this even possible?

-8.2 SRP
-
- Work out a common method with Peter Sylvester's OpenSSL-patch for SRP on the
- TLS to provide name and password. GnuTLS already supports it...
-
 8.3 check connection

 Add a way to check if the connection seems to be alive, to correspond to the
@@ -372,18 +371,65 @@ to provide the data to send.
 The correct fix would be to detect which crypto layer that is in use and
 adapt our code to use that instead of blindly assuming gcrypt.

-9. Other protocols
+9. SMTP

-10. New protocols
+9.1 Other authentication mechanims

-10.1 RSYNC
+ Add support for other authentication mechanisms such as digest-md5 and
+ gssapi.

- There's no RFC for protocol nor URI/URL format.  An implementation should
- most probably use an existing rsync library, such as librsync.
+9.2 Specify the preferred authentication mechanism

-11. Client
+ Add the ability to specify the preferred authentication mechanism or a list
+ of mechanims that should be used. Not only that, but the order that is
+ returned by the server during the EHLO response should be honored by curl.
 
-11.1 sync
+9.3 Initial response
+
+ Add the ability for the user to specify whether the initial response is
+ included in the AUTH command. Some email servers, such as Microsoft
+ Exchange, can work with either whilst others need to have the initial
+ response sent separately:
+ 
+ http://curl.haxx.se/mail/lib-2012-03/0114.html
+ 
+9.4 Pipelining
+
+ Add support for pipelining emails.
+ 
+10. POP3
+
+10.1 APOP Authentication
+
+ Add support for the APOP command rather than using plain text authentication
+ (USER and PASS) as this is very week security wise. Note: The APOP command
+ is specified as "APOP <username> <md5 password>", however, it isn't
+ supported by all mail servers.
+ 
+10.2 Other authentication mechanims
+
+ SASL offers support for additional authentication mechanisms via the AUTH
+ command. Detection of an email server's support for SASL authentication
+ can be detected via the CAPA command whilst a list of supported mechanisms
+ can be retrieved with an empty AUTH command.
+ 
+10.3 auth= in URLs
+
+ Being able to specify the preferred authentication mechanim in the URL as
+ per RFC-2384 (http://tools.ietf.org/html/rfc2384).
+ 
+11. Other protocols
+
+12. New protocols
+
+12.1 RSYNC
+
+ There's no RFC for the protocol or an URI/URL format.  An implementation
+ should most probably use an existing rsync library, such as librsync.
+
+13. Client
+
+13.1 sync

 "curl --sync http://example.com/feed[1-100].rss" or
 "curl --sync http://example.net/{index,calendar,history}.html"
@@ -392,12 +438,12 @@ to provide the data to send.
 remote file is newer than the local file. A Last-Modified HTTP date header
 should also be used to set the mod date on the downloaded file.

-11.2 glob posts
+13.2 glob posts

 Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
 This is easily scripted though.

-11.3 prevent file overwriting
+13.3 prevent file overwriting

 Add an option that prevents cURL from overwriting existing local files. When
 used, and there already is an existing file with the target file name
@@ -405,14 +451,14 @@ to provide the data to send.
 existing). So that index.html becomes first index.html.1 and then
 index.html.2 etc.

-11.4 simultaneous parallel transfers
+13.4 simultaneous parallel transfers

 The client could be told to use maximum N simultaneous parallel transfers and
 then just make sure that happens. It should of course not make more than one
 connection to the same remote host. This would require the client to use the
 multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595

-11.5 provide formpost headers
+13.5 provide formpost headers

 Extending the capabilities of the multipart formposting. How about leaving
 the ';type=foo' syntax as it is and adding an extra tag (headers) which
@@ -426,7 +472,7 @@ to provide the data to send.
 which should overwrite the program reasonable defaults (plain/text,
 8bit...)

-11.6 url-specific options
+13.6 url-specific options

 Provide a way to make options bound to a specific URL among several on the
 command line. Possibly by letting ':' separate options between URLs,
@@ -440,55 +486,62 @@ to provide the data to send.

 The example would do a POST-GET-POST combination on a single command line.

-11.7 metalink support
+13.7 metalink support

 Add metalink support to curl (http://www.metalinker.org/). This is most useful
 with simultaneous parallel transfers (11.6) but not necessary.

-11.8 warning when setting an option
+13.8 warning when setting an option

  Display a warning when libcurl returns an error when setting an option.
  This can be useful to tell when support for a particular feature hasn't been
  compiled into the library.

-12. Build
+13.9 IPv6 addresses with globbing

-12.1 roffit
+  Currently the command line client needs to get url globbing disabled (with
+  -g) for it to support IPv6 numerical addresses. This is a rather silly flaw
+  that should be corrected. It probably involves a smarter detection of the
+  '[' and ']' letters.
+
+14. Build
+
+14.1 roffit

 Consider extending 'roffit' to produce decent ASCII output, and use that
 instead of (g)nroff when building src/hugehelp.c

-13. Test suite
+15. Test suite

-13.1 SSL tunnel
+15.1 SSL tunnel

 Make our own version of stunnel for simple port forwarding to enable HTTPS
 and FTP-SSL tests without the stunnel dependency, and it could allow us to
 provide test tools built with either OpenSSL or GnuTLS

-13.2 nicer lacking perl message
+15.2 nicer lacking perl message

 If perl wasn't found by the configure script, don't attempt to run the tests
 but explain something nice why it doesn't.

-13.3 more protocols supported
+15.3 more protocols supported

 Extend the test suite to include more protocols. The telnet could just do ftp
 or http operations (for which we have test servers).

-13.4 more platforms supported
+15.4 more platforms supported

 Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
 fork()s and it should become even more portable.

-14. Next SONAME bump
+16. Next SONAME bump

-14.1 http-style HEAD output for ftp
+16.1 http-style HEAD output for ftp

 #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
 from being output in NOBODY requests over ftp

-14.2 combine error codes
+16.2 combine error codes

 Combine some of the error codes to remove duplicates.  The original
 numbering should not be changed, and the old identifiers would be
@@ -506,29 +559,29 @@ to provide the data to send.
    CURLE_TFTP_NOTFOUND => CURLE_REMOTE_FILE_NOT_FOUND
    CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED

-14.3 extend CURLOPT_SOCKOPTFUNCTION prototype
+16.3 extend CURLOPT_SOCKOPTFUNCTION prototype

 The current prototype only provides 'purpose' that tells what the
 connection/socket is for, but not any protocol or similar. It makes it hard
 for applications to differentiate on TCP vs UDP and even HTTP vs FTP and
 similar.

-15. Next major release
+17. Next major release

-15.1 cleanup return codes
+17.1 cleanup return codes

 curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
 CURLMcode. These should be changed to be the same.

-15.2 remove obsolete defines
+17.2 remove obsolete defines

 remove obsolete defines from curl/curl.h

-15.3 size_t
+17.3 size_t

 make several functions use size_t instead of int in their APIs

-15.4 remove several functions
+17.4 remove several functions

 remove the following functions from the public API:

@@ -549,18 +602,18 @@ to provide the data to send.

 curl_multi_socket_all

-15.5 remove CURLOPT_FAILONERROR
+17.5 remove CURLOPT_FAILONERROR

 Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
 internally. Let the app judge success or not for itself.

-15.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
+17.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE

 Remove support for a global DNS cache. Anything global is silly, and we
 already offer the share interface for the same functionality but done
 "right".

-15.7 remove progress meter from libcurl
+17.7 remove progress meter from libcurl

 The internally provided progress meter output doesn't belong in the library.
 Basically no application wants it (apart from curl) but instead applications
@@ -569,3 +622,20 @@ to provide the data to send.
 The progress callback should then be bumped as well to get proper 64bit
 variable types passed to it instead of doubles so that big files work
 correctly.
+
+17.8 remove 'curl_httppost' from public
+
+ curl_formadd() was made to fill in a public struct, but the fact that the
+ struct is public is never really used by application for their own advantage
+ but instead often restricts how the form functions can or can't be modified.
+
+ Changing them to return a private handle will benefit the implementation and
+ allow us much greater freedoms while still maintining a solid API and ABI.
+
+17.9 have form functions use CURL handle argument
+
+ curl_formadd() and curl_formget() both currently have no CURL handle
+ argument, but both can use a callback that is set in the easy handle, and
+ thus curl_formget() with callback cannot function without first having
+ curl_easy_perform() (or similar) called - which is hard to grasp and a design
+ mistake.
--- a/docs/VERSIONS
+++ b/docs/VERSIONS
@@ -11,32 +11,25 @@ Version Numbers and Releases

 The version numbering is always built up using the same system:

-        X.Y[.Z][-preN]
+        X.Y[.Z]

 Where
   X is main version number
   Y is release number
   Z is patch number
-   N is pre-release number

 One of these numbers will get bumped in each new release. The numbers to the
 right of a bumped number will be reset to zero. If Z is zero, it may not be
- included in the version number. The pre release number is only included in
- pre releases (they're never used in public, official, releases).
+ included in the version number.

 The main version number will get bumped when *really* big, world colliding
- changes are made. The release number is bumped when big changes are
- performed. The patch number is bumped when the changes are mere bugfixes and
- only minor feature changes. The pre-release is a counter, to identify which
- pre-release a certain release is.
-
- When reaching the end of a pre-release period, the version without the
- pre-release part will be released as a public release.
+ changes are made. The release number is bumped when changes are performed or
+ things/features are added. The patch number is bumped when the changes are
+ mere bugfixes.

 It means that after release 1.2.3, we can release 2.0 if something really big
 has been made, 1.3 if not that big changes were made or 1.2.4 if mostly bugs
- were fixed. Before 1.2.4 is released, we might release a 1.2.4-pre1 release
- for the brave people to try before the actual release.
+ were fixed.

 Bumping, as in increasing the number with 1, is unconditionally only
 affecting one of the numbers (except the ones to the right of it, that may be
@@ -56,12 +49,12 @@ Version Numbers and Releases
        #define LIBCURL_VERSION_NUM 0xXXYYZZ

 Where XX, YY and ZZ are the main version, release and patch numbers in
- hexadecimal. All three numbers are always represented using two digits.  1.2
- would appear as "0x010200" while version 9.11.7 appears as "0x090b07".
+ hexadecimal. All three number fields are always represented using two digits
+ (eight bits each). 1.2 would appear as "0x010200" while version 9.11.7
+ appears as "0x090b07".

- This 6-digit hexadecimal number does not show pre-release number, and it is
- always a greater number in a more recent release. It makes comparisons with
- greater than and less than work.
+ This 6-digit hexadecimal number is always a greater number in a more recent
+ release. It makes comparisons with greater than and less than work.

 This number is also available as three separate defines:
 LIBCURL_VERSION_MAJOR, LIBCURL_VERSION_MINOR and LIBCURL_VERSION_PATCH.
--- a/docs/curl-config.1
+++ b/docs/curl-config.1
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -93,7 +93,6 @@ What's the installed libcurl version?

 How do I build a single file with a one-line command?

-  $ `curl-config --cc --cflags --libs` -o example example.c
-
+  $ `curl-config --cc --cflags` -o example example.c `curl-config --libs`
 .SH "SEE ALSO"
 .BR curl (1)
--- a/docs/curl.1
+++ b/docs/curl.1
--- a/docs/examples/.gitignore
+++ b/docs/examples/.gitignore
@@ -4,6 +4,7 @@ certinfo
 chkspeed
 cookie_interface
 debug
+externalsocket
 fileupload
 fopen
 ftp-wildcard
@@ -17,14 +18,20 @@ http-post
 httpcustomheader
 httpput
 https
+imap
 multi-app
 multi-debugcallback
 multi-double
 multi-post
 multi-single
 persistant
+pop3s
+pop3slist
 post-callback
 postit2
+progressfunc
+resolve
+rtsp
 sendrecv
 sepheaders
 simple
@@ -33,3 +40,4 @@ simplesmtp
 simplessl
 smtp-multi
 smtp-tls
+url2file
--- a/docs/examples/Makefile.am
+++ b/docs/examples/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -23,7 +23,7 @@
 AUTOMAKE_OPTIONS = foreign nostdinc

 EXTRA_DIST = README Makefile.example Makefile.inc Makefile.m32 \
-	makefile.dj $(COMPLICATED_EXAMPLES)
+	Makefile.netware makefile.dj $(COMPLICATED_EXAMPLES)

 # Specify our include paths here, and do it relative to $(top_srcdir) and
 # $(top_builddir), to ensure that these paths which belong to the library
@@ -40,12 +40,12 @@ INCLUDES = -I$(top_builddir)/include/curl \

 LIBDIR = $(top_builddir)/lib

-if STATICLIB
-# we need this define when building with a static lib on Windows
-STATICCPPFLAGS = -DCURL_STATICLIB
-endif
+AM_CPPFLAGS = -DCURL_NO_OLDIES

-CPPFLAGS = -DCURL_NO_OLDIES $(STATICCPPFLAGS)
+# Mostly for Windows build targets, when using static libcurl
+if USE_CPPFLAG_CURL_STATICLIB
+AM_CPPFLAGS += -DCURL_STATICLIB
+endif

 # Dependencies
 LDADD = $(LIBDIR)/libcurl.la
--- a/docs/examples/Makefile.inc
+++ b/docs/examples/Makefile.inc
@@ -4,7 +4,8 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \
  https multi-app multi-debugcallback multi-double multi-post multi-single \
  persistant post-callback postit2 sepheaders simple simplepost simplessl  \
  sendrecv httpcustomheader certinfo chkspeed ftpgetinfo ftp-wildcard \
-  smtp-multi simplesmtp smtp-tls
+  smtp-multi simplesmtp smtp-tls rtsp externalsocket resolve \
+  progressfunc pop3s pop3slist imap url2file

 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
--- a/docs/examples/Makefile.m32
+++ b/docs/examples/Makefile.m32
@@ -19,31 +19,50 @@
 # KIND, either express or implied.
 #
 ###########################################################################
-#########################################################################
 #
-## Makefile for building curl examples with MingW32
-## and optionally OpenSSL (0.9.8), libssh2 (0.18), zlib (1.2.3)
+## Makefile for building curl examples with MingW (GCC-3.2 or later)
+## and optionally OpenSSL (0.9.8), libssh2 (1.3), zlib (1.2.5), librtmp (2.3)
 ##
-## Usage:
-## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [SSPI=1] [IPV6=1] [DYN=1]
+## Usage:   mingw32-make -f Makefile.m32 CFG=-feature1[-feature2][-feature3][...]
+## Example: mingw32-make -f Makefile.m32 CFG=-zlib-ssl-spi-winidn
 ##
 ## Hint: you can also set environment vars to control the build, f.e.:
-## set ZLIB_PATH=c:/zlib-1.2.3
+## set ZLIB_PATH=c:/zlib-1.2.7
 ## set ZLIB=1
-##
-#########################################################################
+#
+###########################################################################

 # Edit the path below to point to the base of your Zlib sources.
 ifndef ZLIB_PATH
-ZLIB_PATH = ../../zlib-1.2.3
+ZLIB_PATH = ../../../zlib-1.2.7
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8k
+OPENSSL_PATH = ../../../openssl-0.9.8x
+endif
+ifndef OPENSSL_LIBPATH
+OPENSSL_LIBPATH = $(OPENSSL_PATH)/out
+endif
+ifndef OPENSSL_LIBS
+OPENSSL_LIBS = -leay32 -lssl32
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-1.2
+LIBSSH2_PATH = ../../../libssh2-1.4.2
+endif
+# Edit the path below to point to the base of your librtmp package.
+ifndef LIBRTMP_PATH
+LIBRTMP_PATH = ../../../librtmp-2.3
+endif
+# Edit the path below to point to the base of your libidn package.
+ifndef LIBIDN_PATH
+LIBIDN_PATH = ../../../libidn-1.18
+endif
+# Edit the path below to point to the base of your MS IDN package.
+# Microsoft Internationalized Domain Names (IDN) Mitigation APIs 1.1
+# http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad6158d7-ddba-416a-9109-07607425a815
+ifndef WINIDN_PATH
+WINIDN_PATH = ../../../Microsoft IDN Mitigation APIs
 endif
 # Edit the path below to point to the base of your Novell LDAP NDK.
 ifndef LDAP_SDK
@@ -51,25 +70,76 @@ LDAP_SDK = c:/novell/ndk/cldapsdk/win32
 endif

 PROOT = ../..
-ARES_LIB = $(PROOT)/ares

-SSL = 1
-ZLIB = 1
+# Edit the path below to point to the base of your c-ares package.
+ifndef LIBCARES_PATH
+LIBCARES_PATH = $(PROOT)/ares
+endif
+
+# Edit the var below to set to your architecture or set environment var.
+ifndef ARCH
+ARCH = w32
+endif

 CC = gcc
 CFLAGS = -g -O2 -Wall
+CFLAGS += -fno-strict-aliasing
+ifeq ($(ARCH),w64)
+CFLAGS += -D_AMD64_
+endif
 # comment LDFLAGS below to keep debug info
 LDFLAGS = -s
 RC = windres
 RCFLAGS = --include-dir=$(PROOT)/include -O COFF -i
-RM = del /q /f > NUL 2>&1
+
+RM = del /q /f 2>NUL
 CP = copy

 ########################################################
 ## Nothing more to do below this line!

+ifeq ($(findstring -dyn,$(CFG)),-dyn)
+DYN = 1
+endif
+ifeq ($(findstring -ares,$(CFG)),-ares)
+ARES = 1
+endif
+ifeq ($(findstring -rtmp,$(CFG)),-rtmp)
+RTMP = 1
+SSL = 1
+ZLIB = 1
+endif
+ifeq ($(findstring -ssh2,$(CFG)),-ssh2)
+SSH2 = 1
+SSL = 1
+ZLIB = 1
+endif
+ifeq ($(findstring -ssl,$(CFG)),-ssl)
+SSL = 1
+endif
+ifeq ($(findstring -zlib,$(CFG)),-zlib)
+ZLIB = 1
+endif
+ifeq ($(findstring -idn,$(CFG)),-idn)
+IDN = 1
+endif
+ifeq ($(findstring -winidn,$(CFG)),-winidn)
+WINIDN = 1
+endif
+ifeq ($(findstring -sspi,$(CFG)),-sspi)
+SSPI = 1
+endif
+ifeq ($(findstring -spnego,$(CFG)),-spnego)
+SPNEGO = 1
+endif
+ifeq ($(findstring -ldaps,$(CFG)),-ldaps)
+LDAPS = 1
+endif
+ifeq ($(findstring -ipv6,$(CFG)),-ipv6)
+IPV6 = 1
+endif
+
 INCLUDES = -I. -I$(PROOT) -I$(PROOT)/include -I$(PROOT)/lib
-LINK = $(CC) $(LDFLAGS) -o $@

 ifdef DYN
  curl_DEPENDENCIES = $(PROOT)/lib/libcurldll.a $(PROOT)/lib/libcurl.dll
@@ -81,34 +151,45 @@ else
 endif
 ifdef ARES
  ifndef DYN
-    curl_DEPENDENCIES += $(ARES_LIB)/libcares.a
+    curl_DEPENDENCIES += $(LIBCARES_PATH)/libcares.a
  endif
  CFLAGS += -DUSE_ARES
-  curl_LDADD += -L$(ARES_LIB) -lcares
+  curl_LDADD += -L"$(LIBCARES_PATH)" -lcares
+endif
+ifdef RTMP
+  CFLAGS += -DUSE_LIBRTMP
+  curl_LDADD += -L"$(LIBRTMP_PATH)/librtmp" -lrtmp -lwinmm
 endif
 ifdef SSH2
  CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H
-  curl_LDADD += -L$(LIBSSH2_PATH)/win32 -lssh2
+  curl_LDADD += -L"$(LIBSSH2_PATH)/win32" -lssh2
 endif
 ifdef SSL
-  INCLUDES += -I"$(OPENSSL_PATH)/outinc"
  CFLAGS += -DUSE_SSLEAY -DHAVE_OPENSSL_ENGINE_H
-  ifdef DYN
-    curl_LDADD += -L$(OPENSSL_PATH)/out -leay32 -lssl32
-  else
-    curl_LDADD += -L$(OPENSSL_PATH)/out -lssl -lcrypto -lgdi32
-  endif
+  curl_LDADD += -L"$(OPENSSL_LIBPATH)" $(OPENSSL_LIBS)
 endif
 ifdef ZLIB
  INCLUDES += -I"$(ZLIB_PATH)"
  CFLAGS += -DHAVE_LIBZ -DHAVE_ZLIB_H
-  curl_LDADD += -L$(ZLIB_PATH) -lz
+  curl_LDADD += -L"$(ZLIB_PATH)" -lz
+endif
+ifdef IDN
+  CFLAGS += -DUSE_LIBIDN
+  curl_LDADD += -L"$(LIBIDN_PATH)/lib" -lidn
+else
+ifdef WINIDN
+  CFLAGS += -DUSE_WIN32_IDN
+  curl_LDADD += -L"$(WINIDN_PATH)" -lnormaliz
+endif
 endif
 ifdef SSPI
  CFLAGS += -DUSE_WINDOWS_SSPI
 endif
+ifdef SPNEGO
+  CFLAGS += -DHAVE_SPNEGO
+endif
 ifdef IPV6
-  CFLAGS += -DENABLE_IPV6
+  CFLAGS += -DENABLE_IPV6 -D_WIN32_WINNT=0x0501
 endif
 ifdef LDAPS
  CFLAGS += -DHAVE_LDAP_SSL
@@ -127,28 +208,28 @@ curl_LDADD += -lwldap32
 endif
 endif
 curl_LDADD += -lws2_32
-COMPILE = $(CC) $(INCLUDES) $(CFLAGS)

 # Makefile.inc provides the check_PROGRAMS and COMPLICATED_EXAMPLES defines
 include Makefile.inc

-example_PROGRAMS := $(patsubst %,%.exe,$(strip $(check_PROGRAMS)))
-
-.SUFFIXES: .rc .res .o .exe
+check_PROGRAMS := $(patsubst %,%.exe,$(strip $(check_PROGRAMS)))
+check_PROGRAMS += ftpuploadresume.exe synctime.exe


-all: $(example_PROGRAMS)
+all: $(check_PROGRAMS)

-.o.exe: $(curl_DEPENDENCIES)
-	$(LINK) $< $(curl_LDADD)
+%.exe: %.o $(curl_DEPENDENCIES)
+	$(CC) $(LDFLAGS) -o $@ $< $(curl_LDADD)

-.c.o:
-	$(COMPILE) -c $<
+%.o: %.c
+	$(CC) $(INCLUDES) $(CFLAGS) -c $<

-.rc.res:
+%.res: %.rc
 	$(RC) $(RCFLAGS) $< -o $@

 clean:
-	$(RM) $(example_PROGRAMS)
+	-$(RM) $(check_PROGRAMS:.exe=.o)

+distclean vclean: clean
+	-$(RM) $(check_PROGRAMS)

--- a/docs/examples/Makefile.netware
+++ b/docs/examples/Makefile.netware
@@ -0,0 +1,441 @@
+#################################################################
+#
+## Makefile for building curl.nlm (NetWare version - gnu make)
+## Use: make -f Makefile.netware
+##
+## Comments to: Guenter Knauf http://www.gknw.net/phpbb
+#
+#################################################################
+
+# Edit the path below to point to the base of your Novell NDK.
+ifndef NDKBASE
+NDKBASE	= c:/novell
+endif
+
+# Edit the path below to point to the base of your Zlib sources.
+ifndef ZLIB_PATH
+ZLIB_PATH = ../../../zlib-1.2.7
+endif
+
+# Edit the path below to point to the base of your OpenSSL package.
+ifndef OPENSSL_PATH
+OPENSSL_PATH = ../../../openssl-0.9.8x
+endif
+
+# Edit the path below to point to the base of your LibSSH2 package.
+ifndef LIBSSH2_PATH
+LIBSSH2_PATH = ../../../libssh2-1.4.2
+endif
+
+# Edit the path below to point to the base of your axTLS package.
+ifndef AXTLS_PATH
+AXTLS_PATH = ../../../axTLS-1.2.7
+endif
+
+# Edit the path below to point to the base of your libidn package.
+ifndef LIBIDN_PATH
+LIBIDN_PATH = ../../../libidn-1.18
+endif
+
+# Edit the path below to point to the base of your librtmp package.
+ifndef LIBRTMP_PATH
+LIBRTMP_PATH = ../../../librtmp-2.3
+endif
+
+# Edit the path below to point to the base of your fbopenssl package.
+ifndef FBOPENSSL_PATH
+FBOPENSSL_PATH = ../../fbopenssl-0.4
+endif
+
+# Edit the path below to point to the base of your c-ares package.
+ifndef LIBCARES_PATH
+LIBCARES_PATH = ../../ares
+endif
+
+ifndef INSTDIR
+INSTDIR	= ..$(DS)..$(DS)curl-$(LIBCURL_VERSION_STR)-bin-nw
+endif
+
+# Edit the vars below to change NLM target settings.
+TARGET  = examples
+VERSION	= $(LIBCURL_VERSION)
+COPYR	= Copyright (C) $(LIBCURL_COPYRIGHT_STR)
+DESCR	= cURL ($(LIBARCH))
+MTSAFE	= YES
+STACK	= 8192
+SCREEN	= Example Program
+# Comment the line below if you dont want to load protected automatically.
+# LDRING = 3
+
+# Uncomment the next line to enable linking with POSIX semantics.
+# POSIXFL = 1
+
+# Edit the var below to point to your lib architecture.
+ifndef LIBARCH
+LIBARCH = LIBC
+endif
+
+# must be equal to NDEBUG or DEBUG, CURLDEBUG
+ifndef DB
+DB	= NDEBUG
+endif
+# Optimization: -O<n> or debugging: -g
+ifeq ($(DB),NDEBUG)
+	OPT	= -O2
+	OBJDIR	= release
+else
+	OPT	= -g
+	OBJDIR	= debug
+endif
+
+# The following lines defines your compiler.
+ifdef CWFolder
+	METROWERKS = $(CWFolder)
+endif
+ifdef METROWERKS
+	# MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support
+	MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support/Metrowerks Support
+	CC = mwccnlm
+else
+	CC = gcc
+endif
+PERL	= perl
+# Here you can find a native Win32 binary of the original awk:
+# http://www.gknw.net/development/prgtools/awk-20100523.zip
+AWK	= awk
+CP	= cp -afv
+MKDIR	= mkdir
+# RM	= rm -f
+# If you want to mark the target as MTSAFE you will need a tool for
+# generating the xdc data for the linker; here's a minimal tool:
+# http://www.gknw.net/development/prgtools/mkxdc.zip
+MPKXDC	= mkxdc
+
+# LIBARCH_U = $(shell $(AWK) 'BEGIN {print toupper(ARGV[1])}' $(LIBARCH))
+LIBARCH_L = $(shell $(AWK) 'BEGIN {print tolower(ARGV[1])}' $(LIBARCH))
+
+# Include the version info retrieved from curlver.h
+-include $(OBJDIR)/version.inc
+
+# Global flags for all compilers
+CFLAGS	+= $(OPT) -D$(DB) -DNETWARE -DHAVE_CONFIG_H -nostdinc
+
+ifeq ($(CC),mwccnlm)
+LD	= mwldnlm
+LDFLAGS	= -nostdlib $< $(PRELUDE) $(LDLIBS) -o $@ -commandfile
+LIBEXT	= lib
+CFLAGS	+= -gccinc -inline off -opt nointrinsics -proc 586
+CFLAGS	+= -relax_pointers
+#CFLAGS	+= -w on
+ifeq ($(LIBARCH),LIBC)
+ifeq ($(POSIXFL),1)
+	PRELUDE = $(NDK_LIBC)/imports/posixpre.o
+else
+	PRELUDE = $(NDK_LIBC)/imports/libcpre.o
+endif
+	CFLAGS += -align 4
+else
+	# PRELUDE = $(NDK_CLIB)/imports/clibpre.o
+	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+	PRELUDE = "$(MWCW_PATH)/libraries/runtime/prelude.obj"
+	# CFLAGS += -include "$(MWCW_PATH)/headers/nlm_clib_prefix.h"
+	CFLAGS += -align 1
+endif
+else
+LD	= nlmconv
+LDFLAGS	= -T
+LIBEXT	= a
+CFLAGS	+= -m32
+CFLAGS  += -fno-builtin -fno-strict-aliasing
+ifeq ($(findstring gcc,$(CC)),gcc)
+CFLAGS  += -fpcc-struct-return
+endif
+CFLAGS	+= -Wall # -pedantic
+ifeq ($(LIBARCH),LIBC)
+ifeq ($(POSIXFL),1)
+	PRELUDE = $(NDK_LIBC)/imports/posixpre.gcc.o
+else
+	PRELUDE = $(NDK_LIBC)/imports/libcpre.gcc.o
+endif
+else
+	# PRELUDE = $(NDK_CLIB)/imports/clibpre.gcc.o
+	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+	# http://www.gknw.net/development/mk_nlm/gcc_pre.zip
+	PRELUDE = $(NDK_ROOT)/pre/prelude.o
+	CFLAGS += -include $(NDKBASE)/nlmconv/genlm.h
+endif
+endif
+
+NDK_ROOT = $(NDKBASE)/ndk
+ifndef NDK_CLIB
+NDK_CLIB = $(NDK_ROOT)/nwsdk
+endif
+ifndef NDK_LIBC
+NDK_LIBC = $(NDK_ROOT)/libc
+endif
+ifndef NDK_LDAP
+NDK_LDAP = $(NDK_ROOT)/cldapsdk/netware
+endif
+CURL_INC = ../../include
+CURL_LIB = ../../lib
+
+INCLUDES = -I$(CURL_INC)
+
+ifeq ($(findstring -static,$(CFG)),-static)
+LINK_STATIC = 1
+endif
+ifeq ($(findstring -ares,$(CFG)),-ares)
+WITH_ARES = 1
+endif
+ifeq ($(findstring -rtmp,$(CFG)),-rtmp)
+WITH_RTMP = 1
+WITH_SSL = 1
+WITH_ZLIB = 1
+endif
+ifeq ($(findstring -ssh2,$(CFG)),-ssh2)
+WITH_SSH2 = 1
+WITH_SSL = 1
+WITH_ZLIB = 1
+endif
+ifeq ($(findstring -axtls,$(CFG)),-axtls)
+WITH_AXTLS = 1
+WITH_SSL =
+else
+ifeq ($(findstring -ssl,$(CFG)),-ssl)
+WITH_SSL = 1
+endif
+endif
+ifeq ($(findstring -zlib,$(CFG)),-zlib)
+WITH_ZLIB = 1
+endif
+ifeq ($(findstring -idn,$(CFG)),-idn)
+WITH_IDN = 1
+endif
+ifeq ($(findstring -spnego,$(CFG)),-spnego)
+WITH_SPNEGO = 1
+endif
+ifeq ($(findstring -ipv6,$(CFG)),-ipv6)
+ENABLE_IPV6 = 1
+endif
+
+ifdef LINK_STATIC
+	LDLIBS	= $(CURL_LIB)/libcurl.$(LIBEXT)
+ifdef WITH_ARES
+	LDLIBS += $(LIBCARES_PATH)/libcares.$(LIBEXT)
+endif
+else
+	MODULES	= libcurl.nlm
+	IMPORTS	= @$(CURL_LIB)/libcurl.imp
+endif
+ifdef WITH_SSH2
+	# INCLUDES += -I$(LIBSSH2_PATH)/include
+ifdef LINK_STATIC
+	LDLIBS += $(LIBSSH2_PATH)/nw/libssh2.$(LIBEXT)
+else
+	MODULES += libssh2.nlm
+	IMPORTS += @$(LIBSSH2_PATH)/nw/libssh2.imp
+endif
+endif
+ifdef WITH_RTMP
+	# INCLUDES += -I$(LIBRTMP_PATH)
+ifdef LINK_STATIC
+	LDLIBS += $(LIBRTMP_PATH)/librtmp/librtmp.$(LIBEXT)
+endif
+endif
+ifdef WITH_SSL
+	INCLUDES += -I$(OPENSSL_PATH)/outinc_nw_$(LIBARCH_L)
+	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/ssl.$(LIBEXT)
+	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/crypto.$(LIBEXT)
+	IMPORTS += GetProcessSwitchCount RunningProcess
+ifdef WITH_SPNEGO
+	# INCLUDES += -I$(FBOPENSSL_PATH)/include
+	LDLIBS += $(FBOPENSSL_PATH)/nw/fbopenssl.$(LIBEXT)
+endif
+else
+ifdef WITH_AXTLS
+	INCLUDES += -I$(AXTLS_PATH)/inc
+ifdef LINK_STATIC
+	LDLIBS += $(AXTLS_PATH)/lib/libaxtls.$(LIBEXT)
+else
+	MODULES += libaxtls.nlm
+	IMPORTS += $(AXTLS_PATH)/lib/libaxtls.imp
+endif
+endif
+endif
+ifdef WITH_ZLIB
+	# INCLUDES += -I$(ZLIB_PATH)
+ifdef LINK_STATIC
+	LDLIBS += $(ZLIB_PATH)/nw/$(LIBARCH)/libz.$(LIBEXT)
+else
+	MODULES += libz.nlm
+	IMPORTS += @$(ZLIB_PATH)/nw/$(LIBARCH)/libz.imp
+endif
+endif
+ifdef WITH_IDN
+	# INCLUDES += -I$(LIBIDN_PATH)/include
+	LDLIBS += $(LIBIDN_PATH)/lib/libidn.$(LIBEXT)
+endif
+
+ifeq ($(LIBARCH),LIBC)
+	INCLUDES += -I$(NDK_LIBC)/include
+	# INCLUDES += -I$(NDK_LIBC)/include/nks
+	# INCLUDES += -I$(NDK_LIBC)/include/winsock
+	CFLAGS += -D_POSIX_SOURCE
+else
+	INCLUDES += -I$(NDK_CLIB)/include/nlm
+	# INCLUDES += -I$(NDK_CLIB)/include
+endif
+ifndef DISABLE_LDAP
+	# INCLUDES += -I$(NDK_LDAP)/$(LIBARCH_L)/inc
+endif
+CFLAGS	+= $(INCLUDES)
+
+ifeq ($(MTSAFE),YES)
+	XDCOPT = -n
+endif
+ifeq ($(MTSAFE),NO)
+	XDCOPT = -u
+endif
+ifdef XDCOPT
+	XDCDATA = $(OBJDIR)/$(TARGET).xdc
+endif
+
+ifeq ($(findstring /sh,$(SHELL)),/sh)
+DL	= '
+DS	= /
+PCT	= %
+#-include $(NDKBASE)/nlmconv/ncpfs.inc
+else
+DS	= \\
+PCT	= %%
+endif
+
+# Makefile.inc provides the CSOURCES and HHEADERS defines
+include Makefile.inc
+
+check_PROGRAMS := $(patsubst %,%.nlm,$(strip $(check_PROGRAMS)))
+
+.PRECIOUS: $(OBJDIR)/%.o $(OBJDIR)/%.def $(OBJDIR)/%.xdc
+
+
+all: prebuild $(check_PROGRAMS)
+
+prebuild: $(OBJDIR) $(OBJDIR)/version.inc
+
+$(OBJDIR)/%.o: %.c
+	@echo Compiling $<
+	$(CC) $(CFLAGS) -c $< -o $@
+
+$(OBJDIR)/version.inc: $(CURL_INC)/curl/curlver.h $(OBJDIR)
+	@echo Creating $@
+	@$(AWK) -f ../../packages/NetWare/get_ver.awk $< > $@
+
+install: $(INSTDIR) all
+	@$(CP) $(check_PROGRAMS) $(INSTDIR)
+
+clean:
+	-$(RM) -r $(OBJDIR)
+
+distclean vclean: clean
+	-$(RM) $(check_PROGRAMS)
+
+$(OBJDIR) $(INSTDIR):
+	@$(MKDIR) $@
+
+%.nlm: $(OBJDIR)/%.o $(OBJDIR)/%.def $(XDCDATA)
+	@echo Linking $@
+	@-$(RM) $@
+	@$(LD) $(LDFLAGS) $(OBJDIR)/$(@:.nlm=.def)
+
+$(OBJDIR)/%.xdc: Makefile.netware
+	@echo Creating $@
+	@$(MPKXDC) $(XDCOPT) $@
+
+$(OBJDIR)/%.def: Makefile.netware
+	@echo $(DL)# DEF file for linking with $(LD)$(DL) > $@
+	@echo $(DL)# Do not edit this file - it is created by Make!$(DL) >> $@
+	@echo $(DL)# All your changes will be lost!!$(DL) >> $@
+	@echo $(DL)#$(DL) >> $@
+	@echo $(DL)copyright "$(COPYR)"$(DL) >> $@
+	@echo $(DL)description "$(DESCR) $(notdir $(@:.def=)) Example"$(DL) >> $@
+	@echo $(DL)version $(VERSION)$(DL) >> $@
+ifdef NLMTYPE
+	@echo $(DL)type $(NLMTYPE)$(DL) >> $@
+endif
+ifdef STACK
+	@echo $(DL)stack $(STACK)$(DL) >> $@
+endif
+ifdef SCREEN
+	@echo $(DL)screenname "$(DESCR) $(notdir $(@:.def=)) $(SCREEN)"$(DL) >> $@
+else
+	@echo $(DL)screenname "DEFAULT"$(DL) >> $@
+endif
+ifneq ($(DB),NDEBUG)
+	@echo $(DL)debug$(DL) >> $@
+endif
+	@echo $(DL)threadname "_$(notdir $(@:.def=))"$(DL) >> $@
+ifdef XDCDATA
+	@echo $(DL)xdcdata $(XDCDATA)$(DL) >> $@
+endif
+ifeq ($(LDRING),0)
+	@echo $(DL)flag_on 16$(DL) >> $@
+endif
+ifeq ($(LDRING),3)
+	@echo $(DL)flag_on 512$(DL) >> $@
+endif
+ifeq ($(LIBARCH),CLIB)
+	@echo $(DL)start _Prelude$(DL) >> $@
+	@echo $(DL)exit _Stop$(DL) >> $@
+	@echo $(DL)import @$(NDK_CLIB)/imports/clib.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_CLIB)/imports/threads.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_CLIB)/imports/nlmlib.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_CLIB)/imports/socklib.imp$(DL) >> $@
+	@echo $(DL)module clib$(DL) >> $@
+ifndef DISABLE_LDAP
+	@echo $(DL)import @$(NDK_LDAP)/clib/imports/ldapsdk.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_LDAP)/clib/imports/ldapssl.imp$(DL) >> $@
+#	@echo $(DL)import @$(NDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
+	@echo $(DL)module ldapsdk ldapssl$(DL) >> $@
+endif
+else
+ifeq ($(POSIXFL),1)
+	@echo $(DL)flag_on 4194304$(DL) >> $@
+endif
+	@echo $(DL)flag_on 64$(DL) >> $@
+	@echo $(DL)pseudopreemption$(DL) >> $@
+ifeq ($(findstring posixpre,$(PRELUDE)),posixpre)
+	@echo $(DL)start POSIX_Start$(DL) >> $@
+	@echo $(DL)exit POSIX_Stop$(DL) >> $@
+	@echo $(DL)check POSIX_CheckUnload$(DL) >> $@
+else
+	@echo $(DL)start _LibCPrelude$(DL) >> $@
+	@echo $(DL)exit _LibCPostlude$(DL) >> $@
+	@echo $(DL)check _LibCCheckUnload$(DL) >> $@
+endif
+	@echo $(DL)import @$(NDK_LIBC)/imports/libc.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_LIBC)/imports/netware.imp$(DL) >> $@
+	@echo $(DL)module libc$(DL) >> $@
+ifndef DISABLE_LDAP
+	@echo $(DL)import @$(NDK_LDAP)/libc/imports/lldapsdk.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_LDAP)/libc/imports/lldapssl.imp$(DL) >> $@
+#	@echo $(DL)import @$(NDK_LDAP)/libc/imports/lldapx.imp$(DL) >> $@
+	@echo $(DL)module lldapsdk lldapssl$(DL) >> $@
+endif
+endif
+ifdef MODULES
+	@echo $(DL)module $(MODULES)$(DL) >> $@
+endif
+ifdef EXPORTS
+	@echo $(DL)export $(EXPORTS)$(DL) >> $@
+endif
+ifdef IMPORTS
+	@echo $(DL)import $(IMPORTS)$(DL) >> $@
+endif
+ifeq ($(findstring nlmconv,$(LD)),nlmconv)
+	@echo $(DL)input $(PRELUDE)$(DL) >> $@
+	@echo $(DL)input $(@:.def=.o)$(DL) >> $@
+ifdef LDLIBS
+	@echo $(DL)input $(LDLIBS)$(DL) >> $@
+endif
+	@echo $(DL)output $(notdir $(@:.def=.nlm))$(DL) >> $@
+endif
--- a/docs/examples/README
+++ b/docs/examples/README
@@ -55,6 +55,7 @@ htmltitle.cc   - download a HTML file and extract the <title> tag from a HTML
 http-post.c    - HTTP POST
 httpput.c      - HTTP PUT a local file
 https.c        - simple HTTPS transfer
+imap.c         - simple IMAP transfer
 multi-app.c    - a multi-interface app
 multi-debugcallback.c - a multi-interface app using the debug callback
 multi-double.c - a multi-interface app doing two simultaneous transfers
@@ -63,6 +64,8 @@ multi-single.c - a multi-interface app getting a single file
 multithread.c  - an example using multi-treading transferring multiple files
 opensslthreadlock.c - show how to do locking when using OpenSSL multi-threaded
 persistant.c   - request two URLs with a persistent connection
+pop3s.c        - POP3S transfer
+pop3slist.c    - POP3S LIST
 post-callback.c - send a HTTP POST using a callback
 postit2.c      - send a HTTP multipart formpost
 sampleconv.c   - showing how a program on a non-ASCII platform would invoke
@@ -73,4 +76,5 @@ simple.c       - the most simple download a URL source
 simplepost.c   - HTTP POST
 simplessl.c    - HTTPS example with certificates many options set
 synctime.c     - Sync local time by extracting date from remote HTTP servers
+url2file.c     - download a document and store it in a file
 10-at-a-time.c - Download many files simultaneously, 10 at a time.
--- a/docs/examples/anyauthput.c
+++ b/docs/examples/anyauthput.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -26,9 +26,8 @@
 #else
 #  ifdef __VMS
     typedef int intptr_t;
-#  else
-#    include <stdint.h>
 #  endif
+#  include <stdint.h>
 #  include <unistd.h>
 #endif
 #include <sys/types.h>
@@ -89,12 +88,16 @@ static curlioerr my_ioctl(CURL *handle, curliocmd cmd, void *userp)
 static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
 {
  size_t retcode;
+  curl_off_t nread;

  intptr_t fd = (intptr_t)stream;

  retcode = read(fd, ptr, size * nmemb);

-  fprintf(stderr, "*** We read %d bytes from file\n", retcode);
+  nread = (curl_off_t)retcode;
+
+  fprintf(stderr, "*** We read %" CURL_FORMAT_CURL_OFF_T
+          " bytes from file\n", nread);

  return retcode;
 }
--- a/docs/examples/certinfo.c
+++ b/docs/examples/certinfo.c
@@ -22,8 +22,6 @@
 #include <stdio.h>

 #include <curl/curl.h>
-#include <curl/types.h>
-#include <curl/easy.h>

 static size_t wrfu(void *ptr,  size_t  size,  size_t  nmemb,  void *stream)
 {
--- a/docs/examples/chkspeed.c
+++ b/docs/examples/chkspeed.c
@@ -35,8 +35,6 @@
 #include <time.h>

 #include <curl/curl.h>
-#include <curl/types.h>
-#include <curl/easy.h>

 #define URL_BASE "http://speedtest.your.domain/"
 #define URL_1M   URL_BASE "file_1M.bin"
--- a/docs/examples/curlgtk.c
+++ b/docs/examples/curlgtk.c
@@ -13,8 +13,6 @@
 #include <gtk/gtk.h>

 #include <curl/curl.h>
-#include <curl/types.h> /* new for v7 */
-#include <curl/easy.h> /* new for v7 */

 GtkWidget *Bar;

--- a/docs/examples/curlx.c
+++ b/docs/examples/curlx.c
@@ -239,8 +239,7 @@ static CURLcode sslctxfun(CURL * curl, void * sslctx, void * parm) {
  SSL_CTX_set_cipher_list(ctx,"RC4-MD5");
  SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);

-  X509_STORE_add_cert(ctx->cert_store,sk_X509_value(p->ca,
-                                                    sk_X509_num(p->ca)-1));
+  X509_STORE_add_cert(SSL_CTX_get_cert_store(ctx), sk_X509_value(p->ca, sk_X509_num(p->ca)-1));

  SSL_CTX_set_verify_depth(ctx,2);

--- a/docs/examples/externalsocket.c
+++ b/docs/examples/externalsocket.c
@@ -0,0 +1,149 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+/*
+ * This is an example demonstrating how an application can pass in a custom
+ * socket to libcurl to use. This example also handles the connect itself.
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <curl/curl.h>
+
+#ifdef WIN32
+#include <windows.h>
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#define close closesocket
+#else
+#include <sys/types.h>        /*  socket types              */
+#include <sys/socket.h>       /*  socket definitions        */
+#include <netinet/in.h>
+#include <arpa/inet.h>        /*  inet (3) funtions         */
+#include <unistd.h>           /*  misc. UNIX functions      */
+#endif
+
+#include <errno.h>
+
+/* The IP address and port number to connect to */
+#define IPADDR "127.0.0.1"
+#define PORTNUM 80
+
+static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream)
+{
+  int written = fwrite(ptr, size, nmemb, (FILE *)stream);
+  return written;
+}
+
+static curl_socket_t opensocket(void *clientp,
+                                curlsocktype purpose,
+                                struct curl_sockaddr *address)
+{
+  curl_socket_t sockfd;
+  (void)purpose;
+  (void)address;
+  sockfd = *(curl_socket_t *)clientp;
+  /* the actual externally set socket is passed in via the OPENSOCKETDATA
+     option */
+  return sockfd;
+}
+
+static int sockopt_callback(void *clientp, curl_socket_t curlfd,
+                            curlsocktype purpose)
+{
+  (void)clientp;
+  (void)curlfd;
+  (void)purpose;
+  /* This return code was added in libcurl 7.21.5 */
+  return CURL_SOCKOPT_ALREADY_CONNECTED;
+}
+
+int main(void)
+{
+  CURL *curl;
+  CURLcode res;
+  struct sockaddr_in servaddr;  /*  socket address structure  */
+  curl_socket_t sockfd;
+
+#ifdef WIN32
+  WSADATA wsaData;
+  int initwsa;
+
+  if((initwsa = WSAStartup(MAKEWORD(2,0), &wsaData)) != 0) {
+    printf("WSAStartup failed: %d\n", initwsa);
+    return 1;
+  }
+#endif
+
+  curl = curl_easy_init();
+  if(curl) {
+    /*
+     * Note that libcurl will internally think that you connect to the host
+     * and port that you specify in the URL option.
+     */
+    curl_easy_setopt(curl, CURLOPT_URL, "http://99.99.99.99:9999");
+
+    /* Create the socket "manually" */
+    if( (sockfd = socket(AF_INET, SOCK_STREAM, 0)) == CURL_SOCKET_BAD ) {
+      printf("Error creating listening socket.\n");
+      return 3;
+    }
+
+    memset(&servaddr, 0, sizeof(servaddr));
+    servaddr.sin_family = AF_INET;
+    servaddr.sin_port   = htons(PORTNUM);
+
+    if (INADDR_NONE == (servaddr.sin_addr.s_addr = inet_addr(IPADDR)))
+      return 2;
+
+    if(connect(sockfd,(struct sockaddr *) &servaddr, sizeof(servaddr)) ==
+       -1) {
+      close(sockfd);
+      printf("client error: connect: %s\n", strerror(errno));
+      return 1;
+    }
+
+    /* no progress meter please */
+    curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L);
+
+    /* send all data to this function  */
+    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_data);
+
+    /* call this function to get a socket */
+    curl_easy_setopt(curl, CURLOPT_OPENSOCKETFUNCTION, opensocket);
+    curl_easy_setopt(curl, CURLOPT_OPENSOCKETDATA, &sockfd);
+
+    /* call this function to set options for the socket */
+    curl_easy_setopt(curl, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
+
+    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
+
+    res = curl_easy_perform(curl);
+
+    curl_easy_cleanup(curl);
+
+    if(res) {
+      printf("libcurl error: %d\n", res);
+      return 4;
+    }
+  }
+  return 0;
+}
--- a/docs/examples/ftp-wildcard.c
+++ b/docs/examples/ftp-wildcard.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -33,7 +33,7 @@ static long file_is_comming(struct curl_fileinfo *finfo,
 static long file_is_downloaded(struct callback_data *data);

 static size_t write_it(char *buff, size_t size, size_t nmemb,
-                       struct callback_data *data);
+                       void *cb_data);

 int main(int argc, char **argv)
 {
@@ -135,8 +135,9 @@ static long file_is_downloaded(struct callback_data *data)
 }

 static size_t write_it(char *buff, size_t size, size_t nmemb,
-                       struct callback_data *data)
+                       void *cb_data)
 {
+  struct callback_data *data = cb_data;
  size_t written = 0;
  if(data->output)
    written = fwrite(buff, size, nmemb, data->output);
--- a/docs/examples/ftpget.c
+++ b/docs/examples/ftpget.c
@@ -22,8 +22,6 @@
 #include <stdio.h>

 #include <curl/curl.h>
-#include <curl/types.h>
-#include <curl/easy.h>

 /*
 * This is an example showing how to get a single file from an FTP server.
--- a/docs/examples/ftpgetinfo.c
+++ b/docs/examples/ftpgetinfo.c
@@ -23,8 +23,6 @@
 #include <string.h>

 #include <curl/curl.h>
-#include <curl/types.h>
-#include <curl/easy.h>

 /*
 * This is an example showing how to check a single file's size and mtime
--- a/docs/examples/ftpgetresp.c
+++ b/docs/examples/ftpgetresp.c
@@ -22,8 +22,6 @@
 #include <stdio.h>

 #include <curl/curl.h>
-#include <curl/types.h>
-#include <curl/easy.h>

 /*
 * Similar to ftpget.c but this also stores the received response-lines
--- a/docs/examples/ftpupload.c
+++ b/docs/examples/ftpupload.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -51,12 +51,16 @@
   variable's memory when passed in to it from an app like this. */
 static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
 {
+  curl_off_t nread;
  /* in real-world cases, this would probably get this data differently
     as this fread() stuff is exactly what the library already would do
     by default internally */
  size_t retcode = fread(ptr, size, nmemb, stream);

-  fprintf(stderr, "*** We read %d bytes from file\n", retcode);
+  nread = (curl_off_t)retcode;
+
+  fprintf(stderr, "*** We read %" CURL_FORMAT_CURL_OFF_T
+          " bytes from file\n", nread);
  return retcode;
 }

--- a/docs/examples/ftpuploadresume.c
+++ b/docs/examples/ftpuploadresume.c
@@ -39,7 +39,7 @@

 /* The MinGW headers are missing a few Win32 function definitions,
   you shouldn't need this if you use VC++ */
-#ifdef __MINGW32__
+#if defined(__MINGW32__) && !defined(__MINGW64__)
 int __cdecl _snscanf(const char * input, size_t length, const char * format, ...);
 #endif

--- a/docs/examples/getinmemory.c
+++ b/docs/examples/getinmemory.c
@@ -36,10 +36,10 @@ struct MemoryStruct {


 static size_t
-WriteMemoryCallback(void *ptr, size_t size, size_t nmemb, void *data)
+WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)
 {
  size_t realsize = size * nmemb;
-  struct MemoryStruct *mem = (struct MemoryStruct *)data;
+  struct MemoryStruct *mem = (struct MemoryStruct *)userp;

  mem->memory = realloc(mem->memory, mem->size + realsize + 1);
  if (mem->memory == NULL) {
@@ -48,7 +48,7 @@ WriteMemoryCallback(void *ptr, size_t size, size_t nmemb, void *data)
    exit(EXIT_FAILURE);
  }

-  memcpy(&(mem->memory[mem->size]), ptr, realsize);
+  memcpy(&(mem->memory[mem->size]), contents, realsize);
  mem->size += realsize;
  mem->memory[mem->size] = 0;

--- a/docs/examples/httpput.c
+++ b/docs/examples/httpput.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -39,13 +39,17 @@
 static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
 {
  size_t retcode;
+  curl_off_t nread;

  /* in real-world cases, this would probably get this data differently
     as this fread() stuff is exactly what the library already would do
     by default internally */
  retcode = fread(ptr, size, nmemb, stream);

-  fprintf(stderr, "*** We read %d bytes from file\n", retcode);
+  nread = (curl_off_t)retcode;
+
+  fprintf(stderr, "*** We read %" CURL_FORMAT_CURL_OFF_T
+          " bytes from file\n", nread);

  return retcode;
 }
--- a/docs/examples/imap.c
+++ b/docs/examples/imap.c
@@ -0,0 +1,44 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include <stdio.h>
+#include <curl/curl.h>
+
+int main(void)
+{
+  CURL *curl;
+  CURLcode res = CURLE_OK;
+
+  curl = curl_easy_init();
+  if(curl) {
+    /* Set username and password */
+    curl_easy_setopt(curl, CURLOPT_USERPWD, "user:password");
+
+    /* This will fetch the mailbox named "foobar" */
+    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/foobar");
+
+    res = curl_easy_perform(curl);
+
+    /* always cleanup */
+    curl_easy_cleanup(curl);
+  }
+  return (int)res;
+}
--- a/docs/examples/pop3s.c
+++ b/docs/examples/pop3s.c
@@ -0,0 +1,68 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include <stdio.h>
+#include <curl/curl.h>
+
+int main(void)
+{
+  CURL *curl;
+  CURLcode res;
+
+  curl = curl_easy_init();
+  if(curl) {
+    /* Set username and password */
+    curl_easy_setopt(curl, CURLOPT_USERPWD, "user:password");
+
+    /* This will only fetch the message with ID "1" of the given mailbox */
+    curl_easy_setopt(curl, CURLOPT_URL, "pop3s://user@pop.example.com/1");
+
+#ifdef SKIP_PEER_VERIFICATION
+    /*
+     * If you want to connect to a site who isn't using a certificate that is
+     * signed by one of the certs in the CA bundle you have, you can skip the
+     * verification of the server's certificate. This makes the connection
+     * A LOT LESS SECURE.
+     *
+     * If you have a CA cert for the server stored someplace else than in the
+     * default bundle, then the CURLOPT_CAPATH option might come handy for
+     * you.
+     */
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+#endif
+
+#ifdef SKIP_HOSTNAME_VERFICATION
+    /*
+     * If the site you're connecting to uses a different host name that what
+     * they have mentioned in their server certificate's commonName (or
+     * subjectAltName) fields, libcurl will refuse to connect. You can skip
+     * this check, but this will make the connection less secure.
+     */
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+#endif
+
+    res = curl_easy_perform(curl);
+
+    /* always cleanup */
+    curl_easy_cleanup(curl);
+  }
+  return 0;
+}
--- a/docs/examples/pop3slist.c
+++ b/docs/examples/pop3slist.c
@@ -0,0 +1,68 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include <stdio.h>
+#include <curl/curl.h>
+
+int main(void)
+{
+  CURL *curl;
+  CURLcode res;
+
+  curl = curl_easy_init();
+  if(curl) {
+    /* Set username and password */
+    curl_easy_setopt(curl, CURLOPT_USERPWD, "user:password");
+
+    /* This will list every message of the given mailbox */
+    curl_easy_setopt(curl, CURLOPT_URL, "pop3s://user@pop.example.com/");
+
+#ifdef SKIP_PEER_VERIFICATION
+    /*
+     * If you want to connect to a site who isn't using a certificate that is
+     * signed by one of the certs in the CA bundle you have, you can skip the
+     * verification of the server's certificate. This makes the connection
+     * A LOT LESS SECURE.
+     *
+     * If you have a CA cert for the server stored someplace else than in the
+     * default bundle, then the CURLOPT_CAPATH option might come handy for
+     * you.
+     */
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+#endif
+
+#ifdef SKIP_HOSTNAME_VERFICATION
+    /*
+     * If the site you're connecting to uses a different host name that what
+     * they have mentioned in their server certificate's commonName (or
+     * subjectAltName) fields, libcurl will refuse to connect. You can skip
+     * this check, but this will make the connection less secure.
+     */
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+#endif
+
+    res = curl_easy_perform(curl);
+
+    /* always cleanup */
+    curl_easy_cleanup(curl);
+  }
+  return 0;
+}
--- a/docs/examples/post-callback.c
+++ b/docs/examples/post-callback.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -30,7 +30,7 @@ const char data[]="this is what we post to the silly web server";

 struct WriteThis {
  const char *readptr;
-  int sizeleft;
+  long sizeleft;
 };

 static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *userp)
@@ -96,7 +96,7 @@ int main(void)
 #else
    /* Set the expected POST size. If you want to POST large amounts of data,
       consider CURLOPT_POSTFIELDSIZE_LARGE */
-    curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (curl_off_t)pooh.sizeleft);
+    curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, pooh.sizeleft);
 #endif

 #ifdef DISABLE_EXPECT
--- a/docs/examples/postit2.c
+++ b/docs/examples/postit2.c
@@ -37,8 +37,6 @@
 #include <string.h>

 #include <curl/curl.h>
-#include <curl/types.h>
-#include <curl/easy.h>

 int main(int argc, char *argv[])
 {
--- a/docs/examples/progressfunc.c
+++ b/docs/examples/progressfunc.c
@@ -0,0 +1,84 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include <stdio.h>
+#include <curl/curl.h>
+
+#define STOP_DOWNLOAD_AFTER_THIS_MANY_BYTES         6000
+#define MINIMAL_PROGRESS_FUNCTIONALITY_INTERVAL     3
+
+struct myprogress {
+  double lastruntime;
+  CURL *curl;
+};
+
+static int progress(void *p,
+                    double dltotal, double dlnow,
+                    double ultotal, double ulnow)
+{
+  struct myprogress *myp = (struct myprogress *)p;
+  CURL *curl = myp->curl;
+  double curtime = 0;
+
+  curl_easy_getinfo(curl, CURLINFO_TOTAL_TIME, &curtime);
+
+  /* under certain circumstances it may be desirable for certain functionality
+     to only run every N seconds, in order to do this the transaction time can
+     be used */
+  if((curtime - myp->lastruntime) >= MINIMAL_PROGRESS_FUNCTIONALITY_INTERVAL) {
+    myp->lastruntime = curtime;
+    fprintf(stderr, "TOTAL TIME: %f \r\n", curtime);
+  }
+
+  fprintf(stderr, "UP: %g of %g  DOWN: %g of %g\r\n",
+          ulnow, ultotal, dlnow, dltotal);
+
+  if(dlnow > STOP_DOWNLOAD_AFTER_THIS_MANY_BYTES)
+    return 1;
+  return 0;
+}
+
+int main(void)
+{
+  CURL *curl;
+  CURLcode res=0;
+  struct myprogress prog;
+
+  curl = curl_easy_init();
+  if(curl) {
+    prog.lastruntime = 0;
+    prog.curl = curl;
+
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/");
+    curl_easy_setopt(curl, CURLOPT_PROGRESSFUNCTION, progress);
+    /* pass the struct pointer into the progress function */
+    curl_easy_setopt(curl, CURLOPT_PROGRESSDATA, &prog);
+    curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0L);
+    res = curl_easy_perform(curl);
+
+    if(res)
+      fprintf(stderr, "%s\n", curl_easy_strerror(res));
+
+    /* always cleanup */
+    curl_easy_cleanup(curl);
+  }
+  return (int)res;
+}
--- a/docs/examples/resolve.c
+++ b/docs/examples/resolve.c
@@ -0,0 +1,51 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include <stdio.h>
+#include <curl/curl.h>
+
+int main(void)
+{
+  CURL *curl;
+  CURLcode res = CURLE_OK;
+  struct curl_slist *host = NULL;
+
+  /* Each single name resolve string should be written using the format
+     HOST:PORT:ADDRESS where HOST is the name libcurl will try to resolve,
+     PORT is the port number of the service where libcurl wants to connect to
+     the HOST and ADDRESS is the numerical IP address
+   */
+  host = curl_slist_append(NULL, "example.com:80:127.0.0.1");
+
+  curl = curl_easy_init();
+  if(curl) {
+    curl_easy_setopt(curl, CURLOPT_RESOLVE, host);
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+    res = curl_easy_perform(curl);
+
+    /* always cleanup */
+    curl_easy_cleanup(curl);
+  }
+
+  curl_slist_free_all(host);
+
+  return (int)res;
+}
--- a/docs/examples/rtsp.c
+++ b/docs/examples/rtsp.c
@@ -0,0 +1,271 @@
+/*
+ * Copyright (c) 2011, Jim Hollinger
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *   * Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in the
+ *     documentation and/or other materials provided with the distribution.
+ *   * Neither the name of Jim Hollinger nor the names of its contributors
+ *     may be used to endorse or promote products derived from this
+ *     software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if defined (WIN32)
+#  include <conio.h>  /* _getch() */
+#else
+#  include <termios.h>
+#  include <unistd.h>
+
+static int _getch(void)
+{
+  struct termios oldt, newt;
+  int ch;
+  tcgetattr( STDIN_FILENO, &oldt );
+  newt = oldt;
+  newt.c_lflag &= ~( ICANON | ECHO );
+  tcsetattr( STDIN_FILENO, TCSANOW, &newt );
+  ch = getchar();
+  tcsetattr( STDIN_FILENO, TCSANOW, &oldt );
+  return ch;
+}
+#endif
+
+#include <curl/curl.h>
+
+#define VERSION_STR  "V1.0"
+
+/* error handling macros */
+#define my_curl_easy_setopt(A, B, C) \
+  if ((res = curl_easy_setopt((A), (B), (C))) != CURLE_OK) \
+    fprintf(stderr, "curl_easy_setopt(%s, %s, %s) failed: %d\n", \
+            #A, #B, #C, res);
+
+#define my_curl_easy_perform(A) \
+  if ((res = curl_easy_perform((A))) != CURLE_OK) \
+    fprintf(stderr, "curl_easy_perform(%s) failed: %d\n", #A, res);
+
+
+/* send RTSP OPTIONS request */
+static void rtsp_options(CURL *curl, const char *uri)
+{
+  CURLcode res = CURLE_OK;
+  printf("\nRTSP: OPTIONS %s\n", uri);
+  my_curl_easy_setopt(curl, CURLOPT_RTSP_STREAM_URI, uri);
+  my_curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, (long)CURL_RTSPREQ_OPTIONS);
+  my_curl_easy_perform(curl);
+}
+
+
+/* send RTSP DESCRIBE request and write sdp response to a file */
+static void rtsp_describe(CURL *curl, const char *uri,
+                          const char *sdp_filename)
+{
+  CURLcode res = CURLE_OK;
+  FILE *sdp_fp = fopen(sdp_filename, "wt");
+  printf("\nRTSP: DESCRIBE %s\n", uri);
+  if (sdp_fp == NULL) {
+    fprintf(stderr, "Could not open '%s' for writing\n", sdp_filename);
+    sdp_fp = stdout;
+  }
+  else {
+    printf("Writing SDP to '%s'\n", sdp_filename);
+  }
+  my_curl_easy_setopt(curl, CURLOPT_WRITEDATA, sdp_fp);
+  my_curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, (long)CURL_RTSPREQ_DESCRIBE);
+  my_curl_easy_perform(curl);
+  my_curl_easy_setopt(curl, CURLOPT_WRITEDATA, stdout);
+  if (sdp_fp != stdout) {
+    fclose(sdp_fp);
+  }
+}
+
+/* send RTSP SETUP request */
+static void rtsp_setup(CURL *curl, const char *uri, const char *transport)
+{
+  CURLcode res = CURLE_OK;
+  printf("\nRTSP: SETUP %s\n", uri);
+  printf("      TRANSPORT %s\n", transport);
+  my_curl_easy_setopt(curl, CURLOPT_RTSP_STREAM_URI, uri);
+  my_curl_easy_setopt(curl, CURLOPT_RTSP_TRANSPORT, transport);
+  my_curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, (long)CURL_RTSPREQ_SETUP);
+  my_curl_easy_perform(curl);
+}
+
+
+/* send RTSP PLAY request */
+static void rtsp_play(CURL *curl, const char *uri, const char *range)
+{
+  CURLcode res = CURLE_OK;
+  printf("\nRTSP: PLAY %s\n", uri);
+  my_curl_easy_setopt(curl, CURLOPT_RTSP_STREAM_URI, uri);
+  my_curl_easy_setopt(curl, CURLOPT_RANGE, range);
+  my_curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, (long)CURL_RTSPREQ_PLAY);
+  my_curl_easy_perform(curl);
+}
+
+
+/* send RTSP TEARDOWN request */
+static void rtsp_teardown(CURL *curl, const char *uri)
+{
+  CURLcode res = CURLE_OK;
+  printf("\nRTSP: TEARDOWN %s\n", uri);
+  my_curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, (long)CURL_RTSPREQ_TEARDOWN);
+  my_curl_easy_perform(curl);
+}
+
+
+/* convert url into an sdp filename */
+static void get_sdp_filename(const char *url, char *sdp_filename)
+{
+  const char *s = strrchr(url, '/');
+  strcpy(sdp_filename, "video.sdp");
+  if (s != NULL) {
+    s++;
+    if (s[0] != '\0') {
+      sprintf(sdp_filename, "%s.sdp", s);
+    }
+  }
+}
+
+
+/* scan sdp file for media control attribute */
+static void get_media_control_attribute(const char *sdp_filename,
+                                        char *control)
+{
+  int max_len = 256;
+  char *s = malloc(max_len);
+  FILE *sdp_fp = fopen(sdp_filename, "rt");
+  control[0] = '\0';
+  if (sdp_fp != NULL) {
+    while (fgets(s, max_len - 2, sdp_fp) != NULL) {
+      sscanf(s, " a = control: %s", control);
+    }
+    fclose(sdp_fp);
+  }
+  free(s);
+}
+
+
+/* main app */
+int main(int argc, char * const argv[])
+{
+#if 1
+  const char *transport = "RTP/AVP;unicast;client_port=1234-1235";  /* UDP */
+#else
+  const char *transport = "RTP/AVP/TCP;unicast;client_port=1234-1235";  /* TCP */
+#endif
+  const char *range = "0.000-";
+  int rc = EXIT_SUCCESS;
+  char *basename = NULL;
+
+  printf("\nRTSP request %s\n", VERSION_STR);
+  printf("    Project web site: http://code.google.com/p/rtsprequest/\n");
+  printf("    Requires cURL V7.20 or greater\n\n");
+
+  /* check command line */
+  if ((argc != 2) && (argc != 3)) {
+    basename = strrchr(argv[0], '/');
+    if (basename == NULL) {
+      basename = strrchr(argv[0], '\\');
+    }
+    if (basename == NULL) {
+      basename = argv[0];
+    } else {
+      basename++;
+    }
+    printf("Usage:   %s url [transport]\n", basename);
+    printf("         url of video server\n");
+    printf("         transport (optional) specifier for media stream protocol\n");
+    printf("         default transport: %s\n", transport);
+    printf("Example: %s rtsp://192.168.0.2/media/video1\n\n", basename);
+    rc = EXIT_FAILURE;
+  } else {
+    const char *url = argv[1];
+    char *uri = malloc(strlen(url) + 32);
+    char *sdp_filename = malloc(strlen(url) + 32);
+    char *control = malloc(strlen(url) + 32);
+    CURLcode res;
+    get_sdp_filename(url, sdp_filename);
+    if (argc == 3) {
+      transport = argv[2];
+    }
+
+    /* initialize curl */
+    res = curl_global_init(CURL_GLOBAL_ALL);
+    if (res == CURLE_OK) {
+      curl_version_info_data *data = curl_version_info(CURLVERSION_NOW);
+      CURL *curl;
+      fprintf(stderr, "    cURL V%s loaded\n", data->version);
+
+      /* initialize this curl session */
+      curl = curl_easy_init();
+      if (curl != NULL) {
+        my_curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L);
+        my_curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L);
+        my_curl_easy_setopt(curl, CURLOPT_WRITEHEADER, stdout);
+        my_curl_easy_setopt(curl, CURLOPT_URL, url);
+
+        /* request server options */
+        sprintf(uri, "%s", url);
+        rtsp_options(curl, uri);
+
+        /* request session description and write response to sdp file */
+        rtsp_describe(curl, uri, sdp_filename);
+
+        /* get media control attribute from sdp file */
+        get_media_control_attribute(sdp_filename, control);
+
+        /* setup media stream */
+        sprintf(uri, "%s/%s", url, control);
+        rtsp_setup(curl, uri, transport);
+
+        /* start playing media stream */
+        sprintf(uri, "%s/", url);
+        rtsp_play(curl, uri, range);
+        printf("Playing video, press any key to stop ...");
+        _getch();
+        printf("\n");
+
+        /* teardown session */
+        rtsp_teardown(curl, uri);
+
+        /* cleanup */
+        curl_easy_cleanup(curl);
+        curl = NULL;
+      } else {
+        fprintf(stderr, "curl_easy_init() failed\n");
+      }
+      curl_global_cleanup();
+    } else {
+      fprintf(stderr, "curl_global_init(%s) failed: %d\n",
+              "CURL_GLOBAL_ALL", res);
+    }
+    free(control);
+    free(sdp_filename);
+    free(uri);
+  }
+
+  return rc;
+}
--- a/docs/examples/sendrecv.c
+++ b/docs/examples/sendrecv.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -64,6 +64,7 @@ int main(void)
  curl_socket_t sockfd; /* socket */
  long sockextr;
  size_t iolen;
+  curl_off_t nread;

  curl = curl_easy_init();
  if(curl) {
@@ -122,7 +123,9 @@ int main(void)
      if(CURLE_OK != res)
        break;

-      printf("Received %u bytes.\n", iolen);
+      nread = (curl_off_t)iolen;
+
+      printf("Received %" CURL_FORMAT_CURL_OFF_T " bytes.\n", nread);
    }

    /* always cleanup */
--- a/docs/examples/sepheaders.c
+++ b/docs/examples/sepheaders.c
@@ -24,8 +24,6 @@
 #include <unistd.h>

 #include <curl/curl.h>
-#include <curl/types.h>
-#include <curl/easy.h>

 static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream)
 {
--- a/docs/examples/simplessl.c
+++ b/docs/examples/simplessl.c
@@ -22,9 +22,6 @@
 #include <stdio.h>

 #include <curl/curl.h>
-#include <curl/types.h>
-#include <curl/easy.h>
-

 /* some requirements for this to work:
   1.   set pCertFile to the file with the client certificate
--- a/docs/examples/smooth-gtk-thread.c
+++ b/docs/examples/smooth-gtk-thread.c
@@ -37,8 +37,6 @@
 #include <pthread.h>

 #include <curl/curl.h>
-#include <curl/types.h> /* new for v7 */
-#include <curl/easy.h> /* new for v7 */

 #define NUMT 4

--- a/docs/examples/smtp-multi.c
+++ b/docs/examples/smtp-multi.c
@@ -123,13 +123,13 @@ int main(void)
   curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
   curl_easy_setopt(curl, CURLOPT_MAIL_FROM, MAILFROM);
   curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, rcpt_list);
-   curl_easy_setopt(curl, CURLOPT_USE_SSL, CURLUSESSL_ALL);
-   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER,0);
-   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
+   curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);
+   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
   curl_easy_setopt(curl, CURLOPT_READDATA, &pooh);
-   curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
-   curl_easy_setopt(curl, CURLOPT_SSLVERSION, 0);
-   curl_easy_setopt(curl, CURLOPT_SSL_SESSIONID_CACHE, 0);
+   curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
+   curl_easy_setopt(curl, CURLOPT_SSLVERSION, 0L);
+   curl_easy_setopt(curl, CURLOPT_SSL_SESSIONID_CACHE, 0L);
   curl_multi_add_handle(mcurl, curl);

   mp_timedout = 0;
--- a/docs/examples/smtp-tls.c
+++ b/docs/examples/smtp-tls.c
@@ -94,13 +94,13 @@ int main(void)
     * of using CURLUSESSL_TRY here, because if TLS upgrade fails, the transfer
     * will continue anyway - see the security discussion in the libcurl
     * tutorial for more details. */
-    curl_easy_setopt(curl, CURLOPT_USE_SSL, CURLUSESSL_ALL);
+    curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);

    /* If your server doesn't have a valid certificate, then you can disable
     * part of the Transport Layer Security protection by setting the
     * CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST options to 0 (false).
-     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
-     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
+     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
     * That is, in general, a bad idea. It is still better than sending your
     * authentication details in plain text though.
     * Instead, you should get the issuer certificate (or the host certificate
@@ -135,7 +135,7 @@ int main(void)
    /* Since the traffic will be encrypted, it is very useful to turn on debug
     * information within libcurl to see what is happening during the transfer.
     */
-    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
+    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);

    /* send the message (including headers) */
    res = curl_easy_perform(curl);
--- a/docs/examples/synctime.c
+++ b/docs/examples/synctime.c
@@ -147,7 +147,7 @@ size_t SyncTime_CURL_WriteHeader(void *ptr, size_t size, size_t nmemb,
                                         TmpStr1 & 2? */
        AutoSyncTime = 0;
      else {
-        RetVal = sscanf ((char *)(ptr), "Date: %s %d %s %d %d:%d:%d",
+        RetVal = sscanf ((char *)(ptr), "Date: %s %hu %s %hu %hu:%hu:%hu",
                         TmpStr1, &SYSTime.wDay, TmpStr2, &SYSTime.wYear,
                         &SYSTime.wHour, &SYSTime.wMinute, &SYSTime.wSecond);

--- a/docs/examples/url2file.c
+++ b/docs/examples/url2file.c
@@ -0,0 +1,81 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include <curl/curl.h>
+
+static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream)
+{
+  size_t written = fwrite(ptr, size, nmemb, (FILE *)stream);
+  return written;
+}
+
+int main(int argc, char *argv[])
+{
+  CURL *curl_handle;
+  static const char *pagefilename = "page.out";
+  FILE *pagefile;
+
+  if(argc < 2 ) {
+    printf("Usage: %s <URL>\n", argv[0]);
+    return 1;
+  }
+
+  curl_global_init(CURL_GLOBAL_ALL);
+
+  /* init the curl session */
+  curl_handle = curl_easy_init();
+
+  /* set URL to get here */
+  curl_easy_setopt(curl_handle, CURLOPT_URL, argv[1]);
+
+  /* Switch on full protocol/debug output while testing */
+  curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1L);
+
+  /* disable progress meter, set to 0L to enable and disable debug output */
+  curl_easy_setopt(curl_handle, CURLOPT_NOPROGRESS, 1L);
+
+  /* send all data to this function  */
+  curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, write_data);
+
+  /* open the file */
+  pagefile = fopen(pagefilename, "wb");
+  if (pagefile) {
+
+    /* write the page body to this file handle. CURLOPT_FILE is also known as
+       CURLOPT_WRITEDATA*/
+    curl_easy_setopt(curl_handle, CURLOPT_FILE, pagefile);
+
+    /* get it! */
+    curl_easy_perform(curl_handle);
+
+    /* close the header file */
+    fclose(pagefile);
+  }
+
+  /* cleanup curl stuff */
+  curl_easy_cleanup(curl_handle);
+
+  return 0;
+}
--- a/docs/libcurl/Makefile.am
+++ b/docs/libcurl/Makefile.am
@@ -82,7 +82,7 @@ PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf			 \
 CLEANFILES = $(HTMLPAGES) $(PDFPAGES)

 EXTRA_DIST = $(man_MANS) $(HTMLPAGES) index.html $(PDFPAGES) libcurl.m4 ABI \
-  symbols-in-versions
+  symbols-in-versions symbols.pl
 MAN2HTML= roffit --mandir=. < $< >$@

 SUFFIXES = .3 .html
--- a/docs/libcurl/curl_easy_cleanup.3
+++ b/docs/libcurl/curl_easy_cleanup.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -37,8 +37,15 @@ This will effectively close all connections this handle has used and possibly
 has kept open until now. Don't call this function if you intend to transfer
 more files.

-Any uses of the \fBhandle\fP after this function has been called are
-illegal. This kills the handle and all memory associated with it!
+Occasionally you may get your progress callback or header callback called from
+within \fIcurl_easy_cleanup(3)\fP (if previously set for the handle using
+\fIcurl_easy_setopt(3)\fP). Like if libcurl decides to shut down the
+connection and the protocol is of a kind that requires a command/response
+sequence before disconnect. Examples of such protocols are FTP, POP3 and IMAP.
+
+Any uses of the \fBhandle\fP after this function has been called and have
+returned, are illegal. This kills the handle and all memory associated with
+it!

 With libcurl versions prior to 7.17.: when you've called this, you can safely
 remove all the strings you've previously told libcurl to use, as it won't use
--- a/docs/libcurl/curl_easy_escape.3
+++ b/docs/libcurl/curl_easy_escape.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -31,8 +31,8 @@ curl_easy_escape - URL encodes the given string
 .SH DESCRIPTION
 This function converts the given input string to an URL encoded string and
 returns that as a new allocated string. All input characters that are not a-z,
-A-Z or 0-9 are converted to their "URL escaped" version (%NN where NN is a
-two-digit hexadecimal number).
+A-Z, 0-9, '-', '.', '_' or '~' are converted to their "URL escaped" version
+(%NN where NN is a two-digit hexadecimal number).

 If the \fBlength\fP argument is set to 0 (zero), \fIcurl_easy_escape(3)\fP
 uses strlen() on the input \fBurl\fP to find out the size.
--- a/docs/libcurl/curl_easy_getinfo.3
+++ b/docs/libcurl/curl_easy_getinfo.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -44,11 +44,13 @@ The following information can be extracted:
 .IP CURLINFO_EFFECTIVE_URL
 Pass a pointer to a char pointer to receive the last used effective URL.
 .IP CURLINFO_RESPONSE_CODE
-Pass a pointer to a long to receive the last received HTTP or FTP code. This
-option was known as CURLINFO_HTTP_CODE in libcurl 7.10.7 and earlier. This
-will be zero if no server response code has been received. Note that a proxy's
-CONNECT response should be read with \fICURLINFO_HTTP_CONNECTCODE\fP and not
-this.
+Pass a pointer to a long to receive the last received HTTP, FTP or SMTP
+response code. This option was previously known as CURLINFO_HTTP_CODE in
+libcurl 7.10.7 and earlier. The value will be zero if no server response code
+has been received. Note that a proxy's CONNECT response should be read with
+\fICURLINFO_HTTP_CONNECTCODE\fP and not this.
+
+Support for SMTP responses added in 7.25.0.
 .IP CURLINFO_HTTP_CONNECTCODE
 Pass a pointer to a long to receive the last received proxy response code to a
 CONNECT request.
@@ -80,12 +82,13 @@ waits in line for the pipeline and more. (Added in 7.19.0)
 Pass a pointer to a double to receive the time, in seconds, it took from the
 start until the file transfer is just about to begin. This includes all
 pre-transfer commands and negotiations that are specific to the particular
-protocol(s) involved.
+protocol(s) involved. It does \fInot\fP involve the sending of the protocol-
+specific request that triggers a transfer.
 .IP CURLINFO_STARTTRANSFER_TIME
 Pass a pointer to a double to receive the time, in seconds, it took from the
-start until the first byte is just about to be transferred. This includes
-CURLINFO_PRETRANSFER_TIME and also the time the server needs to calculate
-the result.
+start until the first byte is received by libcurl. This includes
+CURLINFO_PRETRANSFER_TIME and also the time the server needs to calculate the
+result.
 .IP CURLINFO_REDIRECT_TIME
 Pass a pointer to a double to receive the total time, in seconds, it took for
 all redirection steps include name lookup, connect, pretransfer and transfer
@@ -275,7 +278,7 @@ file transfer is just about to begin. This includes all pre-transfer commands
 and negotiations that are specific to the particular protocol(s) involved.
 .IP STARTTRANSFER
 \fICURLINFO_STARTTRANSFER_TIME\fP. The time it took from the start until the
-first byte is just about to be transferred.
+first byte is received by libcurl.
 .IP TOTAL
 \fICURLINFO_TOTAL_TIME\fP. Total time of the previous request.
 .IP REDIRECT
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -68,8 +68,9 @@ A parameter set to 1 tells the library to include the header in the body
 output. This is only relevant for protocols that actually have headers
 preceding the data (like HTTP).
 .IP CURLOPT_NOPROGRESS
-A parameter set to 1 tells the library to shut off the built-in progress meter
-completely.
+Pass a long. If set to 1, it tells the library to shut off the progress meter
+completely. It will also present the \fICURLOPT_PROGRESSFUNCTION\fP from
+getting called.

 Future versions of libcurl are likely to not have any built-in progress meter
 at all.
@@ -90,7 +91,9 @@ SIGPIPE signals, which otherwise are sent by the system when trying to send
 data to a socket which is closed in the other end. libcurl makes an effort to
 never cause such SIGPIPEs to trigger, but some operating systems have no way
 to avoid them and even on those that have there are some corner cases when
-they may still happen, contrary to our desire.
+they may still happen, contrary to our desire. In addition, using
+\fICURLAUTH_NTLM_WB\fP authentication could cause a SIGCHLD signal to be
+raised.
 .IP CURLOPT_WILDCARDMATCH
 Set this option to 1 if you want to transfer multiple files according to a
 file name pattern. The pattern can be specified as part of the
@@ -105,18 +108,18 @@ This feature is only supported by the FTP download for now.

 A brief introduction of its syntax follows:
 .RS
-.IP "\fB*\fP - ASTERISK"
+.IP "* - ASTERISK"
 \&ftp://example.com/some/path/\fB*.txt\fP (for all txt's from the root
 directory)
 .RE
 .RS
-.IP "\fB?\fP - QUESTION MARK"
+.IP "? - QUESTION MARK"
 Question mark matches any (exactly one) character.

 \&ftp://example.com/some/path/\fBphoto?.jpeg\fP
 .RE
 .RS
-.IP "\fB[\fP - BRACKET EXPRESSION"
+.IP "[ - BRACKET EXPRESSION"
 The left bracket opens a bracket expression. The question mark and asterisk have
 no special meaning in a bracket expression. Each bracket expression ends by the
 right bracket and matches exactly one character. Some examples follow:
@@ -145,7 +148,7 @@ Using the rules above, a file name pattern can be constructed:
 .SH CALLBACK OPTIONS
 .IP CURLOPT_WRITEFUNCTION
 Function pointer that should match the following prototype: \fBsize_t
-function( void *ptr, size_t size, size_t nmemb, void *userdata);\fP This
+function( char *ptr, size_t size, size_t nmemb, void *userdata);\fP This
 function gets called by libcurl as soon as there is data received that needs
 to be saved. The size of the data pointed to by \fIptr\fP is \fIsize\fP
 multiplied with \fInmemb\fP, it will not be zero terminated. Return the number
@@ -168,8 +171,12 @@ Set the \fIuserdata\fP argument with the \fICURLOPT_WRITEDATA\fP option.

 The callback function will be passed as much data as possible in all invokes,
 but you cannot possibly make any assumptions. It may be one byte, it may be
-thousands. The maximum amount of data that can be passed to the write callback
-is defined in the curl.h header file: CURL_MAX_WRITE_SIZE.
+thousands. The maximum amount of body data that can be passed to the write
+callback is defined in the curl.h header file: CURL_MAX_WRITE_SIZE (the usual
+default is 16K). If you however have \fICURLOPT_HEADER\fP set, which sends
+header data to the write callback, you can get up to
+\fICURL_MAX_HTTP_HEADER\fP bytes of header data passed into it. This usually
+means 100K.
 .IP CURLOPT_WRITEDATA
 Data pointer to pass to the file write function. If you use the
 \fICURLOPT_WRITEFUNCTION\fP option, this is the pointer you'll get as
@@ -259,7 +266,7 @@ If you forward the input arguments directly to "fseek" or "lseek", note that
 the data type for \fIoffset\fP is not the same as defined for curl_off_t on
 many systems! (Option added in 7.18.0)
 .IP CURLOPT_SEEKDATA
-Data pointer to pass to the file read function. If you use the
+Data pointer to pass to the file seek function. If you use the
 \fICURLOPT_SEEKFUNCTION\fP option, this is the pointer you'll get as input. If
 you don't specify a seek callback, NULL is passed. (Option added in 7.18.0)
 .IP CURLOPT_SOCKOPTFUNCTION
@@ -274,7 +281,7 @@ socket descriptor so additional setsockopt() calls can be done at the user's
 discretion.  Return 0 (zero) from the callback on success. Return 1 from the
 callback function to signal an unrecoverable error to the library and it will
 close the socket and return \fICURLE_COULDNT_CONNECT\fP.  (Option added in
-7.15.6.)
+7.16.0)

 Added in 7.21.5, the callback function may return
 \fICURL_SOCKOPT_ALREADY_CONNECTED\fP, which tells libcurl that the socket is
@@ -282,15 +289,14 @@ in fact already connected and then libcurl will not attempt to connect it.
 .IP CURLOPT_SOCKOPTDATA
 Pass a pointer that will be untouched by libcurl and passed as the first
 argument in the sockopt callback set with \fICURLOPT_SOCKOPTFUNCTION\fP.
-(Option added in 7.15.6.)
+(Option added in 7.16.0)
 .IP CURLOPT_OPENSOCKETFUNCTION
 Function pointer that should match the \fIcurl_opensocket_callback\fP
 prototype found in \fI<curl/curl.h>\fP. This function gets called by libcurl
 instead of the \fIsocket(2)\fP call. The callback's \fIpurpose\fP argument
-identifies the exact purpose for this particular socket, and currently only
-one value is supported: \fICURLSOCKTYPE_IPCXN\fP for the primary connection
-(meaning the control connection in the FTP case). Future versions of libcurl
-may support more purposes. It passes the resolved peer address as a
+identifies the exact purpose for this particular socket:
+\fICURLSOCKTYPE_IPCXN\fP is for IP based connections. Future versions of
+libcurl may support more purposes. It passes the resolved peer address as a
 \fIaddress\fP argument so the callback can modify the address or refuse to
 connect at all. The callback function should return the socket or
 \fICURL_SOCKET_BAD\fP in case no connection should be established or any error
@@ -307,6 +313,17 @@ address blacklisting.  The default behavior is:
 Pass a pointer that will be untouched by libcurl and passed as the first
 argument in the opensocket callback set with \fICURLOPT_OPENSOCKETFUNCTION\fP.
 (Option added in 7.17.1.)
+.IP CURLOPT_CLOSESOCKETFUNCTION
+Function pointer that should match the \fIcurl_closesocket_callback\fP
+prototype found in \fI<curl/curl.h>\fP. This function gets called by libcurl
+instead of the \fIclose(3)\fP or \fIclosesocket(3)\fP call when sockets are
+closed (not for any other file descriptors). This is pretty much the reverse
+to the \fICURLOPT_OPENSOCKETFUNCTION\fP option. Return 0 to signal success and
+1 if there was an error.  (Option added in 7.21.7)
+.IP CURLOPT_CLOSESOCKETDATA
+Pass a pointer that will be untouched by libcurl and passed as the first
+argument in the closesocket callback set with
+\fICURLOPT_CLOSESOCKETFUNCTION\fP.  (Option added in 7.21.7)
 .IP CURLOPT_PROGRESSFUNCTION
 Function pointer that should match the \fIcurl_progress_callback\fP prototype
 found in \fI<curl/curl.h>\fP. This function gets called by libcurl instead of
@@ -331,15 +348,18 @@ Function pointer that should match the following prototype: \fIsize_t
 function( void *ptr, size_t size, size_t nmemb, void *userdata);\fP. This
 function gets called by libcurl as soon as it has received header data. The
 header callback will be called once for each header and only complete header
-lines are passed on to the callback. Parsing headers should be easy enough
-using this. The size of the data pointed to by \fIptr\fP is \fIsize\fP
-multiplied with \fInmemb\fP. Do not assume that the header line is zero
-terminated! The pointer named \fIuserdata\fP is the one you set with the
+lines are passed on to the callback. Parsing headers is very easy using
+this. The size of the data pointed to by \fIptr\fP is \fIsize\fP multiplied
+with \fInmemb\fP. Do not assume that the header line is zero terminated! The
+pointer named \fIuserdata\fP is the one you set with the
 \fICURLOPT_WRITEHEADER\fP option. The callback function must return the number
 of bytes actually taken care of. If that amount differs from the amount passed
 to your function, it'll signal an error to the library. This will abort the
 transfer and return \fICURL_WRITE_ERROR\fP.

+A complete HTTP header that is passed to this function can be up to
+\fICURL_MAX_HTTP_HEADER\fP (100K) bytes.
+
 If this option is not set, or if it is set to NULL, but
 \fICURLOPT_HEADERDATA\fP (\fICURLOPT_WRITEHEADER\fP) is set to anything but
 NULL, the function used to accept response data will be used instead. That is,
@@ -353,19 +373,23 @@ negotiation. If you need to operate on only the headers from the final
 response, you will need to collect headers in the callback yourself and use
 HTTP status lines, for example, to delimit response boundaries.

-Since 7.14.1: When a server sends a chunked encoded transfer, it may contain a
-trailer. That trailer is identical to a HTTP header and if such a trailer is
-received it is passed to the application using this callback as well. There
-are several ways to detect it being a trailer and not an ordinary header: 1)
-it comes after the response-body. 2) it comes after the final header line (CR
-LF) 3) a Trailer: header among the response-headers mention what header to
-expect in the trailer.
+When a server sends a chunked encoded transfer, it may contain a trailer. That
+trailer is identical to a HTTP header and if such a trailer is received it is
+passed to the application using this callback as well. There are several ways
+to detect it being a trailer and not an ordinary header: 1) it comes after the
+response-body. 2) it comes after the final header line (CR LF) 3) a Trailer:
+header among the regular response-headers mention what header(s) to expect in
+the trailer.
+
+For non-HTTP protocols like FTP, POP3, IMAP and SMTP this function will get
+called with the server responses to the commands that libcurl sends.
 .IP CURLOPT_WRITEHEADER
 (This option is also known as \fBCURLOPT_HEADERDATA\fP) Pass a pointer to be
-used to write the header part of the received data to. If you don't use your
-own callback to take care of the writing, this must be a valid FILE *. See
-also the \fICURLOPT_HEADERFUNCTION\fP option above on how to set a custom
-get-all-headers callback.
+used to write the header part of the received data to. If you don't use
+\fICURLOPT_WRITEFUNCTION\fP or \fICURLOPT_HEADERFUNCTION\fP to take care of
+the writing, this must be a valid FILE * as the internal default will then be
+a plain fwrite(). See also the \fICURLOPT_HEADERFUNCTION\fP option above on
+how to set a custom get-all-headers callback.
 .IP CURLOPT_DEBUGFUNCTION
 Function pointer that should match the following prototype: \fIint
 curl_debug_callback (CURL *, curl_infotype, char *, size_t, void *);\fP
@@ -398,7 +422,7 @@ built against another SSL library, this functionality is absent.

 Function pointer that should match the following prototype: \fBCURLcode
 sslctxfun(CURL *curl, void *sslctx, void *parm);\fP This function gets called
-by libcurl just before the initialization of an SSL connection after having
+by libcurl just before the initialization of a SSL connection after having
 processed all other SSL related options to give a last chance to an
 application to modify the behaviour of openssl's ssl initialization. The
 \fIsslctx\fP parameter is actually a pointer to an openssl \fISSL_CTX\fP. If
@@ -413,7 +437,7 @@ the SSL negotiation. The SSL_CTX pointer will be a new one every time.
 To use this properly, a non-trivial amount of knowledge of the openssl
 libraries is necessary. For example, using this function allows you to use
 openssl callbacks to add additional validation code for certificates, and even
-to change the actual URI of an HTTPS request (example used in the lib509 test
+to change the actual URI of a HTTPS request (example used in the lib509 test
 case).  See also the example section for a replacement of the key, certificate
 and trust file settings.
 .IP CURLOPT_SSL_CTX_DATA
@@ -569,20 +593,162 @@ POST/PUT and a 401 or 407 is received immediately afterwards.
 .SH NETWORK OPTIONS
 .IP CURLOPT_URL
 The actual URL to deal with. The parameter should be a char * to a zero
-terminated string.
+terminated string which must be URL-encoded in the following format:

-If the given URL lacks the protocol part ("http://" or "ftp://" etc), it will
-attempt to guess which protocol to use based on the given host name. If the
-given protocol of the set URL is not supported, libcurl will return on error
-(\fICURLE_UNSUPPORTED_PROTOCOL\fP) when you call \fIcurl_easy_perform(3)\fP or
-\fIcurl_multi_perform(3)\fP. Use \fIcurl_version_info(3)\fP for detailed info
-on which protocols are supported.
+scheme://host:port/path

-The string given to CURLOPT_URL must be url-encoded and follow RFC 2396
-(http://curl.haxx.se/rfc/rfc2396.txt).
+For a greater explanation of the format please see RFC 3986
+(http://curl.haxx.se/rfc/rfc3986.txt).

-Starting with version 7.20.0, the fragment part of the URI will not be send as
-part of the path, which was the case previously.
+If the given URL lacks the scheme, or protocol, part ("http://" or "ftp://"
+etc), libcurl will attempt to resolve which protocol to use based on the
+given host mame. If the protocol is not supported, libcurl will return
+(\fICURLE_UNSUPPORTED_PROTOCOL\fP) when you call \fIcurl_easy_perform(3)\fP
+or \fIcurl_multi_perform(3)\fP. Use \fIcurl_version_info(3)\fP for detailed
+information on which protocols are supported.
+
+The host part of the URL contains the address of the server that you want to
+connect to. This can be the fully qualified domain name of the server, the
+local network name of the machine on your network or the IP address of the
+server or machine represented by either an IPv4 or IPv6 address. For example:
+
+http://www.example.com/
+
+http://hostname/
+
+http://192.168.0.1/
+
+http://[2001:1890:1112:1::20]/
+
+It is also possible to specify the user name and password as part of the
+host, for some protocols, when connecting to servers that require
+authentication.
+
+For example the following types of authentication support this:
+
+http://user:password@www.domain.com
+ftp://user:password@ftp.domain.com
+pop3://user:password@mail.domain.com
+
+The port is optional and when not specified libcurl will use the default port
+based on the determined or specified protocol: 80 for http, 21 for ftp and 25
+for smtp, etc. The following examples show how to specify the port:
+
+http://www.weirdserver.com:8080/ - This will connect to a web server using
+port 8080.
+
+smtp://mail.domain.com:587/ - This will connect to a smtp server on the
+alternative mail port.
+
+The path part of the URL is protocol specific and whilst some examples are
+given below this list is not conclusive:
+
+.B HTTP
+
+The path part of a HTTP request specifies the file to retrieve and from what
+directory. If the directory is not specified then the web server's root
+directory is used. If the file is omitted then the default document will be
+retrieved for either the directory specified or the root directory. The
+exact resource returned for each URL is entirely dependent on the server's
+configuration.
+
+http://www.netscape.com - This gets the main page (index.html in this
+example) from Netscape's web server.
+
+http://www.netscape.com/index.html - This returns the main page from Netscape
+by specifying the page to get.
+
+http://www.netscape.com/contactus/ - This returns the default document from
+the contactus directory.
+
+.B FTP
+
+The path part of an FTP request specifies the file to retrieve and from what
+directory. If the file part is omitted then libcurl downloads the directory
+listing for the directory specified. If the directory is omitted then
+the directory listing for the root / home directory will be returned.
+
+ftp://cool.haxx.se - This retrieves the directory listing for our FTP server.
+
+ftp://cool.haxx.se/readme.txt - This downloads the file readme.txt from the
+root directory.
+
+ftp://cool.haxx.se/libcurl/readme.txt - This downloads readme.txt from the
+libcurl directory.
+
+ftp://user:password@my.example.com/readme.txt - This retrieves the readme.txt
+file from the user's home directory. When a username and password is
+specified, everything that is specified in the path part is relative to the
+user's home directory. To retrieve files from the root directory or a
+directory underneath the root directory then the absolute path must be
+specified by prepending an additional forward slash to the beginning of the
+path.
+
+ftp://user:password@my.example.com//readme.txt - This retrieves the readme.txt
+from the root directory when logging in as a specified user.
+
+.B SMTP
+
+The path part of a SMTP request specifies the host name to present during
+communication with the mail server. If the path is omitted then libcurl will
+attempt to resolve the local computer's host name. However, this may not
+return the fully qualified domain name that is required by some mail servers
+and specifying this path allows you to set an alternative name, such as
+your machine's fully qualified domain name, which you might have obtained
+from an external function such as gethostname or getaddrinfo.
+
+smtp://mail.domain.com - This connects to the mail server at domain.com and
+sends your local computer's host name in the HELO / EHLO command.
+
+smtp://mail.domain.com/client.domain.com - This will send client.domain.com in
+the HELO / EHLO command to the mail server at domain.com.
+
+.B POP3
+
+The path part of a POP3 request specifies the mailbox (message) to retrieve.
+If the mailbox is not specified then a list of waiting messages is returned
+instead.
+
+pop3://user:password@mail.domain.com - This lists the available messages
+pop3://user:password@mail.domain.com/1 - This retrieves the first message
+
+.B SCP
+
+The path part of a SCP request specifies the file to retrieve and from what
+directory. The file part may not be omitted. The file is taken as an absolute
+path from the root directory on the server. To specify a path relative to
+the user's home directory on the server, prepend ~/ to the path portion.
+If the user name is not embedded in the URL, it can be set with the
+\fICURLOPT_USERPWD\fP or \fBCURLOPT_USERNAME\fP option.
+
+scp://user@example.com/etc/issue - This specifies the file /etc/issue
+
+scp://example.com/~/my-file - This specifies the file my-file in the
+user's home directory on the server
+
+.B SFTP
+
+The path part of a SFTP request specifies the file to retrieve and from what
+directory. If the file part is omitted then libcurl downloads the directory
+listing for the directory specified.  If the path ends in a / then a directory
+listing is returned instead of a file.  If the path is omitted entirely then
+the directory listing for the root / home directory will be returned.
+If the user name is not embedded in the URL, it can be set with the
+\fICURLOPT_USERPWD\fP or \fBCURLOPT_USERNAME\fP option.
+
+sftp://user:password@example.com/etc/issue - This specifies the file
+/etc/issue
+
+sftp://user@example.com/~/my-file - This specifies the file my-file in the
+user's home directory
+
+sftp://ssh.example.com/~/Documents/ - This requests a directory listing
+of the Documents directory under the user's home directory
+
+.B NOTES
+
+Starting with version 7.20.0, the fragment part of the URI will not be sent as
+part of the path, which was previously the case.

 \fICURLOPT_URL\fP is the only option that \fBmust\fP be set before
 \fIcurl_easy_perform(3)\fP is called.
@@ -615,7 +781,7 @@ proxy's port number may optionally be specified with the separate option. If
 not specified, libcurl will default to using port 1080 for proxies.
 \fICURLOPT_PROXYPORT\fP.

-When you tell the library to use an HTTP proxy, libcurl will transparently
+When you tell the library to use a HTTP proxy, libcurl will transparently
 convert operations to HTTP even if you specify an FTP URL etc. This may have
 an impact on what other features of the library you can use, such as
 \fICURLOPT_QUOTE\fP and similar FTP specifics that don't work unless you
@@ -632,17 +798,29 @@ use of a proxy, even if there is an environment variable set for it.
 Since 7.14.1, the proxy host string given in environment variables can be
 specified the exact same way as the proxy can be set with \fICURLOPT_PROXY\fP,
 include protocol prefix (http://) and embedded user + password.
+
+Since 7.21.7, the proxy string may be specified with a protocol:// prefix to
+specify alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
+socks5h:// (the last one to enable socks5 and asking the proxy to do the
+resolving, also known as CURLPROXY_SOCKS5_HOSTNAME type) to request the
+specific SOCKS version to be used. No protocol specified, http:// and all
+others will be treated as HTTP proxies.
 .IP CURLOPT_PROXYPORT
 Pass a long with this option to set the proxy port to connect to unless it is
 specified in the proxy string \fICURLOPT_PROXY\fP.
 .IP CURLOPT_PROXYTYPE
 Pass a long with this option to set type of the proxy. Available options for
 this are \fICURLPROXY_HTTP\fP, \fICURLPROXY_HTTP_1_0\fP (added in 7.19.4),
-\fICURLPROXY_SOCKS4\fP (added in 7.15.2), \fICURLPROXY_SOCKS5\fP,
+\fICURLPROXY_SOCKS4\fP (added in 7.10), \fICURLPROXY_SOCKS5\fP,
 \fICURLPROXY_SOCKS4A\fP (added in 7.18.0) and \fICURLPROXY_SOCKS5_HOSTNAME\fP
 (added in 7.18.0). The HTTP type is default. (Added in 7.10)
+
+If you set \fBCURLOPT_PROXYTYPE\fP to \fICURLPROXY_HTTP_1_0\fP, it will only
+affect how libcurl speaks to a proxy when CONNECT is used. The HTTP version
+used for "regular" HTTP requests is instead controlled with
+\fICURLOPT_HTTP_VERSION\fP.
 .IP CURLOPT_NOPROXY
-Pass a pointer to a zero terminated string. The should be a comma- separated
+Pass a pointer to a zero terminated string. This should be a comma separated
 list of hosts which do not use a proxy, if one is specified.  The only
 wildcard is a single * character, which matches all hosts, and effectively
 disables the proxy. Each name in this list is matched as either a domain which
@@ -668,6 +846,15 @@ negotiation. (Added in 7.19.4).
 Pass a char * as parameter. This sets the interface name to use as outgoing
 network interface. The name can be an interface name, an IP address, or a host
 name.
+
+Starting with 7.24.0: If the parameter starts with "if!" then it is treated as
+only as interface name and no attempt will ever be named to do treat it as an
+IP address or to do name resolution on it.  If the parameter starts with
+\&"host!" it is treated as either an IP address or a hostname.  Hostnames are
+resolved synchronously.  Using the if! format is highly recommended when using
+the multi interfaces to avoid allowing the code to block.  If "if!" is
+specified but the parameter does not match an existing interface,
+CURLE_INTERFACE_FAILED is returned.
 .IP CURLOPT_LOCALPORT
 Pass a long. This sets the local port number of the socket used for
 connection. This can be used in combination with \fICURLOPT_INTERFACE\fP and
@@ -731,6 +918,20 @@ overdone.
 .IP CURLOPT_ADDRESS_SCOPE
 Pass a long specifying the scope_id value to use when connecting to IPv6
 link-local or site-local addresses. (Added in 7.19.0)
+.IP CURLOPT_TCP_KEEPALIVE
+Pass a long. If set to 1, TCP keepalive probes will be sent. The delay and
+frequency of these probes can be controlled by the \fICURLOPT_TCP_KEEPIDLE\fP
+and \fICURLOPT_TCP_KEEPINTVL\fP options, provided the operating system supports
+them. Set to 0 (default behavior) to disable keepalive probes (Added in
+7.25.0).
+.IP CURLOPT_TCP_KEEPIDLE
+Pass a long. Sets the delay, in seconds, that the operating system will wait
+while the connection is idle before sending keepalive probes. Not all operating
+systems support this option. (Added in 7.25.0)
+.IP CURLOPT_TCP_KEEPINTVL
+Pass a long. Sets the interval, in seconds, that the operating system will wait
+between sending keepalive probes. Not all operating systems support this
+option. (Added in 7.25.0)
 .SH NAMES and PASSWORDS OPTIONS (Authentication)
 .IP CURLOPT_NETRC
 This parameter controls the preference of libcurl between using user names and
@@ -863,8 +1064,22 @@ HTTP NTLM authentication. A proprietary protocol invented and used by
 Microsoft. It uses a challenge-response and hash concept similar to Digest, to
 prevent the password from being eavesdropped.

-You need to build libcurl with OpenSSL support for this option to work, or
-build libcurl on Windows.
+You need to build libcurl with either OpenSSL, GnuTLS or NSS support for this
+option to work, or build libcurl on Windows.
+.IP CURLAUTH_NTLM_WB
+NTLM delegating to winbind helper. Authentication is performed by a separate
+binary application that is executed when needed. The name of the application
+is specified at compile time but is typically /usr/bin/ntlm_auth
+(Added in 7.22.0)
+
+Note that libcurl will fork when necessary to run the winbind application and
+kill it when complete, calling waitpid() to await its exit when done. On POSIX
+operating systems, killing the process will cause a SIGCHLD signal to be
+raised (regardless of whether \fICURLOPT_NOSIGNAL\fP is set), which must be
+handled intelligently by the application. In particular, the application must
+not unconditionally call wait() in its SIGCHLD signal handler to avoid being
+subject to a race condition.  This behavior is subject to change in future
+versions of libcurl.
 .IP CURLAUTH_ANY
 This is a convenience macro that sets all bits and thus makes libcurl pick any
 it finds suitable. libcurl will automatically select the one it finds most
@@ -892,12 +1107,12 @@ You need to build libcurl with GnuTLS or OpenSSL with TLS-SRP support for this
 to work. (Added in 7.21.4)
 .RE
 .IP CURLOPT_TLSAUTH_USERNAME
-Pass a char * as parameter, which should point to the zero-terminated username
+Pass a char * as parameter, which should point to the zero terminated username
 to use for the TLS authentication method specified with the
 \fICURLOPT_TLSAUTH_TYPE\fP option. Requires that the
 \fICURLOPT_TLS_PASSWORD\fP option also be set. (Added in 7.21.4)
 .IP CURLOPT_TLSAUTH_PASSWORD
-Pass a char * as parameter, which should point to the zero-terminated password
+Pass a char * as parameter, which should point to the zero terminated password
 to use for the TLS authentication method specified with the
 \fICURLOPT_TLSAUTH_TYPE\fP option. Requires that the
 \fICURLOPT_TLS_USERNAME\fP option also be set. (Added in 7.21.4)
@@ -916,8 +1131,8 @@ work. (Added in 7.10.7)
 Pass a parameter set to 1 to enable this. When enabled, libcurl will
 automatically set the Referer: field in requests where it follows a Location:
 redirect.
-.IP CURLOPT_ENCODING
-Sets the contents of the Accept-Encoding: header sent in an HTTP request, and
+.IP CURLOPT_ACCEPT_ENCODING
+Sets the contents of the Accept-Encoding: header sent in a HTTP request, and
 enables decoding of a response when a Content-Encoding: header is received.
 Three encodings are supported: \fIidentity\fP, which does nothing,
 \fIdeflate\fP which requests the server to compress its response using the
@@ -928,9 +1143,24 @@ supported encodings is sent.
 This is a request, not an order; the server may or may not do it.  This option
 must be set (to any non-NULL value) or else any unsolicited encoding done by
 the server is ignored. See the special file lib/README.encoding for details.
+
+(This option was called CURLOPT_ENCODING before 7.21.6)
+.IP CURLOPT_TRANSFER_ENCODING
+Adds a request for compressed Transfer Encoding in the outgoing HTTP
+request. If the server supports this and so desires, it can respond with the
+HTTP resonse sent using a compressed Transfer-Encoding that will be
+automatically uncompressed by libcurl on receival.
+
+Transfer-Encoding differs slightly from the Content-Encoding you ask for with
+\fBCURLOPT_ACCEPT_ENCODING\fP in that a Transfer-Encoding is strictly meant to
+be for the transfer and thus MUST be decoded before the data arrives in the
+client. Traditionally, Transfer-Encoding has been much less used and supported
+by both HTTP clients and HTTP servers.
+
+(Added in 7.21.6)
 .IP CURLOPT_FOLLOWLOCATION
 A parameter set to 1 tells the library to follow any Location: header that the
-server sends as part of an HTTP header.
+server sends as part of a HTTP header.

 This means that the library will re-send the same request on the new location
 and follow new Location: headers all the way until no more such headers are
@@ -953,12 +1183,13 @@ Setting the limit to 0 will make libcurl refuse any redirect. Set it to -1 for
 an infinite number of redirects (which is the default)
 .IP CURLOPT_POSTREDIR
 Pass a bitmask to control how libcurl acts on redirects after POSTs that get a
-301 or 302 response back.  A parameter with bit 0 set (value
+301, 302 or 303 response back.  A parameter with bit 0 set (value
 \fBCURL_REDIR_POST_301\fP) tells the library to respect RFC 2616/10.3.2 and
 not convert POST requests into GET requests when following a 301
 redirection. Setting bit 1 (value CURL_REDIR_POST_302) makes libcurl maintain
-the request method after a 302 redirect. CURL_REDIR_POST_ALL is a convenience
-define that sets both bits.
+the request method after a 302 redirect. Setting bit 2 (value
+\fBCURL_REDIR_POST_303) makes libcurl maintain the request method after a 302
+redirect. CURL_REDIR_POST_ALL is a convenience define that sets both bits.

 The non-RFC behaviour is ubiquitous in web browsers, so the library does the
 conversion by default to maintain consistency. However, a server may require a
@@ -1010,7 +1241,7 @@ If you issue a POST request and then want to make a HEAD or GET using the same
 re-used handle, you must explicitly set the new request type using
 \fICURLOPT_NOBODY\fP or \fICURLOPT_HTTPGET\fP or similar.
 .IP CURLOPT_POSTFIELDS
-Pass a void * as parameter, which should be the full data to post in an HTTP
+Pass a void * as parameter, which should be the full data to post in a HTTP
 POST operation. You must make sure that the data is formatted the way you want
 the server to receive it. libcurl will not convert or encode it for you. Most
 web servers will assume this data to be url-encoded.
@@ -1045,7 +1276,7 @@ Pass a curl_off_t as parameter. Use this to set the size of the
 data to figure out the size. This is the large file version of the
 \fICURLOPT_POSTFIELDSIZE\fP option. (Added in 7.11.1)
 .IP CURLOPT_COPYPOSTFIELDS
-Pass a char * as parameter, which should be the full data to post in an HTTP
+Pass a char * as parameter, which should be the full data to post in a HTTP
 POST operation. It behaves as the \fICURLOPT_POSTFIELDS\fP option, but the
 original data are copied by the library, allowing the application to overwrite
 the original data after setting this option.
@@ -1132,7 +1363,7 @@ option and thus you need to concatenate them all in one single string. Set
 multiple cookies in one string like this: "name1=content1; name2=content2;"
 etc.

-This option sets the cookie header explictly in the outgoing request(s). If
+This option sets the cookie header explicitly in the outgoing request(s). If
 multiple requests are done due to authentication, followed redirections or
 similar, they will all get this cookie passed on.

@@ -1217,12 +1448,16 @@ transfer decoding will be disabled, if set to 1 it is enabled
 option is set to zero. (added in 7.16.2)
 .SH SMTP OPTIONS
 .IP CURLOPT_MAIL_FROM
-Pass a pointer to a zero terminated string as parameter. It will be used to
-specify the sender address in a mail when sending an SMTP mail with libcurl.
+Pass a pointer to a zero terminated string as parameter. This should be used
+to specify the sender's email address when sending SMTP mail with libcurl.

-An originator email address in SMTP lingo is specified within angle brackets
-(<>) which libcurl will not add for you before version 7.21.4. Failing to
-provide such brackets may cause the server to reject your mail.
+An originator email address should be specified with angled brackets (<>)
+around it, which if not specified, will be added by libcurl from version
+7.21.4 onwards. Failing to provide such brackets may cause the server to
+reject the email.
+
+If this parameter is not specified then an empty address will be sent to the
+mail server which may or may not cause the email to be rejected.

 (Added in 7.20.0)
 .IP CURLOPT_MAIL_RCPT
@@ -1231,11 +1466,30 @@ SMTP mail request.  The linked list should be a fully valid list of \fBstruct
 curl_slist\fP structs properly filled in. Use \fIcurl_slist_append(3)\fP to
 create the list and \fIcurl_slist_free_all(3)\fP to clean up an entire list.

-Each recipient in SMTP lingo is specified with angle brackets (<>), but should
-you not use an angle bracket as first letter libcurl will assume you provide a
-single email address only and enclose that with angle brackets for you.
+Each recipient should be specified within a pair of angled brackets (<>),
+however, should you not use an angled bracket as the first character libcurl
+will assume you provided a single email address and enclose that address
+within brackets for you.

 (Added in 7.20.0)
+.IP CURLOPT_MAIL_AUTH
+Pass a pointer to a zero terminated string as parameter. This will be used
+to specify the authentication address (identity) of a submitted message that
+is being relayed to another server.
+
+This optional parameter allows co-operating agents in a trusted environment to
+communicate the authentication of individual messages and should only be used
+by the application program, using libcurl, if the application is itself a
+mail server acting in such an environment. If the application is operating as
+such and the AUTH address is not known or is invalid, then an empty string
+should be used for this parameter.
+
+Unlike CURLOPT_MAIL_FROM and CURLOPT_MAIL_RCPT, the address should not be
+specified within a pair of angled brackets (<>). However, if an empty string
+is used then a pair of brackets will be sent by libcurl as required by
+RFC-2554.
+
+(Added in 7.24.0)
 .SH TFTP OPTIONS
 .IP CURLOPT_TFTP_BLKSIZE
 Specify block size to use for TFTP data transmission. Valid range as per RFC
@@ -1273,18 +1527,22 @@ Examples with specified ports:
 You disable PORT again and go back to using the passive version by setting
 this option to NULL.
 .IP CURLOPT_QUOTE
-Pass a pointer to a linked list of FTP or SFTP commands to pass to
-the server prior to your FTP request. This will be done before any
-other commands are issued (even before the CWD command for FTP). The
-linked list should be a fully valid list of 'struct curl_slist' structs
-properly filled in with text strings. Use \fIcurl_slist_append(3)\fP
-to append strings (commands) to the list, and clear the entire list
-afterwards with \fIcurl_slist_free_all(3)\fP. Disable this operation
-again by setting a NULL to this option.
-The set of valid FTP commands depends on the server (see RFC959 for a
-list of mandatory commands).
-The valid SFTP commands are: chgrp, chmod, chown, ln, mkdir, pwd,
-rename, rm, rmdir, symlink (see
+Pass a pointer to a linked list of FTP or SFTP commands to pass to the server
+prior to your FTP request. This will be done before any other commands are
+issued (even before the CWD command for FTP). The linked list should be a
+fully valid list of 'struct curl_slist' structs properly filled in with text
+strings. Use \fIcurl_slist_append(3)\fP to append strings (commands) to the
+list, and clear the entire list afterwards with
+\fIcurl_slist_free_all(3)\fP. Disable this operation again by setting a NULL
+to this option. When speaking to a FTP (or SFTP since 7.24.0) server, prefix
+the command with an asterisk (*) to make libcurl continue even if the command
+fails as by default libcurl will stop at first failure.
+
+The set of valid FTP commands depends on the server (see RFC959 for a list of
+mandatory commands).
+
+The valid SFTP commands are: chgrp, chmod, chown, ln, mkdir, pwd, rename, rm,
+rmdir, symlink (see
 .BR curl (1))
 (SFTP support added in 7.16.3)
 .IP CURLOPT_POSTQUOTE
@@ -1298,7 +1556,7 @@ Pass a pointer to a linked list of FTP commands to pass to the server after
 the transfer type is set. The linked list should be a fully valid list of
 struct curl_slist structs properly filled in as described for
 \fICURLOPT_QUOTE\fP. Disable this operation again by setting a NULL to this
-option. Before version 7.15.6, if you also set \fICURLOPT_NOBODY\fP to 1, this
+option. Before version 7.16.0, if you also set \fICURLOPT_NOBODY\fP to 1, this
 option didn't work.
 .IP CURLOPT_DIRLISTONLY
 A parameter set to 1 tells the library to just list the names of files in a
@@ -1411,7 +1669,7 @@ a reply.
 Initiate the shutdown and wait for a reply.
 .RE
 .IP CURLOPT_FTP_ACCOUNT
-Pass a pointer to a zero-terminated string (or NULL to disable). When an FTP
+Pass a pointer to a zero terminated string (or NULL to disable). When an FTP
 server asks for "account data" after user name and password has been provided,
 this data is sent off using the ACCT command. (Added in 7.13.0)
 .IP CURLOPT_FTP_FILEMETHOD
@@ -1453,7 +1711,7 @@ needed for this method)\fP  (Added in 7.20.0)
 When sent by a client, this method changes the description of the session. For
 example, if a client is using the server to record a meeting, the client can
 use Announce to inform the server of all the meta-information about the
-session.  ANNOUNCE acts like an HTTP PUT or POST just like
+session.  ANNOUNCE acts like a HTTP PUT or POST just like
 \fICURL_RTSPREQ_SET_PARAMETER\fP (Added in 7.20.0)
 .IP CURL_RTSPREQ_SETUP
 Setup is used to initialize the transport layer for the session. The
@@ -1476,7 +1734,7 @@ different connections.  (Added in 7.20.0)
 .IP CURL_RTSPREQ_GET_PARAMETER
 Retrieve a parameter from the server. By default, libcurl will automatically
 include a \fIContent-Type: text/parameters\fP header on all non-empty requests
-unless a custom one is set. GET_PARAMETER acts just like an HTTP PUT or POST
+unless a custom one is set. GET_PARAMETER acts just like a HTTP PUT or POST
 (see \fICURL_RTSPREQ_SET_PARAMETER\fP).
 Applications wishing to send a heartbeat message (e.g. in the presence of a
 server-specified timeout) should send use an empty GET_PARAMETER request.
@@ -1484,9 +1742,9 @@ server-specified timeout) should send use an empty GET_PARAMETER request.
 .IP CURL_RTSPREQ_SET_PARAMETER
 Set a parameter on the server. By default, libcurl will automatically include
 a \fIContent-Type: text/parameters\fP header unless a custom one is set. The
-interaction with SET_PARAMTER is much like an HTTP PUT or POST. An application
-may either use \fICURLOPT_UPLOAD\fP with \fICURLOPT_READDATA\fP like an HTTP
-PUT, or it may use \fICURLOPT_POSTFIELDS\fP like an HTTP POST. No chunked
+interaction with SET_PARAMTER is much like a HTTP PUT or POST. An application
+may either use \fICURLOPT_UPLOAD\fP with \fICURLOPT_READDATA\fP like a HTTP
+PUT, or it may use \fICURLOPT_POSTFIELDS\fP like a HTTP POST. No chunked
 transfers are allowed, so the application must set the
 \fICURLOPT_INFILESIZE\fP in the former and \fICURLOPT_POSTFIELDSIZE\fP in the
 latter. Also, there is no use of multi-part POSTs within RTSP. (Added in
@@ -1548,7 +1806,7 @@ over FTP. This is a known limitation/flaw that nobody has rectified. libcurl
 simply sets the mode to ASCII and performs a standard transfer.
 .IP CURLOPT_PROXY_TRANSFER_MODE
 Pass a long. If the value is set to 1 (one), it tells libcurl to set the
-transfer mode (binary or ASCII) for FTP transfers done via an HTTP proxy, by
+transfer mode (binary or ASCII) for FTP transfers done via a HTTP proxy, by
 appending ;type=a or ;type=i to the URL. Without this setting, or it being set
 to 0 (zero, the default), \fICURLOPT_TRANSFERTEXT\fP has no effect when doing
 FTP via a proxy. Beware that not all proxies support this feature.  (Added in
@@ -1585,16 +1843,20 @@ source file to the remote target file.
 Pass a curl_off_t as parameter. It contains the offset in number of bytes that
 you want the transfer to start from. (Added in 7.11.0)
 .IP CURLOPT_CUSTOMREQUEST
-Pass a pointer to a zero terminated string as parameter. It will be used
-instead of GET or HEAD when doing an HTTP request, or instead of LIST or NLST
-when doing a FTP directory listing. This is useful for doing DELETE or other
-more or less obscure HTTP requests. Don't do this at will, make sure your
-server supports the command first.
+Pass a pointer to a zero terminated string as parameter. It can be used to
+specify the request instead of GET or HEAD when performing HTTP based
+requests, instead of LIST and NLST when performing FTP directory listings and
+instead of LIST and RETR when issuing POP3 based commands. This is
+particularly useful, for example, for performing a HTTP DELETE request or a
+POP3 DELE command.
+
+Please don't perform this at will, on HTTP based requests, by making sure
+your server supports the command you are sending first.
 
 When you change the request method by setting \fBCURLOPT_CUSTOMREQUEST\fP to
-something, you don't actually change how libcurl behaves or acts in regards to
-the particular request method, it will only change the actual string sent in
-the request.
+something, you don't actually change how libcurl behaves or acts in regards
+to the particular request method, it will only change the actual string sent
+in the request.

 For example: if you tell libcurl to do a HEAD request, but then change the
 request to a "GET" with \fBCURLOPT_CUSTOMREQUEST\fP you'll still see libcurl
@@ -1606,12 +1868,14 @@ POST, use \fICURLOPT_POST\fP or \fICURLOPT_POSTFIELDS\fP and so on.
 Restore to the internal default by setting this to NULL.

 Many people have wrongly used this option to replace the entire request with
-their own, including multiple headers and POST contents. While that might work
-in many cases, it will cause libcurl to send invalid requests and it could
-possibly confuse the remote server badly. Use \fICURLOPT_POST\fP and
+their own, including multiple headers and POST contents. While that might
+work in many cases, it will cause libcurl to send invalid requests and it
+could possibly confuse the remote server badly. Use \fICURLOPT_POST\fP and
 \fICURLOPT_POSTFIELDS\fP to set POST data. Use \fICURLOPT_HTTPHEADER\fP to
 replace or extend the set of headers sent by libcurl. Use
 \fICURLOPT_HTTP_VERSION\fP to change HTTP version.
+
+(Support for POP3 added in 7.26.0)
 .IP CURLOPT_FILETIME
 Pass a long. If it is 1, libcurl will attempt to get the modification date of
 the remote document in this operation. This requires that the remote server
@@ -1620,11 +1884,11 @@ sends the time or replies to a time querying command. The
 can be used after a transfer to extract the received time (if any).
 .IP CURLOPT_NOBODY
 A parameter set to 1 tells the library to not include the body-part in the
-output. This is only relevant for protocols that have separate header and body
-parts. On HTTP(S) servers, this will make libcurl do a HEAD request.
+output. This is only relevant for protocols that have separate header and
+body parts. On HTTP(S) servers, this will make libcurl do a HEAD request.

-To change request to GET, you should use \fICURLOPT_HTTPGET\fP. Change request
-to POST with \fICURLOPT_POST\fP etc.
+To change request to GET, you should use \fICURLOPT_HTTPGET\fP. Change
+request to POST with \fICURLOPT_POST\fP etc.
 .IP CURLOPT_INFILESIZE
 When uploading a file to a remote site, this option should be used to tell
 libcurl what the expected size of the infile is. This value should be passed
@@ -1633,6 +1897,9 @@ as a long. See also \fICURLOPT_INFILESIZE_LARGE\fP.
 For uploading using SCP, this option or \fICURLOPT_INFILESIZE_LARGE\fP is
 mandatory.

+When sending emails using SMTP, this command can be used to specify the
+optional SIZE parameter for the MAIL FROM command. (Added in 7.23.0)
+
 This option does not limit how much data libcurl will actually send, as that
 is controlled entirely by what the read callback returns.
 .IP CURLOPT_INFILESIZE_LARGE
@@ -1701,6 +1968,8 @@ SIGALRM to enable time-outing system calls.

 In unix-like systems, this might cause signals to be used unless
 \fICURLOPT_NOSIGNAL\fP is set.
+
+Default timeout is 0 (zero) which means it never times out.
 .IP CURLOPT_TIMEOUT_MS
 Like \fICURLOPT_TIMEOUT\fP but takes number of milliseconds instead. If
 libcurl is built to use the standard system name resolver, that portion
@@ -1762,9 +2031,9 @@ re-use (default behavior).
 .IP CURLOPT_CONNECTTIMEOUT
 Pass a long. It should contain the maximum time in seconds that you allow the
 connection to the server to take.  This only limits the connection phase, once
-it has connected, this option is of no more use. Set to zero to disable
-connection timeout (it will then only timeout on the system's internal
-timeouts). See also the \fICURLOPT_TIMEOUT\fP option.
+it has connected, this option is of no more use. Set to zero to switch to the
+default built-in connection timeout - 300 seconds. See also the
+\fICURLOPT_TIMEOUT\fP option.

 In unix-like systems, this might cause signals to be used unless
 \fICURLOPT_NOSIGNAL\fP is set.
@@ -1836,6 +2105,24 @@ resolves, by including a string in the linked list that uses the format
 and port number must exactly match what was already added previously.

 (Added in 7.21.3)
+.IP CURLOPT_DNS_SERVERS
+Set the list of DNS servers to be used instead of the system default.
+The format of the dns servers option is:
+
+host[:port][,host[:port]]...
+
+For example:
+
+192.168.1.100,192.168.1.101,3.4.5.6
+
+This option requires that libcurl was built with a resolver backend that
+supports this operation. The c-ares backend is the only such one.
+
+(Added in 7.24.0)
+.IP CURLOPT_ACCEPTTIMEOUT_MS
+Pass a long telling libcurl the maximum number of milliseconds to wait for a
+server to connect back to libcurl when an active FTP connection is used. If no
+timeout is set, the internal default of 60000 will be used. (Added in 7.24.0)
 .SH SSL and SECURITY OPTIONS
 .IP CURLOPT_SSLCERT
 Pass a pointer to a zero terminated string as parameter. The string should be
@@ -1908,7 +2195,7 @@ Pass a long as parameter. By default, curl assumes a value of 1.
 This option determines whether curl verifies the authenticity of the peer's
 certificate. A value of 1 means curl verifies; 0 (zero) means it doesn't.

-When negotiating an SSL connection, the server sends a certificate indicating
+When negotiating a SSL connection, the server sends a certificate indicating
 its identity.  Curl verifies whether the certificate is authentic, i.e. that
 you can trust that the server is who the certificate says it is.  This trust
 is based on a chain of digital signatures, rooted in certification authority
@@ -2057,6 +2344,16 @@ this to 1 to enable it. By default all transfers are done using the
 cache. While nothing ever should get hurt by attempting to reuse SSL
 session-IDs, there seem to be broken SSL implementations in the wild that may
 require you to disable this in order for you to succeed. (Added in 7.16.0)
+.IP CURLOPT_SSL_OPTIONS
+Pass a long with a bitmask to tell libcurl about specific SSL behaviors.
+
+CURLSSLOPT_ALLOW_BEAST is the only supported bit and by setting this the user
+will tell libcurl to not attempt to use any work-arounds for a security flaw
+in the SSL3 and TLS1.0 protocols.  If this option isn't used or this bit is
+set to 0, the SSL layer libcurl uses may use a work-around for this flaw
+although it might cause interoperability problems with some (older) SSL
+implementations. WARNING: avoiding this work-around loosens the security, and
+by setting this option to 1 you ask for exactly that. (Added in 7.25.0)
 .IP CURLOPT_KRBLEVEL
 Pass a char * as parameter. Set the kerberos security level for FTP; this also
 enables kerberos awareness.  This is a string, \&'clear', \&'safe',
@@ -2065,12 +2362,20 @@ of these, 'private' will be used. Set the string to NULL to disable kerberos
 support for FTP.

 (This option was known as CURLOPT_KRB4LEVEL up to 7.16.3)
+.IP CURLOPT_GSSAPI_DELEGATION
+Set the parameter to CURLGSSAPI_DELEGATION_FLAG to allow unconditional GSSAPI
+credential delegation.  The delegation is disabled by default since 7.21.7.
+Set the parameter to CURLGSSAPI_DELEGATION_POLICY_FLAG to delegate only if
+the OK-AS-DELEGATE flag is set in the service ticket in case this feature is
+supported by the GSSAPI implementation and the definition of
+GSS_C_DELEG_POLICY_FLAG was available at compile-time.
+(Added in 7.22.0)
 .SH SSH OPTIONS
 .IP CURLOPT_SSH_AUTH_TYPES
 Pass a long set to a bitmask consisting of one or more of
 CURLSSH_AUTH_PUBLICKEY, CURLSSH_AUTH_PASSWORD, CURLSSH_AUTH_HOST,
-CURLSSH_AUTH_KEYBOARD. Set CURLSSH_AUTH_ANY to let libcurl pick one.
-(Added in 7.16.1)
+CURLSSH_AUTH_KEYBOARD. Set CURLSSH_AUTH_ANY to let libcurl pick one. Currently
+CURLSSH_AUTH_HOST has no effect. (Added in 7.16.1)
 .IP CURLOPT_SSH_HOST_PUBLIC_KEY_MD5
 Pass a char * pointing to a string containing 32 hexadecimal digits. The
 string should be the 128 bit MD5 checksum of the remote host's public key, and
@@ -2078,13 +2383,18 @@ libcurl will reject the connection to the host unless the md5sums match. This
 option is only for SCP and SFTP transfers. (Added in 7.17.1)
 .IP CURLOPT_SSH_PUBLIC_KEYFILE
 Pass a char * pointing to a file name for your public key. If not used,
-libcurl defaults to using \fB~/.ssh/id_dsa.pub\fP.
-(Added in 7.16.1)
+libcurl defaults to \fB$HOME/.ssh/id_dsa.pub\fP if the HOME environment
+variable is set, and just "id_dsa.pub" in the current directory if HOME is not
+set.  (Added in 7.16.1)
+If an empty string is passed, libcurl will pass no public key to libssh2
+which then tries to compute it from the private key, this is known to work
+when libssh2 1.4.0+ is linked against OpenSSL. (Added in 7.26.0)
 .IP CURLOPT_SSH_PRIVATE_KEYFILE
 Pass a char * pointing to a file name for your private key. If not used,
-libcurl defaults to using \fB~/.ssh/id_dsa\fP.  If the file is
-password-protected, set the password with \fICURLOPT_KEYPASSWD\fP. (Added in
-7.16.1)
+libcurl defaults to \fB$HOME/.ssh/id_dsa\fP if the HOME environment variable
+is set, and just "id_dsa" in the current directory if HOME is not set.  If the
+file is password-protected, set the password with
+\fICURLOPT_KEYPASSWD\fP. (Added in 7.16.1)
 .IP CURLOPT_SSH_KNOWNHOSTS
 Pass a pointer to a zero terminated string holding the file name of the
 known_host file to use.  The known_hosts file should use the OpenSSH file
--- a/docs/libcurl/curl_easy_strerror.3
+++ b/docs/libcurl/curl_easy_strerror.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -23,9 +23,9 @@
 .SH NAME
 curl_easy_strerror - return string describing error code
 .SH SYNOPSIS
-.nf
-.B #include <curl/curl.h>
-.BI "const char *curl_easy_strerror(CURLcode " errornum ");"
+#include <curl/curl.h>
+
+const char *curl_easy_strerror(CURLcode errornum);
 .SH DESCRIPTION
 The curl_easy_strerror() function returns a string describing the CURLcode
 error code passed in the argument \fIerrornum\fP.
--- a/docs/libcurl/curl_formadd.3
+++ b/docs/libcurl/curl_formadd.3
@@ -30,18 +30,19 @@ curl_formadd - add a section to a multipart/formdata HTTP POST
 .ad
 .SH DESCRIPTION
 curl_formadd() is used to append sections when building a multipart/formdata
-HTTP POST (sometimes referred to as RFC2388-style posts). Append one section at
-a time until you've added all the sections you want included and then you pass
-the \fIfirstitem\fP pointer as parameter to \fBCURLOPT_HTTPPOST\fP.
-\fIlastitem\fP is set after each call and on repeated invokes it should be
-left as set to allow repeated invokes to find the end of the list faster.
+HTTP POST (sometimes referred to as RFC2388-style posts). Append one section
+at a time until you've added all the sections you want included and then you
+pass the \fIfirstitem\fP pointer as parameter to \fBCURLOPT_HTTPPOST\fP.
+\fIlastitem\fP is set after each \fIcurl_formadd(3)\fP call and on repeated
+invokes it should be left as set to allow repeated invokes to find the end of
+the list faster.

 After the \fIlastitem\fP pointer follow the real arguments.

-The pointers \fI*firstitem\fP and \fI*lastitem\fP should both be pointing to
+The pointers \fIfirstitem\fP and \fIlastitem\fP should both be pointing to
 NULL in the first call to this function. All list-data will be allocated by
-the function itself. You must call \fIcurl_formfree(3)\fP after the form post
-has been done to free the resources.
+the function itself. You must call \fIcurl_formfree(3)\fP on the
+\fIfirstitem\P after the form post has been done to free the resources.

 Using POST with HTTP 1.1 implies the use of a "Expect: 100-continue" header.
 You can disable this header with \fICURLOPT_HTTPHEADER\fP as usual.
--- a/docs/libcurl/curl_formfree.3
+++ b/docs/libcurl/curl_formfree.3
@@ -31,6 +31,13 @@ curl_formfree - free a previously build multipart/formdata HTTP POST chain
 curl_formfree() is used to clean up data previously built/appended with
 \fIcurl_formadd(3)\fP. This must be called when the data has been used, which
 typically means after \fIcurl_easy_perform(3)\fP has been called.
+
+The pointer to free is the same pointer you passed to the
+\fBCURLOPT_HTTPPOST\fP option, which is the \fIfirstitem\fP pointer from the
+\fIcurl_formadd(3)\fP invoke(s).
+
+\fBform\fP is the pointer as returned from a previous call to
+\fIcurl_formadd(3)\fP and may be NULL.
 .SH RETURN VALUE
 None
 .SH "SEE ALSO"
--- a/docs/libcurl/curl_formget.3
+++ b/docs/libcurl/curl_formget.3
@@ -23,24 +23,27 @@
 .SH NAME
 curl_formget - serialize a previously built multipart/formdata HTTP POST chain
 .SH SYNOPSIS
+.nf
 .B #include <curl/curl.h>
-.sp
-.BI "void curl_formget(struct curl_httppost *" form, " void *" arg,
-.BI " curl_formget_callback " append ");"
-.ad
+
+void curl_formget(struct curl_httppost * form, void *userp,
+                  curl_formget_callback append );
 .SH DESCRIPTION
 curl_formget() is used to serialize data previously built/appended with
-\fIcurl_formadd(3)\fP. Accepts a void pointer as second argument which will be
-passed to the curl_formget_callback function.
+\fIcurl_formadd(3)\fP. Accepts a void pointer as second argument named
+\fIuserp\fP which will be passed as the first argument to the
+curl_formget_callback function.

-.BI "typedef size_t (*curl_formget_callback)(void *" arg, " const char *" buf,
+.BI "typedef size_t (*curl_formget_callback)(void *" userp, " const char *" buf,
 .BI " size_t " len ");"
-.nf

 The curl_formget_callback will be executed for each part of the HTTP POST
-chain. The void *arg pointer will be the one passed as second argument to
-curl_formget(). The character buffer passed to it must not be freed. The
+chain. The character buffer passed to the callback must not be freed. The
 callback should return the buffer length passed to it on success.
+
+If the \fBCURLFORM_STREAM\fP option is used in the formpost, it will prevent
+\fIcurl_formget(3)\fP from working until you've performed the actual HTTP
+request as only then will libcurl get the actual read callback to use!
 .SH RETURN VALUE
 0 means everything was ok, non-zero means an error occurred
 .SH EXAMPLE
@@ -52,6 +55,7 @@ callback should return the buffer length passed to it on success.
   (*(size_t *) arg) += len;
   return len;
 }
+
 size_t print_httppost(struct curl_httppost *post)
 {
   size_t total_size = 0;
--- a/docs/libcurl/curl_multi_fdset.3
+++ b/docs/libcurl/curl_multi_fdset.3
@@ -40,19 +40,28 @@ but be sure to FD_ZERO them before calling this function as
 otherwise remove any others. The \fIcurl_multi_perform(3)\fP function should be
 called as soon as one of them is ready to be read from or written to.

-To be sure to have up-to-date results, you should call
-\fIcurl_multi_perform\fP until it does not return CURLM_CALL_MULTI_PERFORM
-prior to calling \fIcurl_multi_fdset\fP.  This will make sure that libcurl has
-updated the handles' socket states.
-
 If no file descriptors are set by libcurl, \fImax_fd\fP will contain -1 when
 this function returns. Otherwise it will contain the higher descriptor number
-libcurl set.
+libcurl set. When libcurl returns -1 in \fImax_fd\fP, it is because libcurl
+currently does something that isn't possible for your application to monitor
+with a socket and unfortunately you can then not know exactly when the current
+action is completed using select(). When max_fd returns with -1, you need to
+wait a while and then proceed and call \fIcurl_multi_perform\fP anyway. How
+long to wait? I would suggest 100 milliseconds at least, but you may want to
+test it out in your own particular conditions to find a suitable value.

 When doing select(), you should use \fBcurl_multi_timeout\fP to figure out how
 long to wait for action. Call \fIcurl_multi_perform\fP even if no activity has
 been seen on the fd_sets after the timeout expires as otherwise internal
 retries and timeouts may not work as you'd think and want.
+
+If one of the sockets used by libcurl happens to be larger than what can be
+set in an fd_set, which on POSIX systems means that the file descriptor is
+larger than FD_SETSIZE, then libcurl will try to not set it. Setting a too
+large file descriptor in an fd_set implies an out of bounds write which can
+cause crashes, or worse. The effect of NOT storing it will possibly save you
+from the crash, but will make your program NOT wait for sockets it should wait
+for...
 .SH RETURN VALUE
 CURLMcode type, general libcurl multi interface error code. See
 \fIlibcurl-errors(3)\fP
--- a/docs/libcurl/curl_share_setopt.3
+++ b/docs/libcurl/curl_share_setopt.3
@@ -64,6 +64,11 @@ Cached DNS hosts will be shared across the easy handles using this shared
 object. Note that when you use the multi interface, all easy handles added to
 the same multi handle will share DNS cache by default without this having to
 be used!
+.IP CURL_LOCK_DATA_SSL_SESSION
+SSL session IDs will be shared accross the easy handles using this shared
+object. This will reduce the time spent in the SSL handshake when reconnecting
+to the same server. Note SSL session IDs are reused within the same easy handle
+by default.
 .RE
 .IP CURLSHOPT_UNSHARE
 This option does the opposite of \fICURLSHOPT_SHARE\fP. It specifies that
--- a/docs/libcurl/curl_version_info.3
+++ b/docs/libcurl/curl_version_info.3
@@ -128,6 +128,11 @@ the app having to pass them on. (Added in 7.13.2)
 .IP CURL_VERSION_CONV
 libcurl was built with support for character conversions, as provided by the
 CURLOPT_CONV_* callbacks. (Added in 7.15.4)
+.IP CURL_VERSION_TLSAUTH_SRP
+libcurl was built with support for TLS-SRP. (Added in 7.21.4)
+.IP CURL_VERSION_NTLM_WB
+libcurl was built with support for NTLM delegation to a winbind helper.
+(Added in 7.22.0)
 .RE
 \fIssl_version\fP is an ASCII string for the OpenSSL version used. If libcurl
 has no SSL support, this is NULL.
--- a/docs/libcurl/libcurl-errors.3
+++ b/docs/libcurl/libcurl-errors.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -66,20 +66,21 @@ remote server is probably not an OK FTP server.
 .IP "CURLE_REMOTE_ACCESS_DENIED (9)"
 We were denied access to the resource given in the URL.  For FTP, this occurs
 while trying to change to the remote directory.
+.IP "CURLE_FTP_ACCEPT_FAILED (10)"
+While waiting for the server to connect back when an active FTP session is
+used, an error code was sent over the control connection or similar.
 .IP "CURLE_FTP_WEIRD_PASS_REPLY (11)"
 After having sent the FTP password to the server, libcurl expects a proper
 reply. This error code indicates that an unexpected code was returned.
+.IP "CURLE_FTP_ACCEPT_TIMEOUT (12)"
+During an active FTP session while waiting for the server to connect, the
+\fICURLOPT_ACCEPTTIMOUT_MS\fP (or the internal default) timeout expired.
 .IP "CURLE_FTP_WEIRD_PASV_REPLY (13)"
 libcurl failed to get a sensible result back from the server as a response to
 either a PASV or a EPSV command. The server is flawed.
 .IP "CURLE_FTP_WEIRD_227_FORMAT (14)"
 FTP servers return a 227-line as a response to a PASV command. If libcurl
 fails to parse that line, this return code is passed back.
-.IP "CURLE_FTP_PRET_FAILED (84)"
-The FTP server does not understand the PRET command at all or does not support
-the given argument. Be careful when using \fICURLOPT_CUSTOMREQUEST\fP, a
-custom LIST command will be sent with PRET CMD before PASV as well. (Added in
-7.20.0)
 .IP "CURLE_FTP_CANT_GET_HOST (15)"
 An internal failure to lookup the host used for the new connection.
 .IP "CURLE_FTP_COULDNT_SET_TYPE (17)"
@@ -227,7 +228,10 @@ Failed to load CRL file (Added in 7.19.0)
 .IP "CURLE_SSL_ISSUER_ERROR (83)"
 Issuer check failed (Added in 7.19.0)
 .IP "CURLE_FTP_PRET_FAILED (84)"
-PRET command failed
+The FTP server does not understand the PRET command at all or does not support
+the given argument. Be careful when using \fICURLOPT_CUSTOMREQUEST\fP, a
+custom LIST command will be sent with PRET CMD before PASV as well. (Added in
+7.20.0)
 .IP "CURLE_RTSP_CSEQ_ERROR (85)"
 Mismatch of RTSP CSeq numbers.
 .IP "CURLE_RTSP_SESSION_ERROR (86)"
@@ -277,3 +281,6 @@ An invalid share object was passed to the function.
 .IP "CURLSHE_NOMEM (4)"
 Not enough memory was available.
 (Added in 7.12.0)
+.IP "CURLSHE_NOT_BUILT_IN (5)"
+The requsted sharing could not be done because the library you use don't have
+that particular feature enabled. (Added in 7.23.0)
--- a/docs/libcurl/libcurl-multi.3
+++ b/docs/libcurl/libcurl-multi.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -82,14 +82,6 @@ might need attention. This also makes it very easy for your program to wait
 for input on your own private file descriptors at the same time or perhaps
 timeout every now and then, should you want that.

-A little note here about the return codes from the multi functions, and
-especially the \fIcurl_multi_perform(3)\fP: if you receive
-\fICURLM_CALL_MULTI_PERFORM\fP, this basically means that you should call
-\fIcurl_multi_perform(3)\fP again, before you select() on more actions. You
-don't have to do it immediately, but the return code means that libcurl may
-have more data available to return or that there may be more data to send off
-before it is "satisfied".
-
 \fIcurl_multi_perform(3)\fP stores the number of still running transfers in
 one of its input arguments, and by reading that you can figure out when all
 the transfers in the multi handles are done. 'done' does not mean
@@ -118,23 +110,40 @@ If you want to re-use an easy handle that was added to the multi handle for
 transfer, you must first remove it from the multi stack and then re-add it
 again (possibly after having altered some options at your own choice).
 .SH "MULTI_SOCKET"
-Since 7.16.0, the \fIcurl_multi_socket_action(3)\fP function offers a way for
-applications to not only avoid being forced to use select(), but it also
-offers a much more high-performance API that will make a significant
-difference for applications using large numbers of simultaneous connections.
+\fIcurl_multi_socket_action(3)\fP function offers a way for applications to
+not only avoid being forced to use select(), but it also offers a much more
+high-performance API that will make a significant difference for applications
+using large numbers of simultaneous connections.

-\fIcurl_multi_socket_action(3)\fP is then used
-instead of \fIcurl_multi_perform(3)\fP.
+\fIcurl_multi_socket_action(3)\fP is then used instead of
+\fIcurl_multi_perform(3)\fP.
+
+When using this API, you add easy handles to the multi handle just as with the
+normal multi interface. Then you also set two callbacks with the
+CURLMOPT_SOCKETFUNCTION and CURLMOPT_TIMERFUNCTION options to
+\fIcurl_multi_setopt(3)\fP.
+
+The API is then designed to inform your application about which sockets
+libcurl is currently using and for what activities (read and/or write) on
+those sockets your application is expected to wait for.
+
+Your application must then make sure to receive all sockets informed about in
+the CURLMOPT_SOCKETFUNCTION callback and make sure it reacts on the given
+activity on them. When a socket has the given activity, you call
+\fIcurl_multi_socket_action(3)\fP specifying which socket and action there
+are.
+
+The CURLMOPT_TIMERFUNCTION callback is called to set a timeout. When that
+timeout expires, your application should call the
+\fIcurl_multi_socket_action(3)\fP function saying it was due to a timeout.
 .SH "BLOCKING"
 A few areas in the code are still using blocking code, even when used from the
 multi interface. While we certainly want and intend for these to get fixed in
 the future, you should be aware of the following current restrictions:

 .nf
- - Name resolves on non-windows unless c-ares is used
- - GnuTLS SSL connections
+ - Name resolves unless the c-ares or threaded-resolver backends are used
 - NSS SSL connections
- - Active FTP connections
 - HTTP proxy CONNECT operations
 - SOCKS proxy handshakes
 - file:// transfers
--- a/docs/libcurl/libcurl-tutorial.3
+++ b/docs/libcurl/libcurl-tutorial.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -249,9 +249,11 @@ complication for you. Given simply the URL to a file, libcurl will take care
 of all the details needed to get the file moved from one machine to another.

 .SH "Multi-threading Issues"
-The first basic rule is that you must \fBnever\fP share a libcurl handle (be
-it easy or multi or whatever) between multiple threads. Only use one handle in
-one thread at a time.
+The first basic rule is that you must \fBnever\fP simultaneously share a
+libcurl handle (be it easy or multi or whatever) between multiple
+threads. Only use one handle in one thread at any time. You can pass the
+handles around among threads, but you must never use a single handle from more
+than one thread at any given time.

 libcurl is completely thread safe, except for two issues: signals and SSL/TLS
 handlers. Signals are used for timing out name resolves (during DNS lookup) -
@@ -815,10 +817,6 @@ This header is required by HTTP 1.1 and even many 1.0 servers and should be
 the name of the server we want to talk to. This includes the port number if
 anything but default.

-.IP "Pragma"
-\&"no-cache". Tells a possible proxy to not grab a copy from the cache but to
-fetch a fresh one.
-
 .IP "Accept"
 \&"*/*".

@@ -1301,9 +1299,7 @@ ones at any time), you start the transfers by calling

 \fIcurl_multi_perform(3)\fP is asynchronous. It will only execute as little as
 possible and then return back control to your program. It is designed to never
-block. If it returns CURLM_CALL_MULTI_PERFORM you better call it again soon,
-as that is a signal that it still has local data to send or remote data to
-receive.
+block.

 The best usage of this interface is when you do a select() on all possible
 file descriptors or sockets to know when to call libcurl again. This also
@@ -1339,9 +1335,21 @@ to figure out success on each individual transfer.
 [ seeding, passwords, keys, certificates, ENGINE, ca certs ]

 .SH "Sharing Data Between Easy Handles"
+You can share some data between easy handles when the easy interface is used,
+and some data is share automatically when you use the multi interface.

- [ fill in ]
+When you add easy handles to a multi handle, these easy handles will
+automatically share a lot of the data that otherwise would be kept on a
+per-easy handle basis when the easy interface is used.

+The DNS cache is shared between handles within a multi handle, making
+subsequent name resolvings faster and the connection pool that is kept to
+better allow persistent connections and connection re-use is shared. If you're
+using the easy interface, you can still share these between specific easy
+handles by using the share interface, see \fIlibcurl-share(3)\fP.
+
+Some things are never shared automatically, not within multi handles, like for
+example cookies so the only way to share that is with the share interface.
 .SH "Footnotes"

 .IP "[1]"
--- a/docs/libcurl/libcurl.m4
+++ b/docs/libcurl/libcurl.m4
@@ -146,7 +146,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
           _libcurl_save_libs=$LIBS
           LIBS="$LIBCURL $LIBS"

-           AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <curl/curl.h>],[
+           AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <curl/curl.h>]],[[
 /* Try and use a few common options to force a failure if we are
   missing symbols or can't link. */
 int x;
@@ -157,7 +157,8 @@ x=CURLOPT_FILE;
 x=CURLOPT_ERRORBUFFER;
 x=CURLOPT_STDERR;
 x=CURLOPT_VERBOSE;
-])],libcurl_cv_lib_curl_usable=yes,libcurl_cv_lib_curl_usable=no)
+if (x) ;
+]])],libcurl_cv_lib_curl_usable=yes,libcurl_cv_lib_curl_usable=no)

           CPPFLAGS=$_libcurl_save_cppflags
           LIBS=$_libcurl_save_libs
--- a/docs/libcurl/symbols-in-versions
+++ b/docs/libcurl/symbols-in-versions
@@ -20,6 +20,7 @@ CURLAUTH_DIGEST_IE              7.19.3
 CURLAUTH_GSSNEGOTIATE           7.10.6
 CURLAUTH_NONE                   7.10.6
 CURLAUTH_NTLM                   7.10.6
+CURLAUTH_NTLM_WB                7.22.0
 CURLAUTH_ONLY                   7.21.3
 CURLCLOSEPOLICY_CALLBACK        7.7
 CURLCLOSEPOLICY_LEAST_RECENTLY_USED 7.7
@@ -44,6 +45,8 @@ CURLE_COULDNT_RESOLVE_PROXY     7.1
 CURLE_FAILED_INIT               7.1
 CURLE_FILESIZE_EXCEEDED         7.10.8
 CURLE_FILE_COULDNT_READ_FILE    7.1
+CURLE_FTP_ACCEPT_FAILED         7.24.0
+CURLE_FTP_ACCEPT_TIMEOUT        7.24.0
 CURLE_FTP_ACCESS_DENIED         7.1
 CURLE_FTP_BAD_DOWNLOAD_RESUME   7.1           7.1
 CURLE_FTP_BAD_FILE_LIST         7.21.0
@@ -186,6 +189,9 @@ CURLFTPSSL_TRY                  7.11.0        7.17.0
 CURLFTP_CREATE_DIR              7.19.4
 CURLFTP_CREATE_DIR_NONE         7.19.4
 CURLFTP_CREATE_DIR_RETRY        7.19.4
+CURLGSSAPI_DELEGATION_FLAG      7.22.0
+CURLGSSAPI_DELEGATION_NONE      7.22.0
+CURLGSSAPI_DELEGATION_POLICY_FLAG 7.22.0
 CURLINFO_APPCONNECT_TIME        7.19.0
 CURLINFO_CERTINFO               7.19.1
 CURLINFO_CONDITION_UNMET        7.19.4
@@ -282,6 +288,8 @@ CURLOPTTYPE_FUNCTIONPOINT       7.1
 CURLOPTTYPE_LONG                7.1
 CURLOPTTYPE_OBJECTPOINT         7.1
 CURLOPTTYPE_OFF_T               7.11.0
+CURLOPT_ACCEPTTIMEOUT_MS        7.24.0
+CURLOPT_ACCEPT_ENCODING         7.21.6
 CURLOPT_ADDRESS_SCOPE           7.19.0
 CURLOPT_APPEND                  7.17.0
 CURLOPT_AUTOREFERER             7.1
@@ -294,6 +302,8 @@ CURLOPT_CHUNK_DATA              7.21.0
 CURLOPT_CHUNK_END_FUNCTION      7.21.0
 CURLOPT_CLOSEFUNCTION           7.7           7.11.1      7.15.5
 CURLOPT_CLOSEPOLICY             7.7           7.16.1
+CURLOPT_CLOSESOCKETDATA         7.21.7
+CURLOPT_CLOSESOCKETFUNCTION     7.21.7
 CURLOPT_CONNECTTIMEOUT          7.7
 CURLOPT_CONNECTTIMEOUT_MS       7.16.2
 CURLOPT_CONNECT_ONLY            7.15.2
@@ -313,6 +323,7 @@ CURLOPT_DEBUGDATA               7.9.6
 CURLOPT_DEBUGFUNCTION           7.9.6
 CURLOPT_DIRLISTONLY             7.17.0
 CURLOPT_DNS_CACHE_TIMEOUT       7.9.3
+CURLOPT_DNS_SERVERS             7.24.0
 CURLOPT_DNS_USE_GLOBAL_CACHE    7.9.3         7.11.1
 CURLOPT_EGDSOCKET               7.7
 CURLOPT_ENCODING                7.10
@@ -341,6 +352,7 @@ CURLOPT_FTP_SSL_CCC             7.16.1
 CURLOPT_FTP_USE_EPRT            7.10.5
 CURLOPT_FTP_USE_EPSV            7.9.2
 CURLOPT_FTP_USE_PRET            7.20.0
+CURLOPT_GSSAPI_DELEGATION       7.22.0
 CURLOPT_HEADER                  7.1
 CURLOPT_HEADERDATA              7.10
 CURLOPT_HEADERFUNCTION          7.7.2
@@ -372,6 +384,7 @@ CURLOPT_LOCALPORT               7.15.2
 CURLOPT_LOCALPORTRANGE          7.15.2
 CURLOPT_LOW_SPEED_LIMIT         7.1
 CURLOPT_LOW_SPEED_TIME          7.1
+CURLOPT_MAIL_AUTH               7.25.0
 CURLOPT_MAIL_FROM               7.20.0
 CURLOPT_MAIL_RCPT               7.20.0
 CURLOPT_MAXCONNECTS             7.7
@@ -395,7 +408,7 @@ CURLOPT_OPENSOCKETFUNCTION      7.17.1
 CURLOPT_PASSWDDATA              7.4.2         7.11.1      7.15.5
 CURLOPT_PASSWDFUNCTION          7.4.2         7.11.1      7.15.5
 CURLOPT_PASSWORD                7.19.1
-CURLOPT_PASV_HOST               7.12.1        7.15.6      7.15.5
+CURLOPT_PASV_HOST               7.12.1        7.16.0      7.15.5
 CURLOPT_PORT                    7.1
 CURLOPT_POST                    7.1
 CURLOPT_POST301                 7.17.1        7.19.1
@@ -470,10 +483,14 @@ CURLOPT_SSLVERSION              7.1
 CURLOPT_SSL_CIPHER_LIST         7.9
 CURLOPT_SSL_CTX_DATA            7.10.6
 CURLOPT_SSL_CTX_FUNCTION        7.10.6
+CURLOPT_SSL_OPTIONS             7.25.0
 CURLOPT_SSL_SESSIONID_CACHE     7.16.0
 CURLOPT_SSL_VERIFYHOST          7.8.1
 CURLOPT_SSL_VERIFYPEER          7.4.2
 CURLOPT_STDERR                  7.1
+CURLOPT_TCP_KEEPALIVE           7.25.0
+CURLOPT_TCP_KEEPIDLE            7.25.0
+CURLOPT_TCP_KEEPINTVL           7.25.0
 CURLOPT_TCP_NODELAY             7.11.2
 CURLOPT_TELNETOPTIONS           7.7
 CURLOPT_TFTP_BLKSIZE            7.19.4
@@ -485,6 +502,7 @@ CURLOPT_TLSAUTH_PASSWORD        7.21.4
 CURLOPT_TLSAUTH_TYPE            7.21.4
 CURLOPT_TLSAUTH_USERNAME        7.21.4
 CURLOPT_TRANSFERTEXT            7.1.1
+CURLOPT_TRANSFER_ENCODING       7.21.6
 CURLOPT_UNRESTRICTED_AUTH       7.10.4
 CURLOPT_UPLOAD                  7.1
 CURLOPT_URL                     7.1
@@ -541,6 +559,7 @@ CURLSHE_BAD_OPTION              7.10.3
 CURLSHE_INVALID                 7.10.3
 CURLSHE_IN_USE                  7.10.3
 CURLSHE_NOMEM                   7.12.0
+CURLSHE_NOT_BUILT_IN            7.23.0
 CURLSHE_OK                      7.10.3
 CURLSHOPT_LOCKFUNC              7.10.3
 CURLSHOPT_NONE                  7.10.3
@@ -548,7 +567,7 @@ CURLSHOPT_SHARE                 7.10.3
 CURLSHOPT_UNLOCKFUNC            7.10.3
 CURLSHOPT_UNSHARE               7.10.3
 CURLSHOPT_USERDATA              7.10.3
-CURLSOCKTYPE_IPCXN              7.15.6
+CURLSOCKTYPE_IPCXN              7.16.0
 CURLSSH_AUTH_ANY                7.16.1
 CURLSSH_AUTH_DEFAULT            7.16.1
 CURLSSH_AUTH_HOST               7.16.1
@@ -556,6 +575,7 @@ CURLSSH_AUTH_KEYBOARD           7.16.1
 CURLSSH_AUTH_NONE               7.16.1
 CURLSSH_AUTH_PASSWORD           7.16.1
 CURLSSH_AUTH_PUBLICKEY          7.16.1
+CURLSSLOPT_ALLOW_BEAST          7.25.0
 CURLUSESSL_ALL                  7.17.0
 CURLUSESSL_CONTROL              7.17.0
 CURLUSESSL_NONE                 7.17.0
@@ -629,6 +649,7 @@ CURL_READFUNC_PAUSE             7.18.0
 CURL_REDIR_GET_ALL              7.19.1
 CURL_REDIR_POST_301             7.19.1
 CURL_REDIR_POST_302             7.19.1
+CURL_REDIR_POST_303             7.25.1
 CURL_REDIR_POST_ALL             7.19.1
 CURL_RTSPREQ_ANNOUNCE           7.20.0
 CURL_RTSPREQ_DESCRIBE           7.20.0
@@ -671,6 +692,7 @@ CURL_VERSION_KERBEROS4          7.10
 CURL_VERSION_LARGEFILE          7.11.1
 CURL_VERSION_LIBZ               7.10
 CURL_VERSION_NTLM               7.10.6
+CURL_VERSION_NTLM_WB            7.22.0
 CURL_VERSION_SPNEGO             7.10.8
 CURL_VERSION_SSL                7.10
 CURL_VERSION_SSPI               7.13.2
--- a/docs/libcurl/symbols.pl
+++ b/docs/libcurl/symbols.pl
@@ -0,0 +1,100 @@
+#!/usr/bin/perl
+#***************************************************************************
+#                                  _   _ ____  _
+#  Project                     ___| | | |  _ \| |
+#                             / __| | | | |_) | |
+#                            | (__| |_| |  _ <| |___
+#                             \___|\___/|_| \_\_____|
+#
+# Copyright (C) 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at http://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+###########################################################################
+#
+# Experience has shown that the symbols-in-versions file is very useful to
+# applications that want to build with a wide range of libcurl versions.
+# It is however easy to get it wrong and the source gets a bit messy with all
+# the fixed numerical comparisions.
+#
+# The point of this script is to provide an easy-to-use macro for libcurl-
+# using applications to do preprocessor checks for specific libcurl defines,
+# and yet make the code clearly show what the macro is used for.
+#
+# Run this script and generate libcurl-symbols.h and then use that header in
+# a fashion similar to:
+#
+# #include "libcurl-symbols.h"
+#
+# #if LIBCURL_HAS(CURLOPT_MUTE)
+#   has mute
+# #else
+#   no mute
+# #endif
+#
+#
+open F, "<symbols-in-versions";
+
+sub str2num {
+    my ($str)=@_;
+    if($str =~ /([0-9]*)\.([0-9]*)\.*([0-9]*)/) {
+        return sprintf("0x%06x", $1<<16 | $2 << 8 | $3);
+    }
+}
+
+print <<EOS
+
+#include <curl/curl.h>
+
+#define LIBCURL_HAS(x) \\
+  (defined(x ## _FIRST) && (x ## _FIRST <= LIBCURL_VERSION_NUM) && \\
+   (!defined(x ## _LAST) || ( x ## _LAST >= LIBCURL_VERSION_NUM)))
+
+EOS
+    ;
+
+while(<F>) {
+    if(/^(CURL[^ ]*)[ \t]*(.*)/) {
+        my ($sym, $vers)=($1, $2);
+
+        my $intr;
+        my $rm;
+        my $dep;
+
+        # is there removed info?
+        if($vers =~ /([\d.]+)[ \t-]+([\d.]+)[ \t]+([\d.]+)/) {
+            ($intr, $dep, $rm)=($1, $2, $3);
+        }
+        # is it a dep-only line?
+        elsif($vers =~ /([\d.]+)[ \t-]+([\d.]+)/) {
+            ($intr, $dep)=($1, $2);
+        }
+        else {
+            $intr = $vers;
+        }
+
+        my $inum = str2num($intr);
+
+        print <<EOS
+#define ${sym}_FIRST $inum /* Added in $intr */
+EOS
+;
+        my $irm = str2num($rm);
+        if($rm) {
+        print <<EOS
+#define ${sym}_LAST $irm /* Last featured in $rm */
+EOS
+;
+        }
+
+    }
+}
--- a/docs/mk-ca-bundle.1
+++ b/docs/mk-ca-bundle.1
@@ -0,0 +1,51 @@
+.Dd April 27, 2012
+.Dt MK-CA-BUNDLE 1
+.Os
+.Sh NAME
+.Nm mk-ca-bundle
+.Nd create a new ca-bundle.crt from mozilla's certdata.txt
+.Sh SYNOPSIS
+.Nm
+.Op Fl bilnqtuv
+.Or outputfile
+.Sh DESCRIPTION
+The
+.Nm
+tool downloads the certdata.txt file from Mozilla's source tree, then
+parses certdata.txt and extracts CA Root Certificates into PEM format.
+These are then processed with the OpenSSL commandline tool to produce the
+final ca-bundle.crt file.
+.Sh OPTIONS
+The following options are supported by
+.Nm :
+.Bl -tag -width _h
+.It Fl b
+backup an existing version of ca-bundle.crt
+.It Fl i
+print version info about used modules
+.It Fl l
+print license info about certdata.txt
+.It Fl n
+no download of certdata.txt (to use existing)
+.It Fl q
+be really quiet (no progress output at all)
+.It Fl t
+include plain text listing of certificates
+.It Fl u
+unlink (remove) certdata.txt after processing
+.It Fl v
+be verbose and print out processed CAs
+.El
+.Sh EXIT STATUS
+.Ex -std
+.Sh SEE ALSO
+.Xr curl 1
+.Sh HISTORY
+.Nm
+was based on the parse-certs script written by
+.An Roland Krikava
+and hacked by
+.An Guenter Knauf .
+This manual page was written by
+.An Jan Schaumann
+.Aq jschauma@netmeister.org .
--- a/include/README
+++ b/include/README
@@ -36,7 +36,7 @@ The following notes apply to libcurl version 7.19.0 and later.
 * If you intend to distribute an already compiled libcurl library you _MUST_
  also distribute along with it the generated curl/curlbuild.h which has been
  used to compile it. Otherwise the library will be of no use for the users of
-  the library that you have built. It is _your_ responsability to provide this
+  the library that you have built. It is _your_ responsibility to provide this
  file. No one at the cURL project can know how you have built the library.

 * File curl/curlbuild.h includes platform and configuration dependent info,
--- a/include/curl/.gitignore
+++ b/include/curl/.gitignore
@@ -1,3 +1,4 @@
 curlbuild.h
+stamp-h2
 stamp-h3
 curlver.h.dist
--- a/include/curl/Makefile.am
+++ b/include/curl/Makefile.am
@@ -20,7 +20,7 @@
 #
 ###########################################################################
 pkginclude_HEADERS = \
-	curl.h curlver.h easy.h mprintf.h stdcheaders.h types.h multi.h \
+	curl.h curlver.h easy.h mprintf.h stdcheaders.h multi.h \
 	typecheck-gcc.h curlbuild.h curlrules.h

 pkgincludedir= $(includedir)/curl
@@ -44,3 +44,10 @@ EXTRA_DIST = curlbuild.h.in

 DISTCLEANFILES = curlbuild.h

+checksrc:
+	@@PERL@ $(top_srcdir)/lib/checksrc.pl -Wcurlbuild.h -D$(top_srcdir)/include/curl $(pkginclude_HEADERS) $(EXTRA_DIST)
+
+if CURLDEBUG
+# for debug builds, we scan the sources on all regular make invokes
+all-local: checksrc
+endif
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -55,34 +55,32 @@
 #include <sys/types.h>
 #include <time.h>

-#if defined(WIN32) && !defined(_WIN32_WCE) && !defined(__GNUC__) && \
-  !defined(__CYGWIN__) || defined(__MINGW32__)
-#if !(defined(_WINSOCKAPI_) || defined(_WINSOCK_H))
+#if defined(WIN32) && !defined(_WIN32_WCE) && !defined(__CYGWIN__)
+#if !(defined(_WINSOCKAPI_) || defined(_WINSOCK_H) || defined(__LWIP_OPT_H__))
 /* The check above prevents the winsock2 inclusion if winsock.h already was
   included, since they can't co-exist without problems */
 #include <winsock2.h>
 #include <ws2tcpip.h>
 #endif
-#else
+#endif

 /* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
-   libc5-based Linux systems. Only include it on system that are known to
+   libc5-based Linux systems. Only include it on systems that are known to
   require it! */
 #if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || \
    defined(__minix) || defined(__SYMBIAN32__) || defined(__INTEGRITY) || \
-    defined(ANDROID) || \
+    defined(ANDROID) || defined(__ANDROID__) || \
   (defined(__FreeBSD_version) && (__FreeBSD_version < 800000))
 #include <sys/select.h>
 #endif

-#ifndef _WIN32_WCE
+#if !defined(WIN32) && !defined(_WIN32_WCE)
 #include <sys/socket.h>
 #endif
+
 #if !defined(WIN32) && !defined(__WATCOMC__) && !defined(__VXWORKS__)
 #include <sys/time.h>
 #endif
-#include <sys/types.h>
-#endif

 #ifdef __BEOS__
 #include <support/SupportDefs.h>
@@ -122,7 +120,7 @@ typedef void CURL;

 #ifndef curl_socket_typedef
 /* socket typedef */
-#ifdef WIN32
+#if defined(WIN32) && !defined(__LWIP_OPT_H__)
 typedef SOCKET curl_socket_t;
 #define CURL_SOCKET_BAD INVALID_SOCKET
 #else
@@ -189,10 +187,10 @@ typedef int (*curl_progress_callback)(void *clientp,
 #define CURL_MAX_HTTP_HEADER (100*1024)
 #endif

-
 /* This is a magic return code for the write callback that, when returned,
   will signal libcurl to pause receiving on the current transfer. */
 #define CURL_WRITEFUNC_PAUSE 0x10000001
+
 typedef size_t (*curl_write_callback)(char *buffer,
                                      size_t size,
                                      size_t nitems,
@@ -341,6 +339,9 @@ typedef curl_socket_t
                            curlsocktype purpose,
                            struct curl_sockaddr *address);

+typedef int
+(*curl_closesocket_callback)(void *clientp, curl_socket_t item);
+
 typedef enum {
  CURLIOE_OK,            /* I/O operation successful */
  CURLIOE_UNKNOWNCMD,    /* command was unknown to callback */
@@ -410,9 +411,12 @@ typedef enum {
  CURLE_REMOTE_ACCESS_DENIED,    /* 9 a service was denied by the server
                                    due to lack of access - when login fails
                                    this is not returned. */
-  CURLE_OBSOLETE10,              /* 10 - NOT USED */
+  CURLE_FTP_ACCEPT_FAILED,       /* 10 - [was obsoleted in April 2006 for
+                                    7.15.4, reused in Dec 2011 for 7.24.0]*/
  CURLE_FTP_WEIRD_PASS_REPLY,    /* 11 */
-  CURLE_OBSOLETE12,              /* 12 - NOT USED */
+  CURLE_FTP_ACCEPT_TIMEOUT,      /* 12 - timeout occurred accepting server
+                                    [was obsoleted in August 2007 for 7.17.0,
+                                    reused in Dec 2011 for 7.24.0]*/
  CURLE_FTP_WEIRD_PASV_REPLY,    /* 13 */
  CURLE_FTP_WEIRD_227_FORMAT,    /* 14 */
  CURLE_FTP_CANT_GET_HOST,       /* 15 */
@@ -467,7 +471,7 @@ typedef enum {
  CURLE_SSL_CERTPROBLEM,         /* 58 - problem with the local certificate */
  CURLE_SSL_CIPHER,              /* 59 - couldn't use specified cipher */
  CURLE_SSL_CACERT,              /* 60 - problem with the CA cert (path?) */
-  CURLE_BAD_CONTENT_ENCODING,    /* 61 - Unrecognized transfer encoding */
+  CURLE_BAD_CONTENT_ENCODING,    /* 61 - Unrecognized/bad encoding */
  CURLE_LDAP_INVALID_URL,        /* 62 - Invalid LDAP URL */
  CURLE_FILESIZE_EXCEEDED,       /* 63 - Maximum file size exceeded */
  CURLE_USE_SSL_FAILED,          /* 64 - Requested FTP SSL level failed */
@@ -507,17 +511,21 @@ typedef enum {
                                    7.19.0) */
  CURLE_FTP_PRET_FAILED,         /* 84 - a PRET command failed */
  CURLE_RTSP_CSEQ_ERROR,         /* 85 - mismatch of RTSP CSeq numbers */
-  CURLE_RTSP_SESSION_ERROR,      /* 86 - mismatch of RTSP Session Identifiers */
+  CURLE_RTSP_SESSION_ERROR,      /* 86 - mismatch of RTSP Session Ids */
  CURLE_FTP_BAD_FILE_LIST,       /* 87 - unable to parse FTP file list */
  CURLE_CHUNK_FAILED,            /* 88 - chunk callback reported error */
-
  CURL_LAST /* never use! */
 } CURLcode;

 #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
                          the obsolete stuff removed! */

-/* Backwards compatibility with older names */
+/* Previously obsoletes error codes re-used in 7.24.0 */
+#define CURLE_OBSOLETE10 CURLE_FTP_ACCEPT_FAILED
+#define CURLE_OBSOLETE12 CURLE_FTP_ACCEPT_TIMEOUT
+
+/*  compatibility with older names */
+#define CURLOPT_ENCODING CURLOPT_ACCEPT_ENCODING

 /* The following were added in 7.21.5, April 2011 */
 #define CURLE_UNKNOWN_TELNET_OPTION CURLE_UNKNOWN_OPTION
@@ -590,16 +598,31 @@ typedef enum {
                                   in 7.18.0 */
 } curl_proxytype;  /* this enum was added in 7.10 */

-#define CURLAUTH_NONE         0       /* nothing */
-#define CURLAUTH_BASIC        (1<<0)  /* Basic (default) */
-#define CURLAUTH_DIGEST       (1<<1)  /* Digest */
-#define CURLAUTH_GSSNEGOTIATE (1<<2)  /* GSS-Negotiate */
-#define CURLAUTH_NTLM         (1<<3)  /* NTLM */
-#define CURLAUTH_DIGEST_IE    (1<<4)  /* Digest with IE flavour */
-#define CURLAUTH_ONLY         (1<<31) /* used together with a single other
-                                         type to force no auth or just that
-                                         single type */
-#define CURLAUTH_ANY (~CURLAUTH_DIGEST_IE)  /* all fine types set */
+/*
+ * Bitmasks for CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH options:
+ *
+ * CURLAUTH_NONE         - No HTTP authentication
+ * CURLAUTH_BASIC        - HTTP Basic authentication (default)
+ * CURLAUTH_DIGEST       - HTTP Digest authentication
+ * CURLAUTH_GSSNEGOTIATE - HTTP GSS-Negotiate authentication
+ * CURLAUTH_NTLM         - HTTP NTLM authentication
+ * CURLAUTH_DIGEST_IE    - HTTP Digest authentication with IE flavour
+ * CURLAUTH_NTLM_WB      - HTTP NTLM authentication delegated to winbind helper
+ * CURLAUTH_ONLY         - Use together with a single other type to force no
+ *                         authentication or just that single type
+ * CURLAUTH_ANY          - All fine types set
+ * CURLAUTH_ANYSAFE      - All fine types except Basic
+ */
+
+#define CURLAUTH_NONE         ((unsigned long)0)
+#define CURLAUTH_BASIC        (((unsigned long)1)<<0)
+#define CURLAUTH_DIGEST       (((unsigned long)1)<<1)
+#define CURLAUTH_GSSNEGOTIATE (((unsigned long)1)<<2)
+#define CURLAUTH_NTLM         (((unsigned long)1)<<3)
+#define CURLAUTH_DIGEST_IE    (((unsigned long)1)<<4)
+#define CURLAUTH_NTLM_WB      (((unsigned long)1)<<5)
+#define CURLAUTH_ONLY         (((unsigned long)1)<<31)
+#define CURLAUTH_ANY          (~CURLAUTH_DIGEST_IE)
 #define CURLAUTH_ANYSAFE      (~(CURLAUTH_BASIC|CURLAUTH_DIGEST_IE))

 #define CURLSSH_AUTH_ANY       ~0     /* all types supported by the server */
@@ -610,6 +633,10 @@ typedef enum {
 #define CURLSSH_AUTH_KEYBOARD  (1<<3) /* keyboard interactive */
 #define CURLSSH_AUTH_DEFAULT CURLSSH_AUTH_ANY

+#define CURLGSSAPI_DELEGATION_NONE        0      /* no delegation (default) */
+#define CURLGSSAPI_DELEGATION_POLICY_FLAG (1<<0) /* if permitted by policy */
+#define CURLGSSAPI_DELEGATION_FLAG        (1<<1) /* delegate always */
+
 #define CURL_ERROR_SIZE 256

 struct curl_khkey {
@@ -660,6 +687,15 @@ typedef enum {
  CURLUSESSL_LAST     /* not an option, never use */
 } curl_usessl;

+/* Definition of bits for the CURLOPT_SSL_OPTIONS argument: */
+
+/* - ALLOW_BEAST tells libcurl to allow the BEAST SSL vulnerability in the
+   name of improving interoperability with older servers. Some SSL libraries
+   have introduced work-arounds for this flaw but those work-arounds sometimes
+   make the SSL communication fail. To regain functionality with those broken
+   servers, a user can this way allow the vulnerability back. */
+#define CURLSSLOPT_ALLOW_BEAST (1<<0)
+
 #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
                          the obsolete stuff removed! */

@@ -754,7 +790,7 @@ typedef enum {
 #endif

 #ifdef CURL_ISOCPP
-#define CINIT(name,type,number) CURLOPT_ ## name = CURLOPTTYPE_ ## type + number
+#define CINIT(na,t,nu) CURLOPT_ ## na = CURLOPTTYPE_ ## t + nu
 #else
 /* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */
 #define LONG          CURLOPTTYPE_LONG
@@ -912,9 +948,7 @@ typedef enum {
  /* send linked-list of post-transfer QUOTE commands */
  CINIT(POSTQUOTE, OBJECTPOINT, 39),

-  /* Pass a pointer to string of the output using full variable-replacement
-     as described elsewhere. */
-  CINIT(WRITEINFO, OBJECTPOINT, 40),
+  CINIT(WRITEINFO, OBJECTPOINT, 40), /* DEPRECATED, do not use! */

  CINIT(VERBOSE, LONG, 41),      /* talk a lot */
  CINIT(HEADER, LONG, 42),       /* throw the header out too */
@@ -923,7 +957,7 @@ typedef enum {
  CINIT(FAILONERROR, LONG, 45),  /* no output on http error codes >= 300 */
  CINIT(UPLOAD, LONG, 46),       /* this is an upload */
  CINIT(POST, LONG, 47),         /* HTTP POST method */
-  CINIT(DIRLISTONLY, LONG, 48),  /* return bare names when listing directories */
+  CINIT(DIRLISTONLY, LONG, 48),  /* bare names when listing directories */

  CINIT(APPEND, LONG, 50),       /* Append instead of overwrite on upload! */

@@ -990,9 +1024,7 @@ typedef enum {
  /* Max amount of cached alive connections */
  CINIT(MAXCONNECTS, LONG, 71),

-  /* What policy to use when closing connections when the cache is filled
-     up */
-  CINIT(CLOSEPOLICY, LONG, 72),
+  CINIT(CLOSEPOLICY, LONG, 72), /* DEPRECATED, do not use! */

  /* 73 = OBSOLETE */

@@ -1066,7 +1098,7 @@ typedef enum {
  CINIT(SSLENGINE_DEFAULT, LONG, 90),

  /* Non-zero value means to use the global dns cache */
-  CINIT(DNS_USE_GLOBAL_CACHE, LONG, 91), /* To become OBSOLETE soon */
+  CINIT(DNS_USE_GLOBAL_CACHE, LONG, 91), /* DEPRECATED, do not use! */

  /* DNS cache timeout */
  CINIT(DNS_CACHE_TIMEOUT, LONG, 92),
@@ -1103,8 +1135,9 @@ typedef enum {
  CINIT(PROXYTYPE, LONG, 101),

  /* Set the Accept-Encoding string. Use this to tell a server you would like
-     the response to be compressed. */
-  CINIT(ENCODING, OBJECTPOINT, 102),
+     the response to be compressed. Before 7.21.6, this was known as
+     CURLOPT_ENCODING */
+  CINIT(ACCEPT_ENCODING, OBJECTPOINT, 102),

  /* Set pointer to private data */
  CINIT(PRIVATE, OBJECTPOINT, 103),
@@ -1117,8 +1150,8 @@ typedef enum {
     and password to whatever host the server decides. */
  CINIT(UNRESTRICTED_AUTH, LONG, 105),

-  /* Specifically switch on or off the FTP engine's use of the EPRT command ( it
-     also disables the LPRT attempt). By default, those ones will always be
+  /* Specifically switch on or off the FTP engine's use of the EPRT command (
+     it also disables the LPRT attempt). By default, those ones will always be
     attempted before the good old traditional PORT command. */
  CINIT(FTP_USE_EPRT, LONG, 106),

@@ -1462,6 +1495,46 @@ typedef enum {
  /* Set authentication type for authenticated TLS */
  CINIT(TLSAUTH_TYPE, OBJECTPOINT, 206),

+  /* Set to 1 to enable the "TE:" header in HTTP requests to ask for
+     compressed transfer-encoded responses. Set to 0 to disable the use of TE:
+     in outgoing requests. The current default is 0, but it might change in a
+     future libcurl release.
+
+     libcurl will ask for the compressed methods it knows of, and if that
+     isn't any, it will not ask for transfer-encoding at all even if this
+     option is set to 1.
+
+  */
+  CINIT(TRANSFER_ENCODING, LONG, 207),
+
+  /* Callback function for closing socket (instead of close(2)). The callback
+     should have type curl_closesocket_callback */
+  CINIT(CLOSESOCKETFUNCTION, FUNCTIONPOINT, 208),
+  CINIT(CLOSESOCKETDATA, OBJECTPOINT, 209),
+
+  /* allow GSSAPI credential delegation */
+  CINIT(GSSAPI_DELEGATION, LONG, 210),
+
+  /* Set the name servers to use for DNS resolution */
+  CINIT(DNS_SERVERS, OBJECTPOINT, 211),
+
+  /* Time-out accept operations (currently for FTP only) after this amount
+     of miliseconds. */
+  CINIT(ACCEPTTIMEOUT_MS, LONG, 212),
+
+  /* Set TCP keepalive */
+  CINIT(TCP_KEEPALIVE, LONG, 213),
+
+  /* non-universal keepalive knobs (Linux, AIX, HP-UX, more) */
+  CINIT(TCP_KEEPIDLE, LONG, 214),
+  CINIT(TCP_KEEPINTVL, LONG, 215),
+
+  /* Enable/disable specific SSL features with a bitmask, see CURLSSLOPT_* */
+  CINIT(SSL_OPTIONS, LONG, 216),
+
+  /* set the SMTP auth originator */
+  CINIT(MAIL_AUTH, OBJECTPOINT, 217),
+
  CURLOPT_LASTENTRY /* the last unused */
 } CURLoption;

@@ -1565,13 +1638,16 @@ enum CURL_TLSAUTH {
 };

 /* symbols to use with CURLOPT_POSTREDIR.
-   CURL_REDIR_POST_301 and CURL_REDIR_POST_302 can be bitwise ORed so that
-   CURL_REDIR_POST_301 | CURL_REDIR_POST_302 == CURL_REDIR_POST_ALL */
+   CURL_REDIR_POST_301, CURL_REDIR_POST_302 and CURL_REDIR_POST_303
+   can be bitwise ORed so that CURL_REDIR_POST_301 | CURL_REDIR_POST_302
+   | CURL_REDIR_POST_303 == CURL_REDIR_POST_ALL */

 #define CURL_REDIR_GET_ALL  0
 #define CURL_REDIR_POST_301 1
 #define CURL_REDIR_POST_302 2
-#define CURL_REDIR_POST_ALL (CURL_REDIR_POST_301|CURL_REDIR_POST_302)
+#define CURL_REDIR_POST_303 4
+#define CURL_REDIR_POST_ALL \
+    (CURL_REDIR_POST_301|CURL_REDIR_POST_302|CURL_REDIR_POST_303)

 typedef enum {
  CURL_TIMECOND_NONE,
@@ -1690,7 +1766,8 @@ CURL_EXTERN CURLFORMcode curl_formadd(struct curl_httppost **httppost,
 * Should return the buffer length passed to it as the argument "len" on
 *   success.
 */
-typedef size_t (*curl_formget_callback)(void *arg, const char *buf, size_t len);
+typedef size_t (*curl_formget_callback)(void *arg, const char *buf,
+                                        size_t len);

 /*
 * NAME curl_formget()
@@ -1989,7 +2066,8 @@ typedef enum {
  CURLSHE_BAD_OPTION, /* 1 */
  CURLSHE_IN_USE,     /* 2 */
  CURLSHE_INVALID,    /* 3 */
-  CURLSHE_NOMEM,      /* out of memory */
+  CURLSHE_NOMEM,      /* 4 out of memory */
+  CURLSHE_NOT_BUILT_IN, /* 5 feature not present in lib */
  CURLSHE_LAST        /* never use */
 } CURLSHcode;

@@ -2070,6 +2148,7 @@ typedef struct {
 #define CURL_VERSION_CONV      (1<<12) /* character conversions supported */
 #define CURL_VERSION_CURLDEBUG (1<<13) /* debug memory tracking supported */
 #define CURL_VERSION_TLSAUTH_SRP (1<<14) /* TLS-SRP auth is supported */
+#define CURL_VERSION_NTLM_WB   (1<<15) /* NTLM delegating to winbind helper */

 /*
 * NAME curl_version_info()
--- a/include/curl/curlbuild.h.in
+++ b/include/curl/curlbuild.h.in
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -26,17 +26,17 @@
   a script at release-time. This was made its own header file in 7.11.2 */

 /* This is the global package copyright */
-#define LIBCURL_COPYRIGHT "1996 - 2011 Daniel Stenberg, <daniel@haxx.se>."
+#define LIBCURL_COPYRIGHT "1996 - 2012 Daniel Stenberg, <daniel@haxx.se>."

 /* This is the version number of the libcurl package from which this header
   file origins: */
-#define LIBCURL_VERSION "7.21.5-DEV"
+#define LIBCURL_VERSION "7.26.0-DEV"

 /* The numeric version number is also available "in parts" by using these
   defines: */
 #define LIBCURL_VERSION_MAJOR 7
-#define LIBCURL_VERSION_MINOR 21
-#define LIBCURL_VERSION_PATCH 5
+#define LIBCURL_VERSION_MINOR 26
+#define LIBCURL_VERSION_PATCH 0

 /* This is the numeric version of the libcurl version number, meant for easier
   parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
@@ -53,7 +53,7 @@
   and it is always a greater number in a more recent release. It makes
   comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x071505
+#define LIBCURL_VERSION_NUM 0x071A00

 /*
 * This is the date and time when the full source package was created. The
--- a/include/curl/easy.h
+++ b/include/curl/easy.h
@@ -53,8 +53,8 @@ CURL_EXTERN CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...);
 *
 * Creates a new curl session handle with the same options set for the handle
 * passed in. Duplicating a handle could only be a matter of cloning data and
- * options, internal state info and things like persistant connections cannot
- * be transfered. It is useful in multithreaded applications when you can run
+ * options, internal state info and things like persistent connections cannot
+ * be transferred. It is useful in multithreaded applications when you can run
 * curl_easy_duphandle() for each new thread to avoid a series of identical
 * curl_easy_setopt() invokes in every thread.
 */
--- a/include/curl/typecheck-gcc.h
+++ b/include/curl/typecheck-gcc.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -141,15 +141,17 @@ __extension__ ({                                                              \

 /* To define a new warning, use _CURL_WARNING(identifier, "message") */
 #define _CURL_WARNING(id, message)                                            \
-  static void __attribute__((warning(message))) __attribute__((unused))       \
-  __attribute__((noinline)) id(void) { __asm__(""); }
+  static void __attribute__((__warning__(message)))                           \
+  __attribute__((__unused__)) __attribute__((__noinline__))                   \
+  id(void) { __asm__(""); }

 _CURL_WARNING(_curl_easy_setopt_err_long,
  "curl_easy_setopt expects a long argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_curl_off_t,
  "curl_easy_setopt expects a curl_off_t argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_string,
-  "curl_easy_setopt expects a string (char* or char[]) argument for this option"
+              "curl_easy_setopt expects a "
+              "string (char* or char[]) argument for this option"
  )
 _CURL_WARNING(_curl_easy_setopt_err_write_callback,
  "curl_easy_setopt expects a curl_write_callback argument for this option")
@@ -160,7 +162,8 @@ _CURL_WARNING(_curl_easy_setopt_err_ioctl_cb,
 _CURL_WARNING(_curl_easy_setopt_err_sockopt_cb,
  "curl_easy_setopt expects a curl_sockopt_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_opensocket_cb,
-  "curl_easy_setopt expects a curl_opensocket_callback argument for this option"
+              "curl_easy_setopt expects a "
+              "curl_opensocket_callback argument for this option"
  )
 _CURL_WARNING(_curl_easy_setopt_err_progress_cb,
  "curl_easy_setopt expects a curl_progress_callback argument for this option")
@@ -173,9 +176,11 @@ _CURL_WARNING(_curl_easy_setopt_err_conv_cb,
 _CURL_WARNING(_curl_easy_setopt_err_seek_cb,
  "curl_easy_setopt expects a curl_seek_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_cb_data,
-  "curl_easy_setopt expects a private data pointer as argument for this option")
+              "curl_easy_setopt expects a "
+              "private data pointer as argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_error_buffer,
-  "curl_easy_setopt expects a char buffer of CURL_ERROR_SIZE as argument for this option")
+              "curl_easy_setopt expects a "
+              "char buffer of CURL_ERROR_SIZE as argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_FILE,
  "curl_easy_setopt expects a FILE* argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_postfields,
@@ -224,7 +229,7 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
   (option) == CURLOPT_PROXYUSERNAME ||                                       \
   (option) == CURLOPT_PROXYPASSWORD ||                                       \
   (option) == CURLOPT_NOPROXY ||                                             \
-   (option) == CURLOPT_ENCODING ||                                            \
+   (option) == CURLOPT_ACCEPT_ENCODING ||                                     \
   (option) == CURLOPT_REFERER ||                                             \
   (option) == CURLOPT_USERAGENT ||                                           \
   (option) == CURLOPT_COOKIE ||                                              \
@@ -388,7 +393,8 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
 /* evaluates to true if expr is abuffer suitable for CURLOPT_ERRORBUFFER */
 /* XXX: also check size of an char[] array? */
 #define _curl_is_error_buffer(expr)                                           \
-  (__builtin_types_compatible_p(__typeof__(expr), char *) ||                  \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), char *) ||                  \
   __builtin_types_compatible_p(__typeof__(expr), char[]))

 /* evaluates to true if expr is of type (const) void* or (const) FILE* */
@@ -481,7 +487,8 @@ typedef int (_curl_sockopt_callback1)(void *, curl_socket_t, curlsocktype);
 typedef int (_curl_sockopt_callback2)(const void *, curl_socket_t,
                                      curlsocktype);

-/* evaluates to true if expr is of type curl_opensocket_callback or "similar" */
+/* evaluates to true if expr is of type curl_opensocket_callback or
+   "similar" */
 #define _curl_is_opensocket_cb(expr)                                    \
  (_curl_is_NULL(expr) ||                                                     \
   __builtin_types_compatible_p(__typeof__(expr), curl_opensocket_callback) ||\
@@ -516,7 +523,11 @@ typedef int (_curl_progress_callback2)(const void *,
   _curl_callback_compatible((expr), _curl_debug_callback1) ||                \
   _curl_callback_compatible((expr), _curl_debug_callback2) ||                \
   _curl_callback_compatible((expr), _curl_debug_callback3) ||                \
-   _curl_callback_compatible((expr), _curl_debug_callback4))
+   _curl_callback_compatible((expr), _curl_debug_callback4) ||                \
+   _curl_callback_compatible((expr), _curl_debug_callback5) ||                \
+   _curl_callback_compatible((expr), _curl_debug_callback6) ||                \
+   _curl_callback_compatible((expr), _curl_debug_callback7) ||                \
+   _curl_callback_compatible((expr), _curl_debug_callback8))
 typedef int (_curl_debug_callback1) (CURL *,
    curl_infotype, char *, size_t, void *);
 typedef int (_curl_debug_callback2) (CURL *,
@@ -525,6 +536,14 @@ typedef int (_curl_debug_callback3) (CURL *,
    curl_infotype, const char *, size_t, void *);
 typedef int (_curl_debug_callback4) (CURL *,
    curl_infotype, const char *, size_t, const void *);
+typedef int (_curl_debug_callback5) (CURL *,
+    curl_infotype, unsigned char *, size_t, void *);
+typedef int (_curl_debug_callback6) (CURL *,
+    curl_infotype, unsigned char *, size_t, const void *);
+typedef int (_curl_debug_callback7) (CURL *,
+    curl_infotype, const unsigned char *, size_t, void *);
+typedef int (_curl_debug_callback8) (CURL *,
+    curl_infotype, const unsigned char *, size_t, const void *);

 /* evaluates to true if expr is of type curl_ssl_ctx_callback or "similar" */
 /* this is getting even messier... */
@@ -550,7 +569,8 @@ typedef CURLcode (_curl_ssl_ctx_callback4)(CURL *, const void *, const void *);
 typedef CURLcode (_curl_ssl_ctx_callback5)(CURL *, SSL_CTX, void *);
 typedef CURLcode (_curl_ssl_ctx_callback6)(CURL *, SSL_CTX, const void *);
 typedef CURLcode (_curl_ssl_ctx_callback7)(CURL *, const SSL_CTX, void *);
-typedef CURLcode (_curl_ssl_ctx_callback8)(CURL *, const SSL_CTX, const void *);
+typedef CURLcode (_curl_ssl_ctx_callback8)(CURL *, const SSL_CTX,
+                                           const void *);
 #else
 typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback5;
 typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback6;
--- a/include/curl/types.h
+++ b/include/curl/types.h
@@ -1 +0,0 @@
-/* not used */
--- a/lib/.gitignore
+++ b/lib/.gitignore
@@ -10,3 +10,4 @@ libcurl.plist.dist
 libcurl.vcproj
 vc6libcurl.dsp
 Makefile.vc10.dist
+libcurl.vers
--- a/lib/CMakeLists.txt
+++ b/lib/CMakeLists.txt
@@ -122,3 +122,5 @@ if(WIN32)
    set_target_properties(${LIB_NAME} PROPERTIES IMPORT_SUFFIX "_imp.lib")
  endif()
 endif()
+
+install(TARGETS ${LIB_NAME} DESTINATION lib)
--- a/lib/Makefile.Watcom
+++ b/lib/Makefile.Watcom
@@ -70,19 +70,26 @@ CFLAGS += -d_WIN32_WINNT=0x0501 -dENABLE_IPV6
 CFLAGS += -dUSE_WINDOWS_SSPI
 !endif

+!ifdef %use_winidn
+CFLAGS += -dWINVER=0x0600 -dUSE_WIN32_IDN
+!  if $(__VERSION__) <= 1290
+CFLAGS += -dWANT_IDN_PROTOTYPES
+!  endif
+!endif
+
 #
 # Change to suite.
 #
 !ifdef %zlib_root
 ZLIB_ROOT = $(%zlib_root)
 !else
-ZLIB_ROOT = ..$(DS)..$(DS)zlib-1.2.5
+ZLIB_ROOT = ..$(DS)..$(DS)zlib-1.2.7
 !endif

 !ifdef %libssh2_root
 LIBSSH2_ROOT = $(%libssh2_root)
 !else
-LIBSSH2_ROOT = ..$(DS)..$(DS)libssh2-1.2.7
+LIBSSH2_ROOT = ..$(DS)..$(DS)libssh2-1.4.2
 !endif

 !ifdef %librtmp_root
@@ -94,7 +101,7 @@ LIBRTMP_ROOT = ..$(DS)..$(DS)rtmpdump-2.3
 !ifdef %openssl_root
 OPENSSL_ROOT = $(%openssl_root)
 !else
-OPENSSL_ROOT = ..$(DS)..$(DS)openssl-0.9.8r
+OPENSSL_ROOT = ..$(DS)..$(DS)openssl-0.9.8x
 !endif

 !ifdef %ares_root
@@ -229,6 +236,14 @@ $(LINK_ARG): $(__MAKEFILES__)
 !ifdef %use_ares
 	@%append $^@ library $(ARES_ROOT)$(DS)cares.lib
 !endif
+!ifdef %use_winidn
+!  if $(__VERSION__) > 1290
+	@%append $^@ library normaliz.lib
+!  else
+	@%append $^@ import '_IdnToAscii@20' 'NORMALIZ.DLL'.'IdnToAscii'
+	@%append $^@ import '_IdnToUnicode@20' 'NORMALIZ.DLL'.'IdnToUnicode'
+!  endif
+!endif

 $(LIB_ARG): $(__MAKEFILES__)
 	%create $^@
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -33,12 +33,12 @@ CMAKE_DIST = CMakeLists.txt curl_config.h.cmake
 EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 $(DSP)                 \
 vc6libcurl.dsw config-win32.h config-win32ce.h config-riscos.h            \
 config-mac.h curl_config.h.in makefile.dj config-dos.h libcurl.plist      \
- libcurl.rc config-amigaos.h amigaos.c amigaos.h makefile.amiga		   \
+ libcurl.rc config-amigaos.h makefile.amiga                                \
 Makefile.netware nwlib.c nwos.c libcurl.imp msvcproj.head msvcproj.foot   \
 config-win32ce.h config-os400.h setup-os400.h config-symbian.h		   \
 Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ) mk-ca-bundle.pl		   \
 mk-ca-bundle.vbs firefox-db2pem.sh $(CMAKE_DIST) config-vxworks.h	   \
- Makefile.vxworks config-vms.h
+ Makefile.vxworks config-vms.h checksrc.pl

 CLEANFILES = $(DSP) $(VCPROJ)

@@ -46,7 +46,9 @@ lib_LTLIBRARIES = libcurl.la
 LIBCURL_LIBS = @LIBCURL_LIBS@

 # This might hold -Werror
-libcurl_la_CFLAGS = $(CFLAGS) @CURL_CFLAG_EXTRAS@
+CFLAGS += @CURL_CFLAG_EXTRAS@
+
+CFLAG_CURL_SYMBOL_HIDING = @CFLAG_CURL_SYMBOL_HIDING@

 # Specify our include paths here, and do it relative to $(top_srcdir) and
 # $(top_builddir), to ensure that these paths which belong to the library
@@ -77,6 +79,18 @@ INCLUDES = -I$(top_builddir)/include/curl \
           -I$(top_srcdir)/lib
 endif

+AM_CPPFLAGS =
+
+# Mostly for Windows build targets, when building libcurl library
+if USE_CPPFLAG_BUILDING_LIBCURL
+AM_CPPFLAGS += -DBUILDING_LIBCURL
+endif
+
+# Mostly for Windows build targets, when building static libcurl
+if USE_CPPFLAG_CURL_STATICLIB
+AM_CPPFLAGS += -DCURL_STATICLIB
+endif
+
 if SONAME_BUMP
 #
 # Bumping of SONAME conditionally may seem like a weird thing to do, and yeah
@@ -106,7 +120,7 @@ endif
 # For the full guide on libcurl ABI rules, see docs/libcurl/ABI

 if NO_UNDEFINED
-# The -no-undefined flag is CRUCIAL for this to build fine on Cygwin.
+# The -no-undefined flag is crucial to build fine on some platforms
 UNDEF = -no-undefined
 endif

@@ -116,18 +130,31 @@ if MIMPURE
 MIMPURE = -mimpure-text
 endif

-LINKFLAGS=$(UNDEF) $(MIMPURE) $(LIBCURL_LIBS)
-
-libcurl_la_LDFLAGS = $(LINKFLAGS) $(VERSIONINFO)
-
-# as unit testing will compile and link everything an extra time, we only
-# do it if debug is enabled
-if CURLDEBUG
-noinst_LTLIBRARIES = libcurlu.la
-libcurlu_la_CFLAGS = -DUNITTESTS
-libcurlu_la_LDFLAGS = -static $(LINKFLAGS)
+if VERSIONED_SYMBOLS
+VERSIONED_SYMBOLS = -Wl,--version-script=libcurl.vers
 endif

+libcurl_la_LDFLAGS = $(UNDEF) $(VERSIONINFO) $(MIMPURE) $(VERSIONED_SYMBOLS) $(LIBCURL_LIBS)
+
+if DOING_CURL_SYMBOL_HIDING
+libcurl_la_CPPFLAGS = $(AM_CPPFLAGS) -DCURL_HIDDEN_SYMBOLS
+libcurl_la_CFLAGS = $(AM_CFLAGS) $(CFLAG_CURL_SYMBOL_HIDING)
+else
+libcurl_la_CPPFLAGS = $(AM_CPPFLAGS)
+libcurl_la_CFLAGS = $(AM_CFLAGS)
+endif
+
+# unit testing static library built only along with unit tests
+if BUILD_UNITTESTS
+noinst_LTLIBRARIES = libcurlu.la
+else
+noinst_LTLIBRARIES =
+endif
+
+libcurlu_la_CPPFLAGS = $(AM_CPPFLAGS) -DUNITTESTS
+libcurlu_la_LDFLAGS = -static $(LIBCURL_LIBS)
+libcurlu_la_CFLAGS = $(AM_CFLAGS)
+
 # Makefile.inc provides the CSOURCES and HHEADERS defines
 include Makefile.inc

@@ -184,3 +211,12 @@ $(VCPROJ): vc8proj.head vc8proj.foot Makefile.am
 	echo "<File RelativePath=\""$$file"\"></File>" $(VCPROJOUT); \
 	done; \
 	cat $(srcdir)/vc8proj.foot $(VCPROJOUT) )
+
+
+checksrc:
+	@@PERL@ $(top_srcdir)/lib/checksrc.pl -D$(top_srcdir)/lib $(CSOURCES) $(HHEADERS)
+
+if CURLDEBUG
+# for debug builds, we scan the sources on all regular make invokes
+all-local: checksrc
+endif
--- a/lib/Makefile.b32
+++ b/lib/Makefile.b32
@@ -22,12 +22,12 @@ BCCDIR = $(MAKEDIR)\..

 # Edit the path below to point to the base of your Zlib sources.
 !ifndef ZLIB_PATH
-ZLIB_PATH = ..\..\zlib-1.2.5
+ZLIB_PATH = ..\..\zlib-1.2.7
 !endif

 # Edit the path below to point to the base of your OpenSSL package.
 !ifndef OPENSSL_PATH
-OPENSSL_PATH = ..\..\openssl-0.9.8q
+OPENSSL_PATH = ..\..\openssl-0.9.8x
 !endif

 # Set libcurl static lib, dll and import lib
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -14,14 +14,16 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c	\
  curl_fnmatch.c fileinfo.c ftplistparser.c wildcard.c krb5.c		\
  memdebug.c http_chunks.c strtok.c connect.c llist.c hash.c multi.c	\
  content_encoding.c share.c http_digest.c md4.c md5.c curl_rand.c	\
-  http_negotiate.c http_ntlm.c inet_pton.c strtoofft.c strerror.c	\
-  hostares.c hostasyn.c hostip4.c hostip6.c hostsyn.c hostthre.c	\
-  inet_ntop.c parsedate.c select.c gtls.c sslgen.c tftp.c splay.c	\
-  strdup.c socks.c ssh.c nss.c qssl.c rawstr.c curl_addrinfo.c		\
-  socks_gssapi.c socks_sspi.c curl_sspi.c slist.c nonblock.c		\
-  curl_memrchr.c imap.c pop3.c smtp.c pingpong.c rtsp.c curl_threads.c	\
-  warnless.c hmac.c polarssl.c curl_rtmp.c openldap.c curl_gethostname.c\
-  gopher.c axtls.c idn_win32.c http_negotiate_sspi.c cyassl.c http_proxy.c
+  http_negotiate.c inet_pton.c strtoofft.c strerror.c amigaos.c		\
+  hostasyn.c hostip4.c hostip6.c hostsyn.c inet_ntop.c parsedate.c	\
+  select.c gtls.c sslgen.c tftp.c splay.c strdup.c socks.c ssh.c nss.c	\
+  qssl.c rawstr.c curl_addrinfo.c socks_gssapi.c socks_sspi.c		\
+  curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c	\
+  pingpong.c rtsp.c curl_threads.c warnless.c hmac.c polarssl.c		\
+  curl_rtmp.c openldap.c curl_gethostname.c gopher.c axtls.c		\
+  idn_win32.c http_negotiate_sspi.c cyassl.c http_proxy.c non-ascii.c	\
+  asyn-ares.c asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c	\
+  curl_ntlm_core.c curl_ntlm_msgs.c

 HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h	\
  progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h	\
@@ -29,12 +31,12 @@ HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h	\
  getinfo.h strequal.h krb4.h memdebug.h http_chunks.h curl_rand.h	\
  curl_fnmatch.h wildcard.h fileinfo.h ftplistparser.h strtok.h		\
  connect.h llist.h hash.h content_encoding.h share.h curl_md4.h	\
-  curl_md5.h http_digest.h http_negotiate.h http_ntlm.h inet_pton.h	\
+  curl_md5.h http_digest.h http_negotiate.h inet_pton.h amigaos.h	\
  strtoofft.h strerror.h inet_ntop.h curlx.h curl_memory.h setup.h	\
  transfer.h select.h easyif.h multiif.h parsedate.h sslgen.h gtls.h	\
  tftp.h sockaddr.h splay.h strdup.h setup_once.h socks.h ssh.h nssg.h	\
  curl_base64.h rawstr.h curl_addrinfo.h curl_sspi.h slist.h nonblock.h	\
  curl_memrchr.h imap.h pop3.h smtp.h pingpong.h rtsp.h curl_threads.h	\
  warnless.h curl_hmac.h polarssl.h curl_rtmp.h curl_gethostname.h	\
-  gopher.h axtls.h cyassl.h http_proxy.h
-
+  gopher.h axtls.h cyassl.h http_proxy.h non-ascii.h asyn.h curl_ntlm.h \
+  curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h curl_ntlm_msgs.h
--- a/lib/Makefile.m32
+++ b/lib/Makefile.m32
@@ -1,68 +1,137 @@
-#########################################################################
+###########################################################################
 #
-## Makefile for building libcurl.a with MingW32 (GCC-3.2 or later)
-## and optionally OpenSSL (0.9.8), libssh2 (1.2), zlib (1.2.5)
+## Makefile for building libcurl.a with MingW (GCC-3.2 or later)
+## and optionally OpenSSL (0.9.8), libssh2 (1.3), zlib (1.2.5), librtmp (2.3)
 ##
-## Usage:
-## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [IDN=1] [SSPI=1] [IPV6=1] [LDAPS=1] [RTMP=1] [DYN=1]
+## Usage:   mingw32-make -f Makefile.m32 CFG=-feature1[-feature2][-feature3][...]
+## Example: mingw32-make -f Makefile.m32 CFG=-zlib-ssl-sspi-winidn
 ##
 ## Hint: you can also set environment vars to control the build, f.e.:
-## set ZLIB_PATH=c:/zlib-1.2.5
+## set ZLIB_PATH=c:/zlib-1.2.7
 ## set ZLIB=1
-##
-## Comments to: Troy Engel <tengel@sonic.net> or
-##              Joern Hartroth <hartroth@acm.org>
-#########################################################################
+#
+###########################################################################

 # Edit the path below to point to the base of your Zlib sources.
 ifndef ZLIB_PATH
-ZLIB_PATH = ../../zlib-1.2.5
+ZLIB_PATH = ../../zlib-1.2.7
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8r
+OPENSSL_PATH = ../../openssl-0.9.8x
+endif
+ifndef OPENSSL_INCLUDE
+OPENSSL_INCLUDE = $(OPENSSL_PATH)/outinc
+endif
+ifndef OPENSSL_LIBPATH
+OPENSSL_LIBPATH = $(OPENSSL_PATH)/out
+endif
+ifndef OPENSSL_LIBS
+OPENSSL_LIBS = -leay32 -lssl32
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-1.2.7
+LIBSSH2_PATH = ../../libssh2-1.4.2
+endif
+# Edit the path below to point to the base of your librtmp package.
+ifndef LIBRTMP_PATH
+LIBRTMP_PATH = ../../librtmp-2.3
 endif
 # Edit the path below to point to the base of your libidn package.
 ifndef LIBIDN_PATH
 LIBIDN_PATH = ../../libidn-1.18
 endif
-# Edit the path below to point to the base of your librtmp package.
-ifndef LIBRTMP_PATH
-LIBRTMP_PATH = ../../librtmp-2.3
+# Edit the path below to point to the base of your MS IDN package.
+# Microsoft Internationalized Domain Names (IDN) Mitigation APIs 1.1
+# http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad6158d7-ddba-416a-9109-07607425a815
+ifndef WINIDN_PATH
+WINIDN_PATH = ../../Microsoft IDN Mitigation APIs
 endif
 # Edit the path below to point to the base of your Novell LDAP NDK.
 ifndef LDAP_SDK
 LDAP_SDK = c:/novell/ndk/cldapsdk/win32
 endif

+PROOT = ..
+
 # Edit the path below to point to the base of your c-ares package.
 ifndef LIBCARES_PATH
-LIBCARES_PATH = ../ares
+LIBCARES_PATH = $(PROOT)/ares
+endif
+
+# Edit the var below to set to your architecture or set environment var.
+ifndef ARCH
+ARCH = w32
 endif

 CC = gcc
-AR = ar
+CFLAGS = -g -O2 -Wall
+CFLAGS += -fno-strict-aliasing
+ifeq ($(ARCH),w64)
+CFLAGS += -D_AMD64_
+endif
 # comment LDFLAGS below to keep debug info
 LDFLAGS = -s
+AR = ar
 RANLIB = ranlib
 RC = windres
-RCFLAGS = --include-dir=../include -DDEBUGBUILD=0 -O COFF -i
-RM = del /q /f 2>NUL
+RCFLAGS = --include-dir=$(PROOT)/include -DDEBUGBUILD=0 -O COFF -i
 STRIP = strip -g

+RM = del /q /f 2>NUL
+CP = copy
+
 ########################################################
 ## Nothing more to do below this line!

+ifeq ($(findstring -dyn,$(CFG)),-dyn)
+DYN = 1
+endif
+ifeq ($(findstring -ares,$(CFG)),-ares)
+ARES = 1
+endif
+ifeq ($(findstring -rtmp,$(CFG)),-rtmp)
+RTMP = 1
+SSL = 1
+ZLIB = 1
+endif
+ifeq ($(findstring -ssh2,$(CFG)),-ssh2)
+SSH2 = 1
+SSL = 1
+ZLIB = 1
+endif
+ifeq ($(findstring -ssl,$(CFG)),-ssl)
+SSL = 1
+endif
+ifeq ($(findstring -zlib,$(CFG)),-zlib)
+ZLIB = 1
+endif
+ifeq ($(findstring -idn,$(CFG)),-idn)
+IDN = 1
+endif
+ifeq ($(findstring -winidn,$(CFG)),-winidn)
+WINIDN = 1
+endif
+ifeq ($(findstring -sspi,$(CFG)),-sspi)
+SSPI = 1
+endif
+ifeq ($(findstring -spnego,$(CFG)),-spnego)
+SPNEGO = 1
+endif
+ifeq ($(findstring -ldaps,$(CFG)),-ldaps)
+LDAPS = 1
+endif
+ifeq ($(findstring -ipv6,$(CFG)),-ipv6)
+IPV6 = 1
+endif
+
 INCLUDES = -I. -I../include
-CFLAGS = -g -O2 -DBUILDING_LIBCURL
+CFLAGS += -DBUILDING_LIBCURL
+
 ifdef ARES
-  INCLUDES += -I$(LIBCARES_PATH)
+  INCLUDES += -I"$(LIBCARES_PATH)"
  CFLAGS += -DUSE_ARES
-  DLL_LIBS += -L$(LIBCARES_PATH) -lcares
+  DLL_LIBS += -L"$(LIBCARES_PATH)" -lcares
  libcurl_dll_DEPENDENCIES = $(LIBCARES_PATH)/libcares.a
 endif
 ifdef RTMP
@@ -73,30 +142,39 @@ endif
 ifdef SSH2
  INCLUDES += -I"$(LIBSSH2_PATH)/include" -I"$(LIBSSH2_PATH)/win32"
  CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H
-  DLL_LIBS += -L$(LIBSSH2_PATH)/win32 -lssh2
+  DLL_LIBS += -L"$(LIBSSH2_PATH)/win32" -lssh2
 endif
 ifdef SSL
-  INCLUDES += -I"$(OPENSSL_PATH)/outinc" -I"$(OPENSSL_PATH)/outinc/openssl"
+  INCLUDES += -I"$(OPENSSL_INCLUDE)"
  CFLAGS += -DUSE_SSLEAY -DUSE_OPENSSL -DHAVE_OPENSSL_ENGINE_H -DHAVE_OPENSSL_PKCS12_H \
            -DHAVE_ENGINE_LOAD_BUILTIN_ENGINES -DOPENSSL_NO_KRB5 \
            -DCURL_WANTS_CA_BUNDLE_ENV
-  DLL_LIBS += -L$(OPENSSL_PATH)/out -leay32 -lssl32
+  DLL_LIBS += -L"$(OPENSSL_LIBPATH)" $(OPENSSL_LIBS)
 endif
 ifdef ZLIB
  INCLUDES += -I"$(ZLIB_PATH)"
  CFLAGS += -DHAVE_LIBZ -DHAVE_ZLIB_H
-  DLL_LIBS += -L$(ZLIB_PATH) -lz
+  DLL_LIBS += -L"$(ZLIB_PATH)" -lz
 endif
 ifdef IDN
  INCLUDES += -I"$(LIBIDN_PATH)/include"
  CFLAGS += -DUSE_LIBIDN
-  DLL_LIBS += -L$(LIBIDN_PATH)/lib -lidn
+  DLL_LIBS += -L"$(LIBIDN_PATH)/lib" -lidn
+else
+ifdef WINIDN
+  CFLAGS += -DUSE_WIN32_IDN
+  CFLAGS += -DWANT_IDN_PROTOTYPES
+  DLL_LIBS += -L"$(WINIDN_PATH)" -lnormaliz
+endif
 endif
 ifdef SSPI
  CFLAGS += -DUSE_WINDOWS_SSPI
 endif
+ifdef SPNEGO
+  CFLAGS += -DHAVE_SPNEGO
+endif
 ifdef IPV6
-  CFLAGS += -DENABLE_IPV6
+  CFLAGS += -DENABLE_IPV6 -D_WIN32_WINNT=0x0501
 endif
 ifdef LDAPS
  CFLAGS += -DHAVE_LDAP_SSL
@@ -117,7 +195,6 @@ DLL_LIBS += -lwldap32
 endif
 endif
 DLL_LIBS += -lws2_32
-COMPILE = $(CC) $(INCLUDES) $(CFLAGS)

 # Makefile.inc provides the CSOURCES and HHEADERS defines
 include Makefile.inc
@@ -131,7 +208,6 @@ libcurl_a_DEPENDENCIES := $(strip $(CSOURCES) $(HHEADERS))

 RESOURCE = libcurl.res

-.SUFFIXES: .rc .res

 all: $(libcurl_a_LIBRARY) $(libcurl_dll_LIBRARY)

@@ -148,20 +224,25 @@ $(libcurl_dll_LIBRARY): $(libcurl_a_OBJECTS) $(RESOURCE) $(libcurl_dll_DEPENDENC
 	$(CC) $(LDFLAGS) -shared -Wl,--out-implib,$(libcurl_dll_a_LIBRARY) \
 	  -o $@ $(libcurl_a_OBJECTS) $(RESOURCE) $(DLL_LIBS)

-.c.o:
-	$(COMPILE) -c $<
+%.o: %.c $(PROOT)/include/curl/curlbuild.h
+	$(CC) $(INCLUDES) $(CFLAGS) -c $<

-.rc.res:
+%.res: %.rc
 	$(RC) $(RCFLAGS) $< -o $@

 clean:
+ifeq "$(wildcard $(PROOT)/include/curl/curlbuild.h.dist)" "$(PROOT)/include/curl/curlbuild.h.dist"
+	-$(RM) $(subst /,\,$(PROOT)/include/curl/curlbuild.h)
+endif
 	-$(RM) $(libcurl_a_OBJECTS) $(RESOURCE)

 distclean vclean: clean
 	-$(RM) $(libcurl_a_LIBRARY) $(libcurl_dll_LIBRARY) $(libcurl_dll_a_LIBRARY)

-FORCE: ;
-
 $(LIBCARES_PATH)/libcares.a:
 	$(MAKE) -C $(LIBCARES_PATH) -f Makefile.m32

+$(PROOT)/include/curl/curlbuild.h:
+	@echo Creating $@
+	@$(CP) $(subst /,\,$@).dist $(subst /,\,$@)
+
--- a/Show More
+++ b/Show More