vms: config-vms.h is removed, no use trying to distribute it

When negotiating SASL DIGEST-MD5 authentication, the function
Curl_sasl_create_digest_md5_message() uses the data provided from the
server without doing the proper length checks and that data is then
appended to a local fixed-size buffer on the stack.

This vulnerability can be exploited by someone who is in control of a
server that a libcurl based program is accessing with POP3, SMTP or
IMAP. For applications that accept user provided URLs, it is also
thinkable that a malicious user would feed an application with a URL to
a server hosting code targetting this flaw.

Bug: http://curl.haxx.se/docs/adv_20130206.html

CMakeLists.txt

@@ -132,22 +132,6 @@ mark_as_advanced(DISABLED_THREADSAFE)
 option(ENABLE_IPV6 "Define if you want to enable IPv6 support" OFF)
 mark_as_advanced(ENABLE_IPV6)
 
-if(WIN32)
-  # Windows standard libraries are located in C:/Program Files/Microsoft SDKs/[...]
-  # They are already included in the default MSVC LIBPATH => no find_library is needed!
-  list_spaces_append_once(CMAKE_C_STANDARD_LIBRARIES wsock32.lib ws2_32.lib)  # bufferoverflowu.lib
-  if(CURL_DISABLE_LDAP)
-    # Remove wldap32.lib from space-separated list
-    string(REPLACE " " ";" _LIST ${CMAKE_C_STANDARD_LIBRARIES})
-    list(REMOVE_ITEM _LIST "wldap32.lib")
-    to_list_spaces(_LIST CMAKE_C_STANDARD_LIBRARIES)
-  else()
-    # Append wldap32.lib
-    list_spaces_append_once(CMAKE_C_STANDARD_LIBRARIES wldap32.lib)
-  endif()
-  set(CMAKE_C_STANDARD_LIBRARIES "${CMAKE_C_STANDARD_LIBRARIES}"   CACHE STRING "" FORCE)
-endif()
-
 
 # We need ansi c-flags, especially on HP
 set(CMAKE_C_FLAGS "${CMAKE_ANSI_CFLAGS} ${CMAKE_C_FLAGS}")
@@ -249,26 +233,28 @@ if(CURL_ZLIB)  # AND CURL_CONFIG_HAS_BEEN_RUN_BEFORE
     set(HAVE_ZLIB_H ON)
     set(HAVE_ZLIB ON)
     set(HAVE_LIBZ ON)
+    list(APPEND CURL_LIBS ${ZLIB_LIBRARIES})
   endif()
 endif()
 
 option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ON)
 mark_as_advanced(CMAKE_USE_OPENSSL)
 if(CMAKE_USE_OPENSSL)
-  if(WIN32)
-    find_package(OpenSSL)
-    if(OPENSSL_FOUND)
-      set(USE_SSLEAY TRUE)
-      set(USE_OPENSSL TRUE)
-      list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES} )
-    else()
-      set(CMAKE_USE_OPENSSL FALSE)
-      message(STATUS "OpenSSL NOT Found, disabling CMAKE_USE_OPENSSL")
-    endif()
-  else(WIN32)
-    check_library_exists_concat("crypto" CRYPTO_lock  HAVE_LIBCRYPTO)
-    check_library_exists_concat("ssl"    SSL_connect  HAVE_LIBSSL)
-  endif(WIN32)
+
+  set(USE_SSLEAY OFF)
+  set(USE_OPENSSL OFF)
+  set(HAVE_LIBCRYPTO OFF)
+  set(HAVE_LIBSSL OFF)
+
+  find_package(OpenSSL)
+  if(OPENSSL_FOUND)
+    list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES})
+    list(APPEND CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
+    set(USE_SSLEAY ON)
+    set(USE_OPENSSL ON)
+    set(HAVE_LIBCRYPTO ON)
+    set(HAVE_LIBSSL ON)
+  endif(OPENSSL_FOUND)
 endif(CMAKE_USE_OPENSSL)
 
 # If we have features.h, then do the _BSD_SOURCE magic
@@ -334,14 +320,17 @@ check_include_file_concat("net/if.h"         HAVE_NET_IF_H)
 check_include_file_concat("netdb.h"          HAVE_NETDB_H)
 check_include_file_concat("netinet/in.h"     HAVE_NETINET_IN_H)
 check_include_file_concat("netinet/tcp.h"    HAVE_NETINET_TCP_H)
-check_include_file_concat("openssl/crypto.h" HAVE_OPENSSL_CRYPTO_H)
-check_include_file_concat("openssl/engine.h" HAVE_OPENSSL_ENGINE_H)
-check_include_file_concat("openssl/err.h"    HAVE_OPENSSL_ERR_H)
-check_include_file_concat("openssl/pem.h"    HAVE_OPENSSL_PEM_H)
-check_include_file_concat("openssl/pkcs12.h" HAVE_OPENSSL_PKCS12_H)
-check_include_file_concat("openssl/rsa.h"    HAVE_OPENSSL_RSA_H)
-check_include_file_concat("openssl/ssl.h"    HAVE_OPENSSL_SSL_H)
-check_include_file_concat("openssl/x509.h"   HAVE_OPENSSL_X509_H)
+if(CMAKE_USE_OPENSSL AND OPENSSL_FOUND)
+  check_include_file_concat("openssl/crypto.h" HAVE_OPENSSL_CRYPTO_H)
+  check_include_file_concat("openssl/engine.h" HAVE_OPENSSL_ENGINE_H)
+  check_include_file_concat("openssl/err.h"    HAVE_OPENSSL_ERR_H)
+  check_include_file_concat("openssl/pem.h"    HAVE_OPENSSL_PEM_H)
+  check_include_file_concat("openssl/pkcs12.h" HAVE_OPENSSL_PKCS12_H)
+  check_include_file_concat("openssl/rsa.h"    HAVE_OPENSSL_RSA_H)
+  check_include_file_concat("openssl/ssl.h"    HAVE_OPENSSL_SSL_H)
+  check_include_file_concat("openssl/x509.h"   HAVE_OPENSSL_X509_H)
+  check_include_file_concat("openssl/rand.h"   HAVE_OPENSSL_RAND_H)
+endif(CMAKE_USE_OPENSSL AND OPENSSL_FOUND)
 check_include_file_concat("pem.h"            HAVE_PEM_H)
 check_include_file_concat("poll.h"           HAVE_POLL_H)
 check_include_file_concat("pwd.h"            HAVE_PWD_H)
@@ -377,10 +366,6 @@ check_include_file_concat("sockio.h"        HAVE_SOCKIO_H)
 check_include_file_concat("sys/utsname.h"   HAVE_SYS_UTSNAME_H)
 check_include_file_concat("idna.h"          HAVE_IDNA_H)
 
-if(CMAKE_USE_OPENSSL)
-  check_include_file_concat("openssl/rand.h"   HAVE_OPENSSL_RAND_H)
-endif(CMAKE_USE_OPENSSL)
-
 if(NOT HAVE_LDAP_H)
   message(STATUS "LDAP_H not found CURL_DISABLE_LDAP set ON")
   set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE)
@@ -816,9 +801,6 @@ endif(MSVC)
 function(SETUP_CURL_DEPENDENCIES TARGET_NAME)
   if(CURL_ZLIB AND ZLIB_FOUND)
     include_directories(${ZLIB_INCLUDE_DIR})
-  endif()
-  if(CURL_ZLIB AND ZLIB_FOUND)
-    target_link_libraries(${TARGET_NAME} ${ZLIB_LIBRARIES})
     #ADD_DEFINITIONS( -DHAVE_ZLIB_H -DHAVE_ZLIB -DHAVE_LIBZ )
   endif()
 
@@ -826,9 +808,10 @@ function(SETUP_CURL_DEPENDENCIES TARGET_NAME)
     include_directories(${OPENSSL_INCLUDE_DIR})
   endif()
   if(CMAKE_USE_OPENSSL AND CURL_CONFIG_HAS_BEEN_RUN_BEFORE)
-    target_link_libraries(${TARGET_NAME} ${OPENSSL_LIBRARIES})
     #ADD_DEFINITIONS( -DUSE_SSLEAY )
   endif()
+
+  target_link_libraries(${TARGET_NAME} ${CURL_LIBS})
 endfunction()
 
 # Ugly (but functional) way to include "Makefile.inc" by transforming it (= regenerate it).
@@ -869,3 +852,13 @@ install(DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}/include/curl"
     DESTINATION include
     FILES_MATCHING PATTERN "*.h"
     PATTERN "curlbuild.h" EXCLUDE)
+
+
+# Workaround for MSVS10 to avoid the Dialog Hell
+# FIXME: This could be removed with future version of CMake.
+if(MSVC_VERSION EQUAL 1600)
+  set(CURL_SLN_FILENAME "${CMAKE_CURRENT_BINARY_DIR}/CURL.sln")
+  if(EXISTS "${CURL_SLN_FILENAME}")
+    file(APPEND "${CURL_SLN_FILENAME}" "\n# This should be regenerated!\n")
+  endif()
+endif()

COPYING

@@ -1,6 +1,6 @@
 COPYRIGHT AND PERMISSION NOTICE
 
-Copyright (c) 1996 - 2012, Daniel Stenberg, <daniel@haxx.se>.
+Copyright (c) 1996 - 2013, Daniel Stenberg, <daniel@haxx.se>.
 
 All rights reserved.
 

GIT-INFO

@@ -48,9 +48,9 @@ installed:
  o nroff + perl
 
    If you don't have nroff and perl and you for some reason don't want to
-   install them, you can rename the source file src/hugehelp.c.cvs to
-   src/hugehelp.c and avoid having to generate this file. This will give you
-   a stubbed version of the file that doesn't contain actual content.
+   install them, you can rename the source file src/tool_hugehelp.c.cvs to
+   src/tool_hugehelp.c and avoid having to generate this file. This will
+   give you a stubbed version of the file that doesn't contain actual content.
 
 MAC OS X
 

Makefile.am

@@ -81,6 +81,9 @@ test-full:
 test-torture:
 	@(cd tests; $(MAKE) all torture-test)
 
+test-am:
+	@(cd tests; $(MAKE) all am-test)
+
 endif
 
 examples:

RELEASE-NOTES

@@ -1,51 +1,66 @@
-Curl and libcurl 7.28.1
+Curl and libcurl 7.29.0
 
- Public curl releases:         130
+ Public curl releases:         131
  Command line options:         152
  curl_easy_setopt() options:   199
  Public functions in libcurl:  58
  Known libcurl bindings:       39
- Contributors:                 979
+ Contributors:                 993
+
+This release includes the following securify fix:
+
+ o POP3/IMAP/SMTP SASL buffer overflow vulnerability [17]
 
 This release includes the following changes:
 
- o metalink/md5: Use CommonCrypto on Apple operating systems
- o href_extractor: new example code extracting href elements
- o NSS can be used for metalink hashing [13]
+ o test: offer "automake" output and check for perl better
+ o always-multi: always use non-blocking internals [1]
+ o imap: Added support for sasl digest-md5 authentication
+ o imap: Added support for sasl cram-md5 authentication
+ o imap: Added support for sasl ntlm authentication
+ o imap: Added support for sasl login authentication
+ o imap: Added support for sasl plain text authentication
+ o imap: Added support for login disabled server capability
+ o mk-ca-bundle: add -f, support passing to stdout and more [5]
+ o writeout: -w now supports remote_ip/port and local_ip/port
 
 This release includes the following bugfixes:
 
- o Fix broken libmetalink-aware OpenSSL build
- o gnutls: fix the error is fatal logic [1]
- o darwinssl: un-broke iOS build, fix error on server disconnect
- o asyn-ares: restore functionality with c-ares < 1.6.1 [2]
- o tlsauthtype: deal with the string case insensitively [3]
- o Fixed MSVC libssh2 static build
- o evhiperfifo: fix the pointer passed to WRITEDATA [6]
- o BUGS: fix the bug tracker URL [4]
- o winbuild: Use machine type of development environment
- o FTP: prevent the multi interface from blocking [5]
- o uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES
- o httpcustomheader.c: free the headers after use
- o fix >2000 bytes POST over NTLM-using proxy [7]
- o redirects to URLs with fragments [8]
- o don't send '#' fragments when using proxy [9]
- o OpenSSL: show full issuer string [10]
- o fix HTTP auth regression [11]
- o CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value [12]
- o ftp: EPSV-disable fix over SOCKS [14]
- o Digest: Add microseconds into nounce calculation [15]
- o SCP/SFTP: improve error code used for send failures
- o SSL: Several SSL-backend related fixes
- o removed the notorious "additional stuff not fine" debug output
- o OpenSSL: Disable SSL/TLS compression - avoid the "CRIME" attack
- o FILE: Make upload-writes unbuffered
- o custom memory callbacks failure with HTTP proxy (and more) [16]
- o TFTP: handle resends
- o autoconf: don't force-disable compiler debug option
- o winbuild: Fix PDB file output [17]
- o test2032: spurious failure caused by premature termination [18]
- o memory leak: CURLOPT_RESOLVE with multi interface [19]
+ o nss: prevent NSS from crashing on client auth hook failure
+ o darwinssl: Fixed inability to disable peer verification on Snow Leopard
+   and Lion
+ o curl_multi_remove_handle: fix memory leak triggered with CURLOPT_RESOLVE
+ o SCP: relative path didn't work as documented [7]
+ o setup_once.h: HP-UX <sys/socket.h> issue workaround
+ o configure: fix cross pkg-config detection
+ o runtests: Do not add undefined values to @INC
+ o build: fix compilation with CURL_DISABLE_CRYPTO_AUTH flag
+ o multi: fix re-sending request on early connection close
+ o HTTP: remove stray CRLF in chunk-encoded content-free request bodies
+ o build: fix AIX compilation and usage of events/revents
+ o VC Makefiles: add missing hostcheck
+ o nss: clear session cache if a client certificate from file is used
+ o nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE
+ o fix HTTP CONNECT tunnel establishment upon delayed response [2]
+ o --libcurl: fix for non-zero default options
+ o FTP: reject illegal port numbers in EPSV 229 responses
+ o build: use per-target '_CPPFLAGS' for those currently using default
+ o configure: fix automake 1.13 compatibility [6]
+ o curl: ignore SIGPIPE [4]
+ o pop3: Added support for non-blocking SSL upgrade
+ o pop3: Fixed default authentication detection
+ o imap: Fixed usernames and passwords that contain escape characters
+ o packages/DOS/common.dj: remove COFF debug info generation [3]
+ o imap/pop3/smtp: Fixed failure detection during TLS upgrade [8]
+ o pop3: Fixed no known authentication mechanism when fallback is required [9]
+ o formadd: reject trying to read a directory where a file is expected [10]
+ o formpost: support quotes, commas and semicolon in file names [11]
+ o docs: update the comments about loading CA certs with NSS [12]
+ o docs: fix typos in man pages [13]
+ o darwinssl: Fix bug where packets were sometimes transmitted twice [14]
+ o winbuild: include version info for .dll .exe [15]
+ o schannel: Removed extended error connection setup flag [16]
+ o VMS: fix and generate the VMS build config
 
 This release includes the following known bugs:
 
@@ -54,34 +69,32 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
- Guenter Knauf, Alessandro Ghedini, Nick Zitzmann, Michal Kowalczyk,
- Jeff Connelly, Oscar Norlander, Guido Berhoerster, Marc Hoersken,
- Dave Reisner, Jan Ehrhardt, John Suprock, Alessandro Ghedini,
- Lars Buitinck, Anton Malov, Sergei Nikulov, Patrick Monnerat,
- Gabriel Sjoberg, Oscar Koeroo, Fabian Keil, Johnny Luong, Cristian Rodríguez,
- Sebastian Rasmussen, Mark Snelling, Christian Vogt, Marcin Adamski,
- Ajit Dhumale, Alex Gruz
+ Nick Zitzmann, Colin Watson, Fabian Keil, Kamil Dudka, Lijo Antony,
+ Linus Nielsen Feltzing, Marc Hoersken, Stanislav Ivochkin, Steve Holme,
+ Yang Tse, Balaji Parasuram, Dan Fandrich, Bob Relyea, Gisle Vanem,
+ Yves Arrouye, Kai Engert, Lluís Batlle i Rossell, Jirí Hruka,
+ John E. Malmberg, Tor Arntsen, Matt Arsenault, Sergei Nikulov,
+ Guenter Knauf, Craig Davison, Ulrich Doehner, Jiri Jaburek, Bruno de Carvalho,
+ Eldar Zaitov
 
         Thanks! (and sorry if I forgot to mention someone)
 
 References to bug reports and discussions on issues:
 
- [1] = http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690551
- [2] = http://curl.haxx.se/bug/view.cgi?id=3577710
- [3] = http://curl.haxx.se/bug/view.cgi?id=3578418
- [4] = http://curl.haxx.se/bug/view.cgi?id=3582408
- [5] = http://curl.haxx.se/bug/view.cgi?id=3579064
- [6] = http://curl.haxx.se/bug/view.cgi?id=3582407
- [7] = http://curl.haxx.se/bug/view.cgi?id=3582321
- [8] = http://curl.haxx.se/bug/view.cgi?id=3581898
- [9] = http://curl.haxx.se/bug/view.cgi?id=3579813
- [10] = http://curl.haxx.se/bug/view.cgi?id=3579286
- [11] = http://curl.haxx.se/bug/view.cgi?id=3582718
- [12] = http://daniel.haxx.se/blog/2012/10/25/libcurl-claimed-to-be-dangerous/
- [13] = http://curl.haxx.se/bug/view.cgi?id=3578163
- [14] = http://curl.haxx.se/bug/view.cgi?id=3586338
- [15] = https://github.com/bagder/curl/pull/50
- [16] = http://curl.haxx.se/mail/lib-2012-11/0125.html
- [17] = http://curl.haxx.se/bug/view.cgi?id=3586741
- [18] = http://curl.haxx.se/mail/lib-2012-11/0095.html
- [19] = http://curl.haxx.se/bug/view.cgi?id=3575448
+ [1] = http://daniel.haxx.se/blog/2013/01/17/internally-were-all-multi-now/
+ [2] = http://curl.haxx.se/mail/lib-2013-01/0191.html
+ [3] = http://curl.haxx.se/mail/lib-2013-01/0130.html
+ [4] = http://curl.haxx.se/bug/view.cgi?id=1180
+ [5] = http://curl.haxx.se/mail/lib-2013-01/0045.html
+ [6] = http://curl.haxx.se/mail/lib-2012-12/0246.html
+ [7] = http://curl.haxx.se/bug/view.cgi?id=1173
+ [8] = http://curl.haxx.se/mail/lib-2013-01/0250.html
+ [9] = http://curl.haxx.se/mail/lib-2013-02/0004.html
+ [10] = http://curl.haxx.se/mail/archive-2013-01/0017.html
+ [11] = http://curl.haxx.se/bug/view.cgi?id=1171
+ [12] = https://bugzilla.redhat.com/696783
+ [13] = https://bugzilla.redhat.com/896544
+ [14] = http://curl.haxx.se/mail/lib-2013-01/0295.html
+ [15] = http://curl.haxx.se/bug/view.cgi?id=1186
+ [16] = http://curl.haxx.se/bug/view.cgi?id=1187
+ [17] = http://curl.haxx.se/docs/adv_20130206.html

acinclude.m4

@@ -130,7 +130,7 @@ int main (void)
     ]])
   ],[
     tst_lib_xnet_required="yes"
-    LIBS="$LIBS -lxnet"
+    LIBS="-lxnet $LIBS"
   ])
   AC_MSG_RESULT([$tst_lib_xnet_required])
 ])
@@ -150,6 +150,7 @@ AC_DEFUN([CURL_CHECK_AIX_ALL_SOURCE], [
 #endif])
   AC_BEFORE([$0], [AC_SYS_LARGEFILE])dnl
   AC_BEFORE([$0], [CURL_CONFIGURE_REENTRANT])dnl
+  AC_BEFORE([$0], [CURL_CONFIGURE_PULL_SYS_POLL])dnl
   AC_MSG_CHECKING([if OS is AIX (to define _ALL_SOURCE)])
   AC_EGREP_CPP([yes_this_is_aix],[
 #ifdef _AIX
@@ -2153,7 +2154,6 @@ AC_DEFUN([CURL_CHECK_LIBS_CLOCK_GETTIME_MONOTONIC], [
         else
           LIBS="$curl_cv_gclk_LIBS $curl_cv_save_LIBS"
         fi
-        CURL_LIBS="$CURL_LIBS $curl_cv_gclk_LIBS"
         AC_MSG_RESULT([$curl_cv_gclk_LIBS])
         ac_cv_func_clock_gettime="yes"
         ;;
@@ -2310,6 +2310,8 @@ AC_DEFUN([CURL_CONFIGURE_CURL_SOCKLEN_T], [
   AC_REQUIRE([CURL_INCLUDES_SYS_SOCKET])dnl
   AC_REQUIRE([CURL_PREPROCESS_CALLCONV])dnl
   #
+  AC_BEFORE([$0], [CURL_CONFIGURE_PULL_SYS_POLL])dnl
+  #
   AC_MSG_CHECKING([for curl_socklen_t data type])
   curl_typeof_curl_socklen_t="unknown"
   for arg1 in int SOCKET; do
@@ -2418,6 +2420,45 @@ AC_DEFUN([CURL_CONFIGURE_CURL_SOCKLEN_T], [
 ])
 
 
+dnl CURL_CONFIGURE_PULL_SYS_POLL
+dnl -------------------------------------------------
+dnl Find out if system header file sys/poll.h must be included by the
+dnl external interface, making appropriate definitions for template file
+dnl include/curl/curlbuild.h.in to properly configure and use the library.
+dnl
+dnl The need for the sys/poll.h inclusion arises mainly to properly
+dnl interface AIX systems which define macros 'events' and 'revents'.
+
+AC_DEFUN([CURL_CONFIGURE_PULL_SYS_POLL], [
+  AC_REQUIRE([CURL_INCLUDES_POLL])dnl
+  #
+  tst_poll_events_macro_defined="unknown"
+  #
+  AC_COMPILE_IFELSE([
+    AC_LANG_PROGRAM([[
+      $curl_includes_poll
+    ]],[[
+#if defined(events) || defined(revents)
+      return 0;
+#else
+      force compilation error
+#endif
+    ]])
+  ],[
+    tst_poll_events_macro_defined="yes"
+  ],[
+    tst_poll_events_macro_defined="no"
+  ])
+  #
+  if test "$tst_poll_events_macro_defined" = "yes"; then
+    if test "x$ac_cv_header_sys_poll_h" = "xyes"; then
+      CURL_DEFINE_UNQUOTED([CURL_PULL_SYS_POLL_H])
+    fi
+  fi
+  #
+])
+
+
 dnl CURL_CHECK_FUNC_SELECT
 dnl -------------------------------------------------
 dnl Test if the socket select() function is available,
@@ -3215,8 +3256,8 @@ AC_DEFUN([CURL_EXPORT_PCDIR], [
 
 dnl CURL_CHECK_PKGCONFIG ($module, [$pcdir])
 dnl ------------------------
-dnl search for the pkg-config tool (if not cross-compiling). Set the PKGCONFIG
-dnl variable to hold the path to it, or 'no' if not found/present.
+dnl search for the pkg-config tool. Set the PKGCONFIG variable to hold the
+dnl path to it, or 'no' if not found/present.
 dnl
 dnl If pkg-config is present, check that it has info about the $module or
 dnl return "no" anyway!
@@ -3228,15 +3269,7 @@ AC_DEFUN([CURL_CHECK_PKGCONFIG], [
 
     PKGCONFIG="no"
 
-    if test x$cross_compiling = xyes; then
-      dnl see if there's a pkg-specific for this host setup
-      AC_PATH_PROG( PKGCONFIG, ${host}-pkg-config, no,
-                    $PATH:/usr/bin:/usr/local/bin)
-    fi
-
-    if test x$PKGCONFIG = xno; then
-      AC_PATH_PROG( PKGCONFIG, pkg-config, no, $PATH:/usr/bin:/usr/local/bin)
-    fi
+    AC_PATH_TOOL( PKGCONFIG, pkg-config, no, $PATH:/usr/bin:/usr/local/bin)
 
     if test x$PKGCONFIG != xno; then
       AC_MSG_CHECKING([for $1 options with pkg-config])

buildconf.bat

@@ -12,9 +12,9 @@ ECHO ERROR: This file shall only be used with a curl git tree checkout.
 goto end_all
 :start_doing
 
-REM create hugehelp.c
-if not exist src\hugehelp.c.cvs goto end_hugehelp_c
-copy /Y src\hugehelp.c.cvs src\hugehelp.c
+REM create tool_hugehelp.c
+if not exist src\tool_hugehelp.c.cvs goto end_hugehelp_c
+copy /Y src\tool_hugehelp.c.cvs src\tool_hugehelp.c
 :end_hugehelp_c
 
 REM create Makefile

configure.ac

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -27,15 +27,16 @@ dnl We don't know the version number "statically" so we use a dash here
 AC_INIT([curl], [-], [a suitable curl mailing list: http://curl.haxx.se/mail/])
 
 XC_OVR_ZZ50
+XC_OVR_ZZ60
 CURL_OVERRIDE_AUTOCONF
 
 dnl configure script copyright
-AC_COPYRIGHT([Copyright (c) 1998 - 2012 Daniel Stenberg, <daniel@haxx.se>
+AC_COPYRIGHT([Copyright (c) 1998 - 2013 Daniel Stenberg, <daniel@haxx.se>
 This configure script may be copied, distributed and modified under the
 terms of the curl license; see COPYING for more details])
 
 AC_CONFIG_SRCDIR([lib/urldata.h])
-AM_CONFIG_HEADER(lib/curl_config.h include/curl/curlbuild.h)
+AC_CONFIG_HEADERS(lib/curl_config.h include/curl/curlbuild.h)
 AC_CONFIG_MACRO_DIR([m4])
 AM_MAINTAINER_MODE
 
@@ -47,7 +48,7 @@ CURL_CHECK_OPTION_CURLDEBUG
 CURL_CHECK_OPTION_SYMBOL_HIDING
 CURL_CHECK_OPTION_ARES
 
-CURL_CHECK_PATH_SEPARATOR_REQUIRED
+XC_CHECK_PATH_SEPARATOR
 
 #
 # save the configure arguments
@@ -124,6 +125,7 @@ fi
 
 dnl figure out the libcurl version
 CURLVERSION=`$SED -ne 's/^#define LIBCURL_VERSION "\(.*\)"/\1/p' ${srcdir}/include/curl/curlver.h`
+XC_CHECK_PROG_CC
 AM_INIT_AUTOMAKE
 AC_MSG_CHECKING([curl version])
 AC_MSG_RESULT($CURLVERSION)
@@ -145,7 +147,7 @@ AC_SUBST(PKGADD_VENDOR)
 
 dnl
 dnl initialize all the info variables
-    curl_ssl_msg="no      (--with-{ssl,gnutls,nss,polarssl,cyassl,axtls,winssl} )"
+    curl_ssl_msg="no      (--with-{ssl,gnutls,nss,polarssl,cyassl,axtls,winssl,darwinssl} )"
     curl_ssh_msg="no      (--with-libssh2)"
    curl_zlib_msg="no      (--with-zlib)"
    curl_krb4_msg="no      (--with-krb4*)"
@@ -168,9 +170,10 @@ curl_verbose_msg="enabled (--disable-verbose)"
     init_ssl_msg=${curl_ssl_msg}
 
 dnl
-dnl Save anything in $LIBS for later
+dnl Save some initial values the user might have provided
 dnl
-ALL_LIBS=$LIBS
+INITIAL_LDFLAGS=$LDFLAGS
+INITIAL_LIBS=$LIBS
 
 dnl
 dnl Detect the canonical host and target build environment
@@ -181,7 +184,6 @@ dnl Get system canonical name
 AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-machine-OS])
 
 dnl Checks for programs.
-CURL_CHECK_PROG_CC
 
 dnl Our curl_off_t internal and external configure settings
 CURL_CONFIGURE_CURL_OFF_T
@@ -273,6 +275,7 @@ else
     REQUIRE_LIB_DEPS=yes
 fi
 AC_SUBST(REQUIRE_LIB_DEPS)
+AM_CONDITIONAL(USE_EXPLICIT_LIB_DEPS, test x$REQUIRE_LIB_DEPS = xyes)
 
 dnl The install stuff has already been taken care of by the automake stuff
 dnl AC_PROG_INSTALL
@@ -305,6 +308,7 @@ fi
 
 CURL_CHECK_COMPILER_HALT_ON_ERROR
 CURL_CHECK_COMPILER_ARRAY_SIZE_NEGATIVE
+CURL_CHECK_COMPILER_PROTOTYPE_MISMATCH
 CURL_CHECK_COMPILER_SYMBOL_HIDING
 
 CURL_CHECK_NO_UNDEFINED
@@ -681,6 +685,20 @@ dnl **********************************************************************
 dnl Checks for libraries.
 dnl **********************************************************************
 
+AC_MSG_CHECKING([whether to use libgcc])
+AC_ARG_ENABLE(libgcc,
+AC_HELP_STRING([--enable-libgcc],[use libgcc when linking]),
+[ case "$enableval" in
+  yes)
+       LIBS="-lgcc $LIBS"
+       AC_MSG_RESULT(yes)
+       ;;
+  *)   AC_MSG_RESULT(no)
+       ;;
+  esac ],
+       AC_MSG_RESULT(no)
+)
+
 CURL_CHECK_LIB_XNET
 
 dnl gethostbyname without lib or in the nsl lib?
@@ -689,7 +707,7 @@ AC_CHECK_FUNC(gethostbyname,
               ],
               [ AC_CHECK_LIB(nsl, gethostbyname,
                              [HAVE_GETHOSTBYNAME="1"
-                             LIBS="$LIBS -lnsl"
+                             LIBS="-lnsl $LIBS"
                              ])
               ])
 
@@ -698,7 +716,7 @@ then
   dnl gethostbyname in the socket lib?
   AC_CHECK_LIB(socket, gethostbyname,
                [HAVE_GETHOSTBYNAME="1"
-               LIBS="$LIBS -lsocket"
+               LIBS="-lsocket $LIBS"
                ])
 fi
 
@@ -709,7 +727,7 @@ then
                [HAVE_GETHOSTBYNAME="1"
                CPPFLAGS="-I/dev/env/WATT_ROOT/inc"
                LDFLAGS="-L/dev/env/WATT_ROOT/lib"
-               LIBS="$LIBS -lwatt"
+               LIBS="-lwatt $LIBS"
                ])
 fi
 
@@ -828,7 +846,7 @@ then
   dnl gethostbyname in the network lib - for Haiku OS
   AC_CHECK_LIB(network, gethostbyname,
                [HAVE_GETHOSTBYNAME="1"
-               LIBS="$LIBS -lnetwork"
+               LIBS="-lnetwork $LIBS"
                ])
 fi
 
@@ -837,7 +855,7 @@ then
   dnl gethostbyname in the net lib - for BeOS
   AC_CHECK_LIB(net, gethostbyname,
                [HAVE_GETHOSTBYNAME="1"
-               LIBS="$LIBS -lnet"
+               LIBS="-lnet $LIBS"
                ])
 fi
 
@@ -869,25 +887,108 @@ CURL_CHECK_LIBS_CLOCK_GETTIME_MONOTONIC
 
 dnl **********************************************************************
 dnl The preceding library checks are all potentially useful for test
-dnl servers (for providing networking support).  Save the list of required
-dnl libraries at this point for use while linking those test servers.
+dnl servers and libtest cases which require networking and clock_gettime
+dnl support.  Save the list of required libraries at this point for use
+dnl while linking those test servers and programs.
 dnl **********************************************************************
-TEST_SERVER_LIBS=$LIBS
+CURL_NETWORK_AND_TIME_LIBS=$LIBS
 
 dnl **********************************************************************
-AC_MSG_CHECKING([whether to use libgcc])
-AC_ARG_ENABLE(libgcc,
-AC_HELP_STRING([--enable-libgcc],[use libgcc when linking]),
-[ case "$enableval" in
-  yes)
-        ALL_LIBS="$ALL_LIBS -lgcc"
-       AC_MSG_RESULT(yes)
-       ;;
-  *)   AC_MSG_RESULT(no)
-       ;;
-  esac ],
-       AC_MSG_RESULT(no)
-)
+dnl Check for the presence of ZLIB libraries and headers
+dnl **********************************************************************
+
+dnl Check for & handle argument to --with-zlib.
+
+clean_CPPFLAGS=$CPPFLAGS
+clean_LDFLAGS=$LDFLAGS
+clean_LIBS=$LIBS
+ZLIB_LIBS=""
+AC_ARG_WITH(zlib,
+AC_HELP_STRING([--with-zlib=PATH],[search for zlib in PATH])
+AC_HELP_STRING([--without-zlib],[disable use of zlib]),
+               [OPT_ZLIB="$withval"])
+
+if test "$OPT_ZLIB" = "no" ; then
+    AC_MSG_WARN([zlib disabled])
+else
+  if test "$OPT_ZLIB" = "yes" ; then
+    OPT_ZLIB=""
+  fi
+
+  if test -z "$OPT_ZLIB" ; then
+    dnl check for the lib first without setting any new path, since many
+    dnl people have it in the default path
+
+    AC_CHECK_LIB(z, inflateEnd,
+                   dnl libz found, set the variable
+                   [HAVE_LIBZ="1"
+                    LIBS="-lz $LIBS"],
+                   dnl if no lib found, try /usr/local
+                   [OPT_ZLIB="/usr/local"])
+
+  fi
+
+  dnl Add a nonempty path to the compiler flags
+  if test -n "$OPT_ZLIB"; then
+     CPPFLAGS="$CPPFLAGS -I$OPT_ZLIB/include"
+     LDFLAGS="$LDFLAGS -L$OPT_ZLIB/lib$libsuff"
+  fi
+
+  AC_CHECK_HEADER(zlib.h,
+    [
+    dnl zlib.h was found
+    HAVE_ZLIB_H="1"
+    dnl if the lib wasn't found already, try again with the new paths
+    if test "$HAVE_LIBZ" != "1"; then
+      AC_CHECK_LIB(z, gzread,
+                   [
+                   dnl the lib was found!
+                   HAVE_LIBZ="1"
+                   LIBS="-lz $LIBS"
+                   ],
+                   [ CPPFLAGS=$clean_CPPFLAGS
+                   LDFLAGS=$clean_LDFLAGS])
+    fi
+    ],
+    [
+      dnl zlib.h was not found, restore the flags
+      CPPFLAGS=$clean_CPPFLAGS
+      LDFLAGS=$clean_LDFLAGS]
+    )
+
+  if test "$HAVE_LIBZ" = "1" && test "$HAVE_ZLIB_H" != "1"
+  then
+    AC_MSG_WARN([configure found only the libz lib, not the header file!])
+    HAVE_LIBZ=""
+    CPPFLAGS=$clean_CPPFLAGS
+    LDFLAGS=$clean_LDFLAGS
+    LIBS=$clean_LIBS
+  elif test "$HAVE_LIBZ" != "1" && test "$HAVE_ZLIB_H" = "1"
+  then
+    AC_MSG_WARN([configure found only the libz header file, not the lib!])
+    CPPFLAGS=$clean_CPPFLAGS
+    LDFLAGS=$clean_LDFLAGS
+    LIBS=$clean_LIBS
+  elif test "$HAVE_LIBZ" = "1" && test "$HAVE_ZLIB_H" = "1"
+  then
+    dnl both header and lib were found!
+    AC_SUBST(HAVE_LIBZ)
+    AC_DEFINE(HAVE_ZLIB_H, 1, [if you have the zlib.h header file])
+    AC_DEFINE(HAVE_LIBZ, 1, [if zlib is available])
+
+    ZLIB_LIBS="-lz"
+    LIBS="-lz $clean_LIBS"
+
+    dnl replace 'HAVE_LIBZ' in the automake makefile.ams
+    AMFIXLIB="1"
+    AC_MSG_NOTICE([found both libz and libz.h header])
+    curl_zlib_msg="enabled"
+  fi
+fi
+
+dnl set variable for use in automakefile(s)
+AM_CONDITIONAL(HAVE_LIBZ, test x"$AMFIXLIB" = x1)
+AC_SUBST(ZLIB_LIBS)
 
 dnl **********************************************************************
 dnl Check for LDAP
@@ -1313,29 +1414,29 @@ if test x"$want_gss" = xyes; then
   if test -n "$gnu_gss"; then
     curl_gss_msg="enabled (GNU GSS)"
     LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
-    LIBS="$LIBS -lgss"
+    LIBS="-lgss $LIBS"
   elif test -z "$GSSAPI_LIB_DIR"; then
      case $host in
      *-*-darwin*)
-        LIBS="$LIBS -lgssapi_krb5 -lresolv"
+        LIBS="-lgssapi_krb5 -lresolv $LIBS"
         ;;
      *)
         if test -f "$GSSAPI_ROOT/bin/krb5-config"; then
            dnl krb5-config doesn't have --libs-only-L or similar, put everything
            dnl into LIBS
            gss_libs=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
-           LIBS="$LIBS $gss_libs"
+           LIBS="$gss_libs $LIBS"
         elif test "$GSSAPI_ROOT" != "yes"; then
            LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff"
-           LIBS="$LIBS -lgssapi"
+           LIBS="-lgssapi $LIBS"
         else
-           LIBS="$LIBS -lgssapi"
+           LIBS="-lgssapi $LIBS"
         fi
         ;;
      esac
   else
      LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
-     LIBS="$LIBS -lgssapi"
+     LIBS="-lgssapi $LIBS"
   fi
 else
   CPPFLAGS="$save_CPPFLAGS"
@@ -1482,7 +1583,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
       dnl the argument to --with-ssl we don't know what
       dnl additional libs may be necessary.  Hope that we
       dnl don't need any.
-      LIBS="$LIBS $SSL_LIBS"
+      LIBS="$SSL_LIBS $LIBS"
     fi
   fi
 
@@ -1534,7 +1635,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
         dnl we didn't find the SSL lib, try the RSAglue/rsaref stuff
         AC_MSG_CHECKING(for ssl with RSAglue/rsaref libs in use);
         OLIBS=$LIBS
-        LIBS="$LIBS -lRSAglue -lrsaref"
+        LIBS="-lRSAglue -lrsaref $LIBS"
         AC_CHECK_LIB(ssl, SSL_connect)
         if test "$ac_cv_lib_ssl_SSL_connect" != yes; then
             dnl still no SSL_connect
@@ -1649,92 +1750,6 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
 
 fi
 
-dnl **********************************************************************
-dnl Check for the presence of ZLIB libraries and headers
-dnl **********************************************************************
-
-dnl Check for & handle argument to --with-zlib.
-
-_cppflags=$CPPFLAGS
-_ldflags=$LDFLAGS
-AC_ARG_WITH(zlib,
-AC_HELP_STRING([--with-zlib=PATH],[search for zlib in PATH])
-AC_HELP_STRING([--without-zlib],[disable use of zlib]),
-               [OPT_ZLIB="$withval"])
-
-if test "$OPT_ZLIB" = "no" ; then
-    AC_MSG_WARN([zlib disabled])
-else
-  if test "$OPT_ZLIB" = "yes" ; then
-     OPT_ZLIB=""
-  fi
-
-  if test -z "$OPT_ZLIB" ; then
-    dnl check for the lib first without setting any new path, since many
-    dnl people have it in the default path
-
-    AC_CHECK_LIB(z, inflateEnd,
-                   dnl libz found, set the variable
-                   [HAVE_LIBZ="1"],
-                   dnl if no lib found, try /usr/local
-                   [OPT_ZLIB="/usr/local"])
-
-  fi
-
-  dnl Add a nonempty path to the compiler flags
-  if test -n "$OPT_ZLIB"; then
-     CPPFLAGS="$CPPFLAGS -I$OPT_ZLIB/include"
-     LDFLAGS="$LDFLAGS -L$OPT_ZLIB/lib$libsuff"
-  fi
-
-  AC_CHECK_HEADER(zlib.h,
-    [
-    dnl zlib.h was found
-    HAVE_ZLIB_H="1"
-    dnl if the lib wasn't found already, try again with the new paths
-    if test "$HAVE_LIBZ" != "1"; then
-      AC_CHECK_LIB(z, gzread,
-                   [
-                   dnl the lib was found!
-                   HAVE_LIBZ="1"
-                   ],
-                   [ CPPFLAGS=$_cppflags
-                   LDFLAGS=$_ldflags])
-    fi
-    ],
-    [
-      dnl zlib.h was not found, restore the flags
-      CPPFLAGS=$_cppflags
-      LDFLAGS=$_ldflags]
-    )
-
-  if test "$HAVE_LIBZ" = "1" && test "$HAVE_ZLIB_H" != "1"
-  then
-    AC_MSG_WARN([configure found only the libz lib, not the header file!])
-    HAVE_LIBZ=""
-  elif test "$HAVE_LIBZ" != "1" && test "$HAVE_ZLIB_H" = "1"
-  then
-    AC_MSG_WARN([configure found only the libz header file, not the lib!])
-  elif test "$HAVE_LIBZ" = "1" && test "$HAVE_ZLIB_H" = "1"
-  then
-    dnl both header and lib were found!
-    AC_SUBST(HAVE_LIBZ)
-    AC_DEFINE(HAVE_ZLIB_H, 1, [if you have the zlib.h header file])
-    AC_DEFINE(HAVE_LIBZ, 1, [if zlib is available])
-
-    CURL_LIBS="$CURL_LIBS -lz"
-    LIBS="$LIBS -lz"
-
-    dnl replace 'HAVE_LIBZ' in the automake makefile.ams
-    AMFIXLIB="1"
-    AC_MSG_NOTICE([found both libz and libz.h header])
-    curl_zlib_msg="enabled"
-  fi
-fi
-
-dnl set variable for use in automakefile(s)
-AM_CONDITIONAL(HAVE_LIBZ, test x"$AMFIXLIB" = x1)
-
 dnl **********************************************************************
 dnl Check for the random seed preferences
 dnl **********************************************************************
@@ -1799,6 +1814,11 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
   if test X"$OPT_GNUTLS" != Xno; then
 
     addld=""
+    addlib=""
+    gtlslib=""
+    version=""
+    addcflags=""
+
     if test "x$OPT_GNUTLS" = "xyes"; then
       dnl this is with no partiular path given
       CURL_CHECK_PKGCONFIG(gnutls)
@@ -1849,9 +1869,9 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
 
       CLEANLIBS="$LIBS"
       CLEANCPPFLAGS="$CPPFLAGS"
-      CLEADLDFLAGS="$LDFLAGS"
+      CLEANLDFLAGS="$LDFLAGS"
 
-      LIBS="$LIBS $addlib"
+      LIBS="$addlib $LIBS"
       LDFLAGS="$LDFLAGS $addld"
       if test "$addcflags" != "-I/usr/include"; then
          CPPFLAGS="$CPPFLAGS $addcflags"
@@ -1916,9 +1936,9 @@ if test "$GNUTLS_ENABLED" = "1"; then
   if test "$USE_GNUTLS_NETTLE" = "1"; then
     AC_DEFINE(USE_GNUTLS_NETTLE, 1, [if GnuTLS uses nettle as crypto backend])
     AC_SUBST(USE_GNUTLS_NETTLE, [1])
-    LIBS="$LIBS -lnettle"
+    LIBS="-lnettle $LIBS"
   else
-    LIBS="$LIBS -lgcrypt"
+    LIBS="-lgcrypt $LIBS"
   fi
 fi
 
@@ -1969,6 +1989,11 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
         ])
     fi
 
+    addld=""
+    addlib=""
+    addcflags=""
+    polarssllib=""
+
     if test "x$USE_POLARSSL" != "xyes"; then
       dnl add the path and test again
       addld=-L$OPT_POLARSSL/lib$libsuff
@@ -1997,8 +2022,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
     if test "x$USE_POLARSSL" = "xyes"; then
       AC_MSG_NOTICE([detected PolarSSL])
 
-      CURL_LIBS="$CURL_LIBS -lpolarssl"
-      LIBS="$LIBS -lpolarssl"
+      LIBS="-lpolarssl $LIBS"
 
       if test -n "$polarssllib"; then
         dnl when shared libs were found in a path that the run-time
@@ -2053,6 +2077,11 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
         ])
     fi
 
+    addld=""
+    addlib=""
+    addcflags=""
+    cyassllib=""
+
     if test "x$USE_CYASSL" != "xyes"; then
       dnl add the path and test again
       addld=-L$OPT_CYASSL/lib$libsuff
@@ -2081,8 +2110,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
     if test "x$USE_CYASSL" = "xyes"; then
       AC_MSG_NOTICE([detected CyaSSL])
 
-      CURL_LIBS="$CURL_LIBS -lcyassl -lm"
-      LIBS="$LIBS -lcyassl -lm"
+      LIBS="-lcyassl -lm $LIBS"
 
       if test -n "$cyassllib"; then
         dnl when shared libs were found in a path that the run-time
@@ -2117,6 +2145,13 @@ AC_HELP_STRING([--without-nss], [disable NSS detection]),
 if test "$curl_ssl_msg" = "$init_ssl_msg"; then
 
   if test X"$OPT_NSS" != Xno; then
+
+    addld=""
+    addlib=""
+    addcflags=""
+    nssprefix=""
+    version=""
+
     if test "x$OPT_NSS" = "xyes"; then
 
       CURL_CHECK_PKGCONFIG(nss)
@@ -2154,7 +2189,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
       CLEANLIBS="$LIBS"
       CLEANCPPFLAGS="$CPPFLAGS"
 
-      LIBS="$LIBS $addlib"
+      LIBS="$addlib $LIBS"
       if test "$addcflags" != "-I/usr/include"; then
          CPPFLAGS="$CPPFLAGS $addcflags"
       fi
@@ -2284,11 +2319,12 @@ AC_HELP_STRING([--without-libmetalink], [disable libmetalink detection]),
 
 if test X"$OPT_LIBMETALINK" != Xno; then
 
-  addlib=""
   addld=""
+  addlib=""
   addcflags=""
   version=""
   libmetalinklib=""
+
   PKGTEST="no"
   if test "x$OPT_LIBMETALINK" = "xyes"; then
     dnl this is with no partiular path given
@@ -2348,10 +2384,10 @@ if test X"$OPT_LIBMETALINK" != Xno; then
       AC_DEFINE(USE_METALINK, 1, [Define to enable metalink support])
       LIBMETALINK_LIBS=$addlib
       LIBMETALINK_LDFLAGS=$addld
-      LIBMETALINK_CFLAGS=$addcflags
+      LIBMETALINK_CPPFLAGS=$addcflags
       AC_SUBST([LIBMETALINK_LIBS])
       AC_SUBST([LIBMETALINK_LDFLAGS])
-      AC_SUBST([LIBMETALINK_CFLAGS])
+      AC_SUBST([LIBMETALINK_CPPFLAGS])
       curl_mtlnk_msg="enabled"
     fi
 
@@ -2408,7 +2444,7 @@ if test X"$OPT_LIBSSH2" != Xno; then
 
   LDFLAGS="$LDFLAGS $LD_SSH2"
   CPPFLAGS="$CPPFLAGS $CPP_SSH2"
-  LIBS="$LIBS $LIB_SSH2"
+  LIBS="$LIB_SSH2 $LIBS"
 
   AC_CHECK_LIB(ssh2, libssh2_channel_open_ex)
 
@@ -2504,7 +2540,7 @@ if test X"$OPT_LIBRTMP" != Xno; then
 
   LDFLAGS="$LDFLAGS $LD_RTMP"
   CPPFLAGS="$CPPFLAGS $CPP_RTMP"
-  LIBS="$LIBS $LIB_RTMP"
+  LIBS="$LIB_RTMP $LIBS"
 
   AC_CHECK_LIB(rtmp, RTMP_Init,
     [
@@ -2948,6 +2984,8 @@ AC_CHECK_TYPE([bool],[
 
 CURL_CONFIGURE_CURL_SOCKLEN_T
 
+CURL_CONFIGURE_PULL_SYS_POLL
+
 TYPE_IN_ADDR_T
 
 TYPE_SOCKADDR_STORAGE
@@ -3310,33 +3348,21 @@ AC_HELP_STRING([--disable-soname-bump],[Disable enforced SONAME bump]),
 )
 AM_CONDITIONAL(SONAME_BUMP, test x$soname_bump = xyes)
 
-
-dnl ************************************************************
-if test ! -z "$winsock_LIB"; then
-
-  dnl If ws2_32 is wanted, make sure it is the _last_ lib in LIBS (makes
-  dnl things work when built with c-ares). But we can't just move it last
-  dnl since then other stuff (SSL) won't build. So we simply append it to the
-  dnl end.
-
-  LIBS="$LIBS $winsock_LIB"
-  TEST_SERVER_LIBS="$TEST_SERVER_LIBS $winsock_LIB"
-
-fi
-
 dnl
 dnl All the library dependencies put into $LIB apply to libcurl only.
-dnl Those in $CURL_LIBS apply to the curl command-line client only.
-dnl Those in $TEST_SERVER_LIBS apply to test servers only.
-dnl Those in $ALL_LIBS apply to all targets, including test targets.
 dnl
 LIBCURL_LIBS=$LIBS
 
 AC_SUBST(LIBCURL_LIBS)
-AC_SUBST(CURL_LIBS)
-AC_SUBST(TEST_SERVER_LIBS)
 AC_SUBST(CURL_NETWORK_LIBS)
-LIBS=$ALL_LIBS  dnl LIBS is a magic variable that's used for every link
+AC_SUBST(CURL_NETWORK_AND_TIME_LIBS)
+
+dnl BLANK_AT_MAKETIME may be used in our Makefile.am files to blank
+dnl LIBS variable used in generated makefile at makefile processing
+dnl time. Doing this functionally prevents LIBS from being used for
+dnl all link targets in given makefile.
+BLANK_AT_MAKETIME=
+AC_SUBST(BLANK_AT_MAKETIME)
 
 AM_CONDITIONAL(CROSSCOMPILING, test x$cross_compiling = xyes)
 
@@ -3469,14 +3495,15 @@ squeeze DEFS
 squeeze LDFLAGS
 squeeze LIBS
 
-squeeze CURL_LIBS
 squeeze LIBCURL_LIBS
-squeeze TEST_SERVER_LIBS
 squeeze CURL_NETWORK_LIBS
+squeeze CURL_NETWORK_AND_TIME_LIBS
 
 squeeze SUPPORT_FEATURES
 squeeze SUPPORT_PROTOCOLS
 
+XC_CHECK_BUILD_FLAGS
+
 if test "x$want_curldebug_assumed" = "xyes" &&
   test "x$want_curldebug" = "xyes" && test "x$USE_ARES" = "x1"; then
   ac_configure_args="$ac_configure_args --enable-curldebug"
@@ -3492,6 +3519,8 @@ AC_CONFIG_FILES([Makefile \
            lib/Makefile \
            lib/libcurl.vers \
            tests/Makefile \
+           tests/certs/Makefile \
+           tests/certs/scripts/Makefile \
            tests/data/Makefile \
            tests/server/Makefile \
            tests/libtest/Makefile \

curl-config.in

@@ -148,14 +148,14 @@ while test $# -gt 0; do
 	   CURLLIBDIR=""
 	fi
 	if test "X@REQUIRE_LIB_DEPS@" = "Xyes"; then
-	  echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@ @LIBS@
+	  echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@
 	else
-	  echo ${CURLLIBDIR}-lcurl @LIBS@
+	  echo ${CURLLIBDIR}-lcurl
 	fi
 	;;
 
     --static-libs)
-	echo @libdir@/libcurl.@libext@ @LDFLAGS@ @LIBCURL_LIBS@ @LIBS@
+	echo @libdir@/libcurl.@libext@ @LDFLAGS@ @LIBCURL_LIBS@
 	;;
 
     --configure)

docs/BUGS

@@ -20,7 +20,7 @@ BUGS
 1.1 There are still bugs
 
   Curl and libcurl have grown substantially since the beginning. At the time
-  of writing (September 2011), there are about 66000 lines of source code, and
+  of writing (January 2013), there are about 83,000 lines of source code, and
   by the time you read this it has probably grown even more.
 
   Of course there are lots of bugs left. And lots of misfeatures.
@@ -35,7 +35,7 @@ BUGS
   have a go at a solution. You can optionally also post your bug/problem at
   curl's bug tracking system over at
 
-        http://sourceforge.net/tracker/?group_id=976&atid=100976
+        https://sourceforge.net/p/curl/bugs/
 
   Please read the rest of this document below first before doing that! Also,
   you need to login to your sourceforge account before being able to submit a

docs/FAQ

@@ -52,6 +52,7 @@ FAQ
   3.19 How do I get HTTP from a host using a specific IP address?
   3.20 How to SFTP from my user's home directory?
   3.21 Protocol xxx not supported or disabled in libcurl
+  3.22 curl -X gives me HTTP problems
 
  4. Running Problems
   4.1 Problems connecting to SSL servers.
@@ -97,6 +98,7 @@ FAQ
   5.14 Using C++ non-static functions for callbacks?
   5.15 How do I get an FTP directory listing?
   5.16 I want a different time-out!
+  5.17 Can I write a server with libcurl?
 
  6. License Issues
   6.1 I have a GPL program, can I use the libcurl library?
@@ -417,10 +419,15 @@ FAQ
 
   2.2 Does curl work/build with other SSL libraries?
 
-  Curl has been written to use OpenSSL, GnuTLS, yassl, NSS, PolarSSL, axTLS or
-  qssl, although there should not be many problems using a different
-  library. If anyone does "port" curl to use a different SSL library, we are
-  of course very interested in getting the patch!
+  Curl has been written to use a generic SSL function layer internally, and
+  that SSL functionality can then be provided by one out of many different SSL
+  backends.
+
+  curl can be built to use one of the following SSL alternatives: OpenSSL,
+  GnuTLS, yassl, NSS, PolarSSL, axTLS, Secure Transport (native iOS/OS X),
+  schannel (native Windows) or qssl (native IBM i). They all have their pros
+  and cons, and we try to maintain a comparison of them here:
+  http://curl.haxx.se/docs/ssl-compared.html
 
   2.3 Where can I find a copy of LIBEAY32.DLL?
 
@@ -481,9 +488,10 @@ FAQ
   You can tell curl to perform optional commands both before and/or after a
   file transfer. Study the -Q/--quote option.
 
-  Since curl is used for file transfers, you don't use curl to just perform
-  FTP commands without transferring anything. Therefore you must always specify
-  a URL to transfer to/from even when doing custom FTP commands.
+  Since curl is used for file transfers, you don't normally use curl to
+  perform FTP commands without transferring anything. Therefore you must
+  always specify a URL to transfer to/from even when doing custom FTP
+  commands, or use -I which implies the "no body" option sent to libcurl.
 
   3.5 How can I disable the Accept: */* header?
 
@@ -730,6 +738,33 @@ FAQ
   part as in "htpt://example.com" or as in the less evident case if you prefix
   the protocol part with a space as in " http://example.com/".
 
+  3.22 curl -X gives me HTTP problems
+
+  In normal circumstances, -X should hardly ever be used.
+
+  By default you use curl without explicitly saying which request method to
+  use when the URL identifies a HTTP transfer. If you just pass in a URL like
+  "curl http://example.com" it will use GET. If you use -d or -F curl will use
+  POST, -I will cause a HEAD and -T will make it a PUT.
+
+  If for whatever reason you're not happy with these default choices that curl
+  does for you, you can override those request methods by specifying -X
+  [WHATEVER]. This way you can for example send a DELETE by doing "curl -X
+  DELETE [URL]".
+
+  It is thus pointless to do "curl -XGET [URL]" as GET would be used
+  anyway. In the same vein it is pointless to do "curl -X POST -d data
+  [URL]"... But you can make a fun and somewhat rare request that sends a
+  request-body in a GET request with something like "curl -X GET -d data
+  [URL]"
+
+  Note that -X doesn't change curl's behavior. It only modifies the actual
+  string sent in the request.
+
+  Accordingly, by using -XPOST on a command line that for example would follow
+  a 303 redirect, you will effectively prevent curl from behaving
+  correctly. Be aware.
+
 
 4. Running Problems
 
@@ -878,8 +913,8 @@ FAQ
 
   4.9 Curl can't authenticate to the server that requires NTLM?
 
-  NTLM support requires OpenSSL, GnuTLS, NSS or Microsoft Windows libraries at
-  build-time to provide this functionality.
+  NTLM support requires OpenSSL, GnuTLS, NSS, Secure Transport, or Microsoft
+  Windows libraries at build-time to provide this functionality.
 
   NTLM is a Microsoft proprietary protocol. Proprietary formats are evil. You
   should not use such ones.
@@ -1252,7 +1287,7 @@ FAQ
 
   If you're using the multi interface, you can also stop a transfer by
   removing the particular easy handle from the multi stack at any moment you
-  think the transfer is done.
+  think the transfer is done or when you wish to abort the transfer.
 
   5.14 Using C++ non-static functions for callbacks?
 
@@ -1310,6 +1345,15 @@ FAQ
   use that to figure out exactly when the right condition is met when the
   transfer should get stopped.
 
+  5.17 Can I write a server with libcurl?
+
+  No. libcurl offers no functions or building blocks to build any kind of
+  internet protocol server. libcurl is only a client-side library. For server
+  libraries, you need to continue your search elsewhere but there exist many
+  good open source ones out there for most protocols you could possibly want a
+  server for. And there are really good stand-alone ones that have been tested
+  and proven for many years. There's no need for you to reinvent them!
+
 
 6. License Issues
 

docs/FEATURES

@@ -43,7 +43,7 @@ HTTP
  - POST
  - Pipelining
  - multipart formpost (RFC1867-style)
- - authentication: Basic, Digest, NTLM(*9), GSS-Negotiate/Negotiate(*3) and
+ - authentication: Basic, Digest, NTLM (*9), GSS-Negotiate/Negotiate (*3) and
    SPNEGO (*4) to server and proxy
  - resume (both GET and PUT)
  - follow redirects
@@ -122,10 +122,52 @@ FILE
  - "uploads"
  - resume
 
+SMTP
+ - authentication: Plain, Login, CRAM-MD5, Digest-MD5 and NTLM (*9)
+ - send mail
+ - mail from support
+ - mail size support
+ - mail auth support for trusted server-to-server relaying
+ - multiple recipients
+ - via http-proxy
+
+SMTPS (*1)
+ - implicit smtps:// support
+ - explicit "STARTTLS" usage to "upgrade" plain smtp:// connections to use SSL
+ - via http-proxy
+
+POP3
+ - authentication: Clear Text, APOP and SASL
+ - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5 and
+   NTLM (*9)
+ - list e-mails
+ - retrieve e-mails
+ - enhanced command support for: CAPA, DELE, TOP, STAT, UIDL and NOOP
+ - via http-proxy
+
+POP3S (*1)
+ - implicit pop3s:// support
+ - explicit "STLS" usage to "upgrade" plain pop3:// connections to use SSL
+ - via http-proxy
+
+IMAP
+ - authentication: Clear Text and SASL
+ - select mailbox
+ - basic fetch e-mail support
+ - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5 and
+   NTLM (*9)
+ - via http-proxy
+
+IMAPS (*1)
+ - implicit imaps:// support
+ - explicit "STARTTLS" usage to "upgrade" plain imap:// connections to use SSL
+ - via http-proxy
+
 FOOTNOTES
 =========
 
-  *1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL or schannel
+  *1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL, schannel (native
+       Windows), Secure Transport (native iOS/OS X)  or qssl (native IBM i)
   *2 = requires OpenLDAP
   *3 = requires a GSSAPI-compliant library, such as Heimdal or similar.
   *4 = requires FBopenssl
@@ -133,4 +175,4 @@ FOOTNOTES
   *6 = requires c-ares
   *7 = requires OpenSSL or NSS, as GnuTLS only supports SSLv3 and TLSv1
   *8 = requires libssh2
-  *9 = requires OpenSSL, GnuTLS, NSS or yassl
+  *9 = requires OpenSSL, GnuTLS, NSS, yassl or SSPI (native Windows)

docs/INSTALL

@@ -135,21 +135,18 @@ UNIX
      default. But if you want to alter it, you can select how to deal with
      each individual library.
 
-     To build with GnuTLS support instead of OpenSSL for SSL/TLS, note that
-     you need to use both --without-ssl and --with-gnutls.
+     To build with GnuTLS for SSL/TLS, use both --without-ssl and
+     --with-gnutls.
 
-     To build with yassl support instead of OpenSSL or GnuTLS, you must build
-     yassl with its OpenSSL emulation enabled and point to that directory root
-     with configure --with-ssl.
+     To build with Cyassl for SSL/TLS, use both --without-ssl and
+     --with-cyassl.
 
-     To build with NSS support instead of OpenSSL for SSL/TLS, note that
-     you need to use both --without-ssl and --with-nss.
+     To build with NSS for SSL/TLS, use both --without-ssl and --with-nss.
 
-     To build with PolarSSL support instead of OpenSSL for SSL/TLS, note that
-     you need to use both --without-ssl and --with-polarssl.
+     To build with PolarSSL for SSL/TLS, use both --without-ssl and
+     --with-polarssl.
 
-     To build with axTLS support instead of OpenSSL for TLS, note that you
-     need to use both --without-ssl and --with-axtls.
+     To build with axTLS for SSL/TLS, use both --without-ssl and --with-axtls.
 
      To get GSSAPI support, build with --with-gssapi and have the MIT or
      Heimdal Kerberos 5 packages installed.
@@ -225,7 +222,7 @@ Win32
 
      set ZLIB_PATH=c:\zlib-1.2.7
      set OPENSSL_PATH=c:\openssl-0.9.8x
-     set LIBSSH2_PATH=c:\libssh2-1.4.2
+     set LIBSSH2_PATH=c:\libssh2-1.4.3
 
    ATTENTION: if you want to build with libssh2 support you have to use latest
    version 0.17 - previous versions will NOT work with 7.17.0 and later!
@@ -467,7 +464,7 @@ Win32
    possibilities:
 
    - Modify lib/config-win32.h
-   - Modify lib/setup.h
+   - Modify lib/curl_setup.h
    - Modify lib/Makefile.vc6
    - Add defines to Project/Settings/C/C++/General/Preprocessor Definitions
      in the vc6libcurl.dsw/vc6libcurl.dsp Visual C++ 6 IDE project.
@@ -509,6 +506,38 @@ Win32
    dynamic import symbols.
 
 
+Apple iOS and Mac OS X
+======================
+   On recent Apple operating systems, curl can be built to use Apple's
+   SSL/TLS implementation, Secure Transport, instead of OpenSSL. To build with
+   Secure Transport for SSL/TLS, use the configure option --with-darwinssl. (It
+   is not necessary to use the option --without-ssl.) This feature requires iOS
+   5.0 or later, or OS X 10.5 ("Leopard") or later.
+
+   When Secure Transport is in use, the curl options --cacert and --capath and
+   their libcurl equivalents, will be ignored, because Secure Transport uses
+   the certificates stored in the Keychain to evaluate whether or not to trust
+   the server. This, of course, includes the root certificates that ship with
+   the OS. The --cert and --engine options, and their libcurl equivalents, are
+   currently unimplemented in curl with Secure Transport.
+
+   For OS X users: In OS X 10.8 ("Mountain Lion"), Apple made a major
+   overhaul to the Secure Transport API that, among other things, added
+   support for the newer TLS 1.1 and 1.2 protocols. To get curl to support
+   TLS 1.1 and 1.2, you must build curl on Mountain Lion or later, or by
+   using the equivalent SDK. If you set the MACOSX_DEPLOYMENT_TARGET
+   environmental variable to an earlier version of OS X prior to building curl,
+   then curl will use the new Secure Transport API on Mountain Lion and later,
+   and fall back on the older API when the same curl binary is executed on
+   older cats. For example, running these commands in curl's directory in the
+   shell will build the code such that it will run on cats as old as OS X 10.6
+   ("Snow Leopard") (using bash):
+
+      export MACOSX_DEPLOYMENT_TARGET="10.6"
+      ./configure --with-darwinssl
+      make
+
+
 IBM OS/2
 ========
    Building under OS/2 is not much different from building under unix.
@@ -1018,7 +1047,7 @@ PORTS
         - AVR32 Linux
         - ARM Android 1.5, 2.1
         - ARM INTEGRITY
-        - ARM iPhone OS
+        - ARM iOS
         - Cell Linux
         - Cell Cell OS
         - HP-PA HP-UX 9.X 10.X 11.X
@@ -1056,6 +1085,7 @@ PORTS
         - i386 HURD
         - i386 Haiku OS
         - i386 Linux 1.3, 2.0, 2.2, 2.3, 2.4, 2.6
+        - i386 Mac OS X
         - i386 MINIX 3.1
         - i386 NetBSD
         - i386 Novell NetWare

docs/INSTALL.cmake

@@ -24,7 +24,7 @@ Current flaws in the curl CMake build
    Missing features in the cmake build:
 
    - Builds libcurl without large file support
-   - It doesn't build src/hugehelp.c which creates the --manual output
+   - It doesn't build src/tool_hugehelp.c which creates the --manual output
    - Can't select which SSL library to build with, only OpenSSL
    - Doesn't build with SCP and SFTP support (libssh2)
    - Doesn't allow different resolver backends (no c-ares build support)

docs/INTERNALS

@@ -47,9 +47,6 @@ Portability
  axTLS        1.2.7
  Heimdal      ?
 
- * = only partly functional, but that's due to bugs in the third party lib, not
-     because of libcurl code
-
  On systems where configure runs, we aim at working on them all - if they have
  a suitable C compiler. On systems that don't run configure, we strive to keep
  curl running fine on:
@@ -413,10 +410,10 @@ Client
 
  main() resides in src/main.c together with most of the client code.
 
- src/hugehelp.c is automatically generated by the mkhelp.pl perl script to
- display the complete "manual" and the src/urlglob.c file holds the functions
- used for the URL-"globbing" support. Globbing in the sense that the {} and []
- expansion stuff is there.
+ src/tool_hugehelp.c is automatically generated by the mkhelp.pl perl script
+ to display the complete "manual" and the src/urlglob.c file holds the
+ functions used for the URL-"globbing" support. Globbing in the sense that
+ the {} and [] expansion stuff is there.
 
  The client mostly messes around to setup its 'config' struct properly, then
  it calls the curl_easy_*() functions of the library and when it gets back

docs/THANKS

@@ -12,6 +12,7 @@ Adam Piggott
 Adam Tkac
 Adrian Schuur
 Adriano Meirelles
+Ajit Dhumale
 Akos Pasztory
 Alan Pinstein
 Albert Chin
@@ -24,6 +25,7 @@ Alessandro Ghedini
 Alessandro Vesely
 Alex Bligh
 Alex Fishman
+Alex Gruz
 Alex Neblett
 Alex Suykov
 Alex Vinnik
@@ -75,6 +77,7 @@ Anthony G. Basile
 Antoine Calando
 Anton Bychkov
 Anton Kalmykov
+Anton Malov
 Anton Yabchinskiy
 Arkadiusz Miskiewicz
 Armel Asselin
@@ -175,6 +178,7 @@ Craig Davison
 Craig Markwardt
 Cris Bailiff
 Cristian Rodriguez
+Cristian Rodríguez
 Curt Bogmine
 Cyrill Osterwalder
 Dag Ekengren
@@ -310,6 +314,7 @@ Fred New
 Fred Noz
 Frederic Lepied
 Gabriel Kuri
+Gabriel Sjoberg
 Garrett Holmstrom
 Gary Maxwell
 Gautam Kachroo
@@ -344,6 +349,7 @@ Greg Zavertnik
 Grigory Entin
 Guenole Bescon
 Guenter Knauf
+Guido Berhoerster
 Guillaume Arluison
 Gustaf Hui
 Gwenole Beauchesne
@@ -420,6 +426,7 @@ Jean-Francois Bertrand
 Jean-Louis Lemaire
 Jean-Marc Ranger
 Jean-Philippe Barrette-LaPierre
+Jeff Connelly
 Jeff Johnson
 Jeff Lawson
 Jeff Phillips
@@ -460,6 +467,7 @@ John Lightsey
 John Marino
 John McGowan
 John P. McCaskey
+John Suprock
 John Wilkinson
 John-Mark Bell
 Johnny Luong
@@ -532,6 +540,7 @@ Kyle Sallee
 Lachlan O'Dea
 Larry Campbell
 Larry Fahnoe
+Lars Buitinck
 Lars Gustafsson
 Lars J. Aas
 Lars Nilsson
@@ -586,6 +595,7 @@ Mark Incley
 Mark Karpeles
 Mark Lentczner
 Mark Salisbury
+Mark Snelling
 Mark Tully
 Markus Duft
 Markus Koetter
@@ -639,6 +649,7 @@ Michael Stillwell
 Michael Wallner
 Michal Bonino
 Michal Gorny
+Michal Kowalczyk
 Michal Marek
 Michele Bini
 Mihai Ionescu
@@ -692,6 +703,8 @@ Olaf Stüben
 Olivier Berger
 Oren Tirosh
 Ori Avtalion
+Oscar Koeroo
+Oscar Norlander
 P R Schaffner
 Paolo Piacentini
 Pascal Terjan
@@ -840,6 +853,7 @@ Scott Barrett
 Scott Cantor
 Scott Davis
 Scott McCreary
+Sebastian Rasmussen
 Sebastien Willemijns
 Senthil Raja Velu
 Sergei Nikulov

docs/TODO

@@ -21,8 +21,7 @@
 
  2. libcurl - multi interface
  2.1 More non-blocking
- 2.2 Remove easy interface internally
- 2.4 Fix HTTP Pipelining for PUT
+ 2.2 Fix HTTP Pipelining for PUT
 
  3. Documentation
  3.1  More and better
@@ -69,55 +68,52 @@
  10. POP3
  10.1 auth= in URLs
  
- 11. IMAP
+ 11. LDAP
  11.1 SASL based authentication mechanisms
  
- 12. LDAP
- 12.1 SASL based authentication mechanisms
+ 12. Other protocols
+
+ 13. New protocols
+ 13.1 RSYNC
+
+ 14. SASL
+ 14.1 Other authentication mechanisms
  
- 13. Other protocols
+ 15. Client
+ 15.1 sync
+ 15.2 glob posts
+ 15.3 prevent file overwriting
+ 15.4 simultaneous parallel transfers
+ 15.5 provide formpost headers
+ 15.6 url-specific options
+ 15.7 warning when setting an option
+ 15.8 IPv6 addresses with globbing
 
- 14. New protocols
- 14.1 RSYNC
+ 16. Build
+ 16.1 roffit
 
- 15. SASL
- 15.1 Other authentication mechanisms
- 
- 16. Client
- 16.1 sync
- 16.2 glob posts
- 16.3 prevent file overwriting
- 16.4 simultaneous parallel transfers
- 16.5 provide formpost headers
- 16.6 url-specific options
- 16.7 warning when setting an option
- 16.8 IPv6 addresses with globbing
+ 17. Test suite
+ 17.1 SSL tunnel
+ 17.2 nicer lacking perl message
+ 17.3 more protocols supported
+ 17.4 more platforms supported
 
- 17. Build
- 17.1 roffit
+ 18. Next SONAME bump
+ 18.1 http-style HEAD output for ftp
+ 18.2 combine error codes
+ 18.3 extend CURLOPT_SOCKOPTFUNCTION prototype
 
- 18. Test suite
- 18.1 SSL tunnel
- 18.2 nicer lacking perl message
- 18.3 more protocols supported
- 18.4 more platforms supported
-
- 19. Next SONAME bump
- 19.1 http-style HEAD output for ftp
- 19.2 combine error codes
- 19.3 extend CURLOPT_SOCKOPTFUNCTION prototype
-
- 20. Next major release
- 20.1 cleanup return codes
- 20.2 remove obsolete defines
- 20.3 size_t
- 20.4 remove several functions
- 20.5 remove CURLOPT_FAILONERROR
- 20.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
- 20.7 remove progress meter from libcurl
- 20.8 remove 'curl_httppost' from public
- 20.9 have form functions use CURL handle argument
- 20.10 Add CURLOPT_MAIL_CLIENT option
+ 19. Next major release
+ 19.1 cleanup return codes
+ 19.2 remove obsolete defines
+ 19.3 size_t
+ 19.4 remove several functions
+ 19.5 remove CURLOPT_FAILONERROR
+ 19.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
+ 19.7 remove progress meter from libcurl
+ 19.8 remove 'curl_httppost' from public
+ 19.9 have form functions use CURL handle argument
+ 19.10 Add CURLOPT_MAIL_CLIENT option
 
 ==============================================================================
 
@@ -194,16 +190,7 @@
  - The "DONE" operation (post transfer protocol-specific actions) for the
    protocols SFTP, SMTP, FTP. Fixing Curl_done() for this is a worthy task.
 
-2.2 Remove easy interface internally
-
- Make curl_easy_perform() a wrapper-function that simply creates a multi
- handle, adds the easy handle to it, runs curl_multi_perform() until the
- transfer is done, then detach the easy handle, destroy the multi handle and
- return the easy handle's return code. This will thus make everything
- internally use and assume the multi interface. The select()-loop should use
- curl_multi_socket().
-
-2.4 Fix HTTP Pipelining for PUT
+2.2 Fix HTTP Pipelining for PUT
 
  HTTP Pipelining can be a way to greatly enhance performance for multiple
  serial requests and currently libcurl only supports that for HEAD and GET
@@ -402,42 +389,34 @@ to provide the data to send.
  Being able to specify the preferred authentication mechanism in the URL as
  per RFC2384.
 
-11. IMAP
+11. LDAP
 
 11.1 SASL based authentication mechanisms
 
- Curl currently sends usernames and passwords as clear text whilst SASL based
- authentication mechanisms can be more secure. As such, support should be
- added to support these authentication mechanisms.
-
-12. LDAP
-
-12.1 SASL based authentication mechansims
-
  Currently the LDAP module only supports ldap_simple_bind_s() in order to bind
  to an LDAP server. However, this function sends username and password details
  using the simple authentication mechanism (as clear text). However, it should
  be possible to use ldap_bind_s() instead specifing the security context
  information ourselves.
 
-13. Other protocols
+12. Other protocols
 
-14. New protocols
+13. New protocols
 
-14.1 RSYNC
+13.1 RSYNC
 
  There's no RFC for the protocol or an URI/URL format.  An implementation
  should most probably use an existing rsync library, such as librsync.
 
-15. SASL
+14. SASL
 
-15.1 Other authentication mechanisms
+14.1 Other authentication mechanisms
 
- Add support for gssapi to SMTP and POP3.
+ Add support for gssapi to SMTP, POP3 and IMAP.
 
-16. Client
+15. Client
 
-16.1 sync
+15.1 sync
 
  "curl --sync http://example.com/feed[1-100].rss" or
  "curl --sync http://example.net/{index,calendar,history}.html"
@@ -446,12 +425,12 @@ to provide the data to send.
  remote file is newer than the local file. A Last-Modified HTTP date header
  should also be used to set the mod date on the downloaded file.
 
-16.2 glob posts
+15.2 glob posts
 
  Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
  This is easily scripted though.
 
-16.3 prevent file overwriting
+15.3 prevent file overwriting
 
  Add an option that prevents cURL from overwriting existing local files. When
  used, and there already is an existing file with the target file name
@@ -459,14 +438,14 @@ to provide the data to send.
  existing). So that index.html becomes first index.html.1 and then
  index.html.2 etc.
 
-16.4 simultaneous parallel transfers
+15.4 simultaneous parallel transfers
 
  The client could be told to use maximum N simultaneous parallel transfers and
  then just make sure that happens. It should of course not make more than one
  connection to the same remote host. This would require the client to use the
  multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
 
-16.5 provide formpost headers
+15.5 provide formpost headers
 
  Extending the capabilities of the multipart formposting. How about leaving
  the ';type=foo' syntax as it is and adding an extra tag (headers) which
@@ -480,7 +459,7 @@ to provide the data to send.
  which should overwrite the program reasonable defaults (plain/text,
  8bit...)
 
-16.6 url-specific options
+15.6 url-specific options
 
  Provide a way to make options bound to a specific URL among several on the
  command line. Possibly by letting ':' separate options between URLs,
@@ -494,57 +473,57 @@ to provide the data to send.
 
  The example would do a POST-GET-POST combination on a single command line.
 
-16.7 warning when setting an option
+15.7 warning when setting an option
 
   Display a warning when libcurl returns an error when setting an option.
   This can be useful to tell when support for a particular feature hasn't been
   compiled into the library.
 
-16.8 IPv6 addresses with globbing
+15.8 IPv6 addresses with globbing
 
   Currently the command line client needs to get url globbing disabled (with
   -g) for it to support IPv6 numerical addresses. This is a rather silly flaw
   that should be corrected. It probably involves a smarter detection of the
   '[' and ']' letters.
 
-17. Build
+16. Build
 
-17.1 roffit
+16.1 roffit
 
  Consider extending 'roffit' to produce decent ASCII output, and use that
- instead of (g)nroff when building src/hugehelp.c
+ instead of (g)nroff when building src/tool_hugehelp.c
 
-18. Test suite
+17. Test suite
 
-18.1 SSL tunnel
+17.1 SSL tunnel
 
  Make our own version of stunnel for simple port forwarding to enable HTTPS
  and FTP-SSL tests without the stunnel dependency, and it could allow us to
  provide test tools built with either OpenSSL or GnuTLS
 
-18.2 nicer lacking perl message
+17.2 nicer lacking perl message
 
  If perl wasn't found by the configure script, don't attempt to run the tests
  but explain something nice why it doesn't.
 
-18.3 more protocols supported
+17.3 more protocols supported
 
  Extend the test suite to include more protocols. The telnet could just do ftp
  or http operations (for which we have test servers).
 
-18.4 more platforms supported
+17.4 more platforms supported
 
  Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
  fork()s and it should become even more portable.
 
-19. Next SONAME bump
+18. Next SONAME bump
 
-19.1 http-style HEAD output for ftp
+18.1 http-style HEAD output for ftp
 
  #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
  from being output in NOBODY requests over ftp
 
-19.2 combine error codes
+18.2 combine error codes
 
  Combine some of the error codes to remove duplicates.  The original
  numbering should not be changed, and the old identifiers would be
@@ -569,29 +548,29 @@ to provide the data to send.
 
     CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED
 
-19.3 extend CURLOPT_SOCKOPTFUNCTION prototype
+18.3 extend CURLOPT_SOCKOPTFUNCTION prototype
 
  The current prototype only provides 'purpose' that tells what the
  connection/socket is for, but not any protocol or similar. It makes it hard
  for applications to differentiate on TCP vs UDP and even HTTP vs FTP and
  similar.
 
-20. Next major release
+10. Next major release
 
-20.1 cleanup return codes
+19.1 cleanup return codes
 
  curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
  CURLMcode. These should be changed to be the same.
 
-20.2 remove obsolete defines
+19.2 remove obsolete defines
 
  remove obsolete defines from curl/curl.h
 
-20.3 size_t
+19.3 size_t
 
  make several functions use size_t instead of int in their APIs
 
-20.4 remove several functions
+19.4 remove several functions
 
  remove the following functions from the public API:
 
@@ -612,18 +591,18 @@ to provide the data to send.
 
  curl_multi_socket_all
 
-20.5 remove CURLOPT_FAILONERROR
+19.5 remove CURLOPT_FAILONERROR
 
  Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
  internally. Let the app judge success or not for itself.
 
-20.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
+19.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
 
  Remove support for a global DNS cache. Anything global is silly, and we
  already offer the share interface for the same functionality but done
  "right".
 
-20.7 remove progress meter from libcurl
+19.7 remove progress meter from libcurl
 
  The internally provided progress meter output doesn't belong in the library.
  Basically no application wants it (apart from curl) but instead applications
@@ -633,7 +612,7 @@ to provide the data to send.
  variable types passed to it instead of doubles so that big files work
  correctly.
 
-20.8 remove 'curl_httppost' from public
+19.8 remove 'curl_httppost' from public
 
  curl_formadd() was made to fill in a public struct, but the fact that the
  struct is public is never really used by application for their own advantage
@@ -642,7 +621,7 @@ to provide the data to send.
  Changing them to return a private handle will benefit the implementation and
  allow us much greater freedoms while still maintining a solid API and ABI.
 
-20.9 have form functions use CURL handle argument
+19.9 have form functions use CURL handle argument
 
  curl_formadd() and curl_formget() both currently have no CURL handle
  argument, but both can use a callback that is set in the easy handle, and
@@ -650,7 +629,7 @@ to provide the data to send.
  curl_easy_perform() (or similar) called - which is hard to grasp and a design
  mistake.
 
-20.10 Add CURLOPT_MAIL_CLIENT option
+19.10 Add CURLOPT_MAIL_CLIENT option
 
  Rather than use the URL to specify the mail client string to present in the
  HELO and EHLO commands, libcurl should support a new CURLOPT specifically for
@@ -659,4 +638,4 @@ to provide the data to send.
 
  Please see the following thread for more information:
  http://curl.haxx.se/mail/lib-2012-05/0178.html
- 
+ 

docs/curl.1

@@ -423,11 +423,8 @@ The windows version of curl will automatically look for a CA certs file named
 \'curl-ca-bundle.crt\', either in the same directory as curl.exe, or in the
 Current Working Directory, or in any folder along your PATH.
 
-If curl is built against the NSS SSL library then this option tells
-curl the nickname of the CA certificate to use within the NSS database
-defined by the environment variable SSL_DIR (or by default /etc/pki/nssdb).
-If the NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files
-may be loaded.
+If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
+(libnsspem.so) needs to be available for this option to work properly.
 
 If this option is used several times, the last one will be used.
 .IP "--capath <CA certificate directory>"
@@ -484,6 +481,17 @@ filename=, like this:
 
 \fBcurl\fP -F "file=@localfile;filename=nameinpost" url.com
 
+If filename/path contains ',' or ';', it must be quoted by double-quotes like:
+
+\fBcurl\fP -F "file=@\\"localfile\\";filename=\\"nameinpost\\"" url.com
+
+or
+
+\fBcurl\fP -F 'file=@"localfile";filename="nameinpost"' url.com
+
+Note that if a filename/path is quoted by double-quotes, any double-quote
+or backslash within the filename must be escaped by backslash.
+
 See further examples and details in the MANUAL.
 
 This option can be used multiple times.
@@ -1524,6 +1532,13 @@ same info.
 The numerical code that was found in the last response (from a proxy) to a
 curl CONNECT request. (Added in 7.12.4)
 .TP
+.B local_ip
+The IP address of the local end of the most recently done connection - can be
+either IPv4 or IPv6 (Added in 7.29.0)
+.TP
+.B local_port
+The local port number of the most recently done connection (Added in 7.29.0)
+.TP
 .B num_connects
 Number of new connects made in the recent transfer. (Added in 7.12.3)
 .TP
@@ -1534,6 +1549,13 @@ Number of redirects that were followed in the request. (Added in 7.12.3)
 When an HTTP request was made without -L to follow redirects, this variable
 will show the actual URL a redirect \fIwould\fP take you to. (Added in 7.18.2)
 .TP
+.B remote_ip
+The remote IP address of the most recently done connection - can be either
+IPv4 or IPv6 (Added in 7.29.0)
+.TP
+.B remote_port
+The remote port number of the most recently done connection (Added in 7.29.0)
+.TP
 .B size_download
 The total amount of bytes that were downloaded.
 .TP
@@ -1631,6 +1653,14 @@ details and explanations. Common additional HTTP requests include PUT and
 DELETE, but related technologies like WebDAV offers PROPFIND, COPY, MOVE and
 more.
 
+Normally you don't need this option. All sorts of GET, HEAD, POST and PUT
+requests are rather invoked by using dedicated command line options.
+
+This option only changes the actual word used in the HTTP request, it does not
+alter the way curl behaves. So for example if you want to make a proper HEAD
+request, using -X HEAD will not suffice. You need to use the \fI-I, --head\fP
+option.
+
 (FTP)
 Specifies a custom FTP command to use instead of LIST when doing file lists
 with FTP.

docs/examples/Makefile.am

@@ -31,23 +31,32 @@ EXTRA_DIST = README Makefile.example Makefile.inc Makefile.m32 \
 # might possibly already be installed in the system.
 #
 # $(top_builddir)/include/curl for generated curlbuild.h included from curl.h
-# $(top_builddir)/include for generated curlbuild.h included from lib/setup.h
+# $(top_builddir)/include for generated curlbuild.h inc. from lib/curl_setup.h
 # $(top_srcdir)/include is for libcurl's external include files
 
 AM_CPPFLAGS = -I$(top_builddir)/include/curl \
               -I$(top_builddir)/include      \
-              -I$(top_srcdir)/include \
-              -DCURL_NO_OLDIES
+              -I$(top_srcdir)/include
 
 LIBDIR = $(top_builddir)/lib
 
+# Avoid libcurl obsolete stuff
+AM_CPPFLAGS += -DCURL_NO_OLDIES
+
 # Mostly for Windows build targets, when using static libcurl
 if USE_CPPFLAG_CURL_STATICLIB
 AM_CPPFLAGS += -DCURL_STATICLIB
 endif
 
+# Prevent LIBS from being used for all link targets
+LIBS = $(BLANK_AT_MAKETIME)
+
 # Dependencies
+if USE_EXPLICIT_LIB_DEPS
+LDADD = $(LIBDIR)/libcurl.la @LIBCURL_LIBS@
+else
 LDADD = $(LIBDIR)/libcurl.la
+endif
 
 # Makefile.inc provides the check_PROGRAMS and COMPLICATED_EXAMPLES defines
 include Makefile.inc

docs/examples/Makefile.inc

@@ -9,7 +9,7 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \
 
 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
-COMPLICATED_EXAMPLES = curlgtk.c curlx.c htmltitle.cc cacertinmem.c	   \
+COMPLICATED_EXAMPLES = curlgtk.c curlx.c htmltitle.cpp cacertinmem.c	   \
   ftpuploadresume.c ghiper.c hiperfifo.c htmltidy.c multithread.c	   \
   opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c evhiperfifo.c \
-  smooth-gtk-thread.c version-check.pl href_extractor.c
+  smooth-gtk-thread.c version-check.pl href_extractor.c asiohiper.cpp

docs/examples/Makefile.m32

@@ -42,7 +42,7 @@ OPENSSL_PATH = ../../../openssl-0.9.8x
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../../libssh2-1.4.2
+LIBSSH2_PATH = ../../../libssh2-1.4.3
 endif
 # Edit the path below to point to the base of your librtmp package.
 ifndef LIBRTMP_PATH

docs/examples/Makefile.netware

@@ -24,7 +24,7 @@ endif
 
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../../libssh2-1.4.2
+LIBSSH2_PATH = ../../../libssh2-1.4.3
 endif
 
 # Edit the path below to point to the base of your axTLS package.

docs/examples/anyauthput.c

@@ -27,7 +27,9 @@
 #  ifdef __VMS
      typedef int intptr_t;
 #  endif
-#  include <stdint.h>
+#  if !defined(_AIX) && !defined(__sgi) && !defined(__osf__)
+#    include <stdint.h>
+#  endif
 #  include <unistd.h>
 #endif
 #include <sys/types.h>
@@ -51,6 +53,12 @@
 #define TRUE 1
 #endif
 
+#if defined(_AIX) || defined(__sgi) || defined(__osf__)
+#ifndef intptr_t
+#define intptr_t long
+#endif
+#endif
+
 /*
  * This example shows a HTTP PUT operation with authentiction using "any"
  * type. It PUTs a file given as a command line argument to the URL also given

docs/examples/asiohiper.cpp

@@ -0,0 +1,454 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+/*
+ * file: asiohiper.cpp
+ * Example program to demonstrate the use of multi socket interface
+ * with boost::asio
+ *
+ * This program is in c++ and uses boost::asio instead of libevent/libev.
+ * Requires boost::asio, boost::bind and boost::system
+ *
+ * This is an adaptation of libcurl's "hiperfifo.c" and "evhiperfifo.c"
+ * sample programs. This example implements a subset of the functionality from
+ * hiperfifo.c, for full functionality refer hiperfifo.c or evhiperfifo.c
+ *
+ * Written by Lijo Antony based on hiperfifo.c by Jeff Pohlmeyer
+ *
+ * When running, the program creates an easy handle for a URL and
+ * uses the curl_multi API to fetch it.
+ *
+ * Note:
+ *  For the sake of simplicity, URL is hard coded to "www.google.com"
+ *
+ * This is purely a demo app, all retrieved data is simply discarded by the write
+ * callback.
+ */
+
+
+#include <curl/curl.h>
+#include <boost/asio.hpp>
+#include <boost/bind.hpp>
+
+#define MSG_OUT stdout /* Send info to stdout, change to stderr if you want */
+
+/* boost::asio related objects
+ * using global variables for simplicity
+ */
+boost::asio::io_service io_service;
+boost::asio::deadline_timer timer(io_service);
+std::map<curl_socket_t, boost::asio::ip::tcp::socket *> socket_map;
+
+/* Global information, common to all connections */
+typedef struct _GlobalInfo
+{
+  CURLM *multi;
+  int still_running;
+} GlobalInfo;
+
+/* Information associated with a specific easy handle */
+typedef struct _ConnInfo
+{
+  CURL *easy;
+  char *url;
+  GlobalInfo *global;
+  char error[CURL_ERROR_SIZE];
+} ConnInfo;
+
+static void timer_cb(const boost::system::error_code & error, GlobalInfo *g);
+
+/* Update the event timer after curl_multi library calls */
+static int multi_timer_cb(CURLM *multi, long timeout_ms, GlobalInfo *g)
+{
+  fprintf(MSG_OUT, "\nmulti_timer_cb: timeout_ms %ld", timeout_ms);
+
+  /* cancel running timer */
+  timer.cancel();
+
+  if ( timeout_ms > 0 )
+  {
+    /* update timer */
+    timer.expires_from_now(boost::posix_time::millisec(timeout_ms));
+    timer.async_wait(boost::bind(&timer_cb, _1, g));
+  }
+  else
+  {
+    /* call timeout function immediately */
+    boost::system::error_code error; /*success*/
+    timer_cb(error, g);
+  }
+
+  return 0;
+}
+
+/* Die if we get a bad CURLMcode somewhere */
+static void mcode_or_die(const char *where, CURLMcode code)
+{
+  if ( CURLM_OK != code )
+  {
+    const char *s;
+    switch ( code )
+    {
+    case CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
+    case CURLM_BAD_HANDLE:         s="CURLM_BAD_HANDLE";         break;
+    case CURLM_BAD_EASY_HANDLE:    s="CURLM_BAD_EASY_HANDLE";    break;
+    case CURLM_OUT_OF_MEMORY:      s="CURLM_OUT_OF_MEMORY";      break;
+    case CURLM_INTERNAL_ERROR:     s="CURLM_INTERNAL_ERROR";     break;
+    case CURLM_UNKNOWN_OPTION:     s="CURLM_UNKNOWN_OPTION";     break;
+    case CURLM_LAST:               s="CURLM_LAST";               break;
+    default: s="CURLM_unknown";
+      break;
+    case     CURLM_BAD_SOCKET:         s="CURLM_BAD_SOCKET";
+      fprintf(MSG_OUT, "\nERROR: %s returns %s", where, s);
+      /* ignore this error */
+      return;
+    }
+    fprintf(MSG_OUT, "\nERROR: %s returns %s", where, s);
+    exit(code);
+  }
+}
+
+/* Check for completed transfers, and remove their easy handles */
+static void check_multi_info(GlobalInfo *g)
+{
+  char *eff_url;
+  CURLMsg *msg;
+  int msgs_left;
+  ConnInfo *conn;
+  CURL *easy;
+  CURLcode res;
+
+  fprintf(MSG_OUT, "\nREMAINING: %d", g->still_running);
+
+  while ((msg = curl_multi_info_read(g->multi, &msgs_left)))
+  {
+    if (msg->msg == CURLMSG_DONE)
+    {
+      easy = msg->easy_handle;
+      res = msg->data.result;
+      curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn);
+      curl_easy_getinfo(easy, CURLINFO_EFFECTIVE_URL, &eff_url);
+      fprintf(MSG_OUT, "\nDONE: %s => (%d) %s", eff_url, res, conn->error);
+      curl_multi_remove_handle(g->multi, easy);
+      free(conn->url);
+      curl_easy_cleanup(easy);
+      free(conn);
+    }
+  }
+}
+
+/* Called by asio when there is an action on a socket */
+static void event_cb(GlobalInfo * g, boost::asio::ip::tcp::socket * tcp_socket, int action)
+{
+  fprintf(MSG_OUT, "\nevent_cb: action=%d", action);
+
+  CURLMcode rc;
+  rc = curl_multi_socket_action(g->multi, tcp_socket->native_handle(), action, &g->still_running);
+
+  mcode_or_die("event_cb: curl_multi_socket_action", rc);
+  check_multi_info(g);
+
+  if ( g->still_running <= 0 )
+  {
+    fprintf(MSG_OUT, "\nlast transfer done, kill timeout");
+    timer.cancel();
+  }
+}
+
+/* Called by asio when our timeout expires */
+static void timer_cb(const boost::system::error_code & error, GlobalInfo *g)
+{
+  if ( !error)
+  {
+    fprintf(MSG_OUT, "\ntimer_cb: ");
+
+    CURLMcode rc;
+    rc = curl_multi_socket_action(g->multi, CURL_SOCKET_TIMEOUT, 0, &g->still_running);
+
+    mcode_or_die("timer_cb: curl_multi_socket_action", rc);
+    check_multi_info(g);
+  }
+}
+
+/* Clean up any data */
+static void remsock(int *f, GlobalInfo *g)
+{
+  fprintf(MSG_OUT, "\nremsock: ");
+
+  if ( f )
+  {
+    free(f);
+  }
+}
+
+static void setsock(int *fdp, curl_socket_t s, CURL*e, int act, GlobalInfo*g)
+{
+  fprintf(MSG_OUT, "\nsetsock: socket=%d, act=%d, fdp=%p", s, act, fdp);
+
+  std::map<curl_socket_t, boost::asio::ip::tcp::socket *>::iterator it = socket_map.find(s);
+
+  if ( it == socket_map.end() )
+  {
+    fprintf(MSG_OUT, "\nsocket %d is a c-ares socket, ignoring", s);
+    return;
+  }
+
+  boost::asio::ip::tcp::socket * tcp_socket = it->second;
+
+  *fdp = act;
+
+  if ( act == CURL_POLL_IN )
+  {
+    fprintf(MSG_OUT, "\nwatching for socket to become readable");
+
+    tcp_socket->async_read_some(boost::asio::null_buffers(),
+                             boost::bind(&event_cb, g,
+                               tcp_socket,
+                               act));
+  }
+  else if ( act == CURL_POLL_OUT )
+  {
+    fprintf(MSG_OUT, "\nwatching for socket to become writable");
+
+    tcp_socket->async_write_some(boost::asio::null_buffers(),
+                              boost::bind(&event_cb, g,
+                                tcp_socket,
+                                act));
+  }
+  else if ( act == CURL_POLL_INOUT )
+  {
+    fprintf(MSG_OUT, "\nwatching for socket to become readable & writable");
+
+    tcp_socket->async_read_some(boost::asio::null_buffers(),
+                             boost::bind(&event_cb, g,
+                               tcp_socket,
+                               act));
+
+    tcp_socket->async_write_some(boost::asio::null_buffers(),
+                              boost::bind(&event_cb, g,
+                                tcp_socket,
+                                act));
+  }
+}
+
+
+static void addsock(curl_socket_t s, CURL *easy, int action, GlobalInfo *g)
+{
+  int *fdp = (int *)calloc(sizeof(int), 1); /* fdp is used to store current action */
+
+  setsock(fdp, s, easy, action, g);
+  curl_multi_assign(g->multi, s, fdp);
+}
+
+/* CURLMOPT_SOCKETFUNCTION */
+static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
+{
+  fprintf(MSG_OUT, "\nsock_cb: socket=%d, what=%d, sockp=%p", s, what, sockp);
+
+  GlobalInfo *g = (GlobalInfo*) cbp;
+  int *actionp = (int*) sockp;
+  const char *whatstr[]={ "none", "IN", "OUT", "INOUT", "REMOVE"};
+
+  fprintf(MSG_OUT,
+          "\nsocket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
+
+  if ( what == CURL_POLL_REMOVE )
+  {
+    fprintf(MSG_OUT, "\n");
+    remsock(actionp, g);
+  }
+  else
+  {
+    if ( !actionp )
+    {
+      fprintf(MSG_OUT, "\nAdding data: %s", whatstr[what]);
+      addsock(s, e, what, g);
+    }
+    else
+    {
+      fprintf(MSG_OUT,
+              "\nChanging action from %s to %s",
+              whatstr[*actionp], whatstr[what]);
+      setsock(actionp, s, e, what, g);
+    }
+  }
+  return 0;
+}
+
+
+/* CURLOPT_WRITEFUNCTION */
+static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data)
+{
+
+  size_t written = size * nmemb;
+  char* pBuffer = (char*)malloc(written + 1);
+
+  strncpy(pBuffer, (const char *)ptr, written);
+  pBuffer [written] = '\0';
+
+  fprintf(MSG_OUT, "%s", pBuffer);
+
+  free(pBuffer);
+
+  return written;
+}
+
+
+/* CURLOPT_PROGRESSFUNCTION */
+static int prog_cb (void *p, double dltotal, double dlnow, double ult,
+                    double uln)
+{
+  ConnInfo *conn = (ConnInfo *)p;
+  (void)ult;
+  (void)uln;
+
+  fprintf(MSG_OUT, "\nProgress: %s (%g/%g)", conn->url, dlnow, dltotal);
+  fprintf(MSG_OUT, "\nProgress: %s (%g)", conn->url, ult);
+
+  return 0;
+}
+
+/* CURLOPT_OPENSOCKETFUNCTION */
+static curl_socket_t opensocket(void *clientp,
+                                curlsocktype purpose,
+                                struct curl_sockaddr *address)
+{
+  fprintf(MSG_OUT, "\nopensocket :");
+
+  curl_socket_t sockfd = CURL_SOCKET_BAD;
+
+  /* restrict to ipv4 */
+  if (purpose == CURLSOCKTYPE_IPCXN && address->family == AF_INET)
+  {
+    /* create a tcp socket object */
+    boost::asio::ip::tcp::socket *tcp_socket = new boost::asio::ip::tcp::socket(io_service);
+
+    /* open it and get the native handle*/
+    boost::system::error_code ec;
+    tcp_socket->open(boost::asio::ip::tcp::v4(), ec);
+
+    if (ec)
+    {
+      //An error occurred
+      std::cout << std::endl << "Couldn't open socket [" << ec << "][" << ec.message() << "]";
+      fprintf(MSG_OUT, "\nERROR: Returning CURL_SOCKET_BAD to signal error");
+    }
+    else
+    {
+      sockfd = tcp_socket->native_handle();
+      fprintf(MSG_OUT, "\nOpened socket %d", sockfd);
+
+      /* save it for monitoring */
+      socket_map.insert(std::pair<curl_socket_t, boost::asio::ip::tcp::socket *>(sockfd, tcp_socket));
+    }
+  }
+
+  return sockfd;
+}
+
+/* CURLOPT_CLOSESOCKETFUNCTION */
+static int closesocket(void *clientp, curl_socket_t item)
+{
+  fprintf(MSG_OUT, "\nclosesocket : %d", item);
+
+  std::map<curl_socket_t, boost::asio::ip::tcp::socket *>::iterator it = socket_map.find(item);
+
+  if ( it != socket_map.end() )
+  {
+    delete it->second;
+    socket_map.erase(it);
+  }
+
+  return 0;
+}
+
+/* Create a new easy handle, and add it to the global curl_multi */
+static void new_conn(char *url, GlobalInfo *g )
+{
+  ConnInfo *conn;
+  CURLMcode rc;
+
+  conn = (ConnInfo *)calloc(1, sizeof(ConnInfo));
+  memset(conn, 0, sizeof(ConnInfo));
+  conn->error[0]='\0';
+
+  conn->easy = curl_easy_init();
+
+  if ( !conn->easy )
+  {
+    fprintf(MSG_OUT, "\ncurl_easy_init() failed, exiting!");
+    exit(2);
+  }
+  conn->global = g;
+  conn->url = strdup(url);
+  curl_easy_setopt(conn->easy, CURLOPT_URL, conn->url);
+  curl_easy_setopt(conn->easy, CURLOPT_WRITEFUNCTION, write_cb);
+  curl_easy_setopt(conn->easy, CURLOPT_WRITEDATA, &conn);
+  curl_easy_setopt(conn->easy, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(conn->easy, CURLOPT_ERRORBUFFER, conn->error);
+  curl_easy_setopt(conn->easy, CURLOPT_PRIVATE, conn);
+  curl_easy_setopt(conn->easy, CURLOPT_NOPROGRESS, 1L);
+  curl_easy_setopt(conn->easy, CURLOPT_PROGRESSFUNCTION, prog_cb);
+  curl_easy_setopt(conn->easy, CURLOPT_PROGRESSDATA, conn);
+  curl_easy_setopt(conn->easy, CURLOPT_LOW_SPEED_TIME, 3L);
+  curl_easy_setopt(conn->easy, CURLOPT_LOW_SPEED_LIMIT, 10L);
+
+  /* call this function to get a socket */
+  curl_easy_setopt(conn->easy, CURLOPT_OPENSOCKETFUNCTION, opensocket);
+
+  /* call this function to close a socket */
+  curl_easy_setopt(conn->easy, CURLOPT_CLOSESOCKETFUNCTION, closesocket);
+
+  fprintf(MSG_OUT,
+          "\nAdding easy %p to multi %p (%s)", conn->easy, g->multi, url);
+  rc = curl_multi_add_handle(g->multi, conn->easy);
+  mcode_or_die("new_conn: curl_multi_add_handle", rc);
+
+  /* note that the add_handle() will set a time-out to trigger very soon so
+     that the necessary socket_action() call will be called by this app */
+}
+
+int main(int argc, char **argv)
+{
+  GlobalInfo g;
+  CURLMcode rc;
+  (void)argc;
+  (void)argv;
+
+  memset(&g, 0, sizeof(GlobalInfo));
+  g.multi = curl_multi_init();
+
+  curl_multi_setopt(g.multi, CURLMOPT_SOCKETFUNCTION, sock_cb);
+  curl_multi_setopt(g.multi, CURLMOPT_SOCKETDATA, &g);
+  curl_multi_setopt(g.multi, CURLMOPT_TIMERFUNCTION, multi_timer_cb);
+  curl_multi_setopt(g.multi, CURLMOPT_TIMERDATA, &g);
+
+  new_conn((char *)"www.google.com", &g);  /* add a URL */
+
+  /* enter io_service run loop */
+  io_service.run();
+
+  curl_multi_cleanup(g.multi);
+
+  fprintf(MSG_OUT, "\ndone.\n");
+  return 0;
+}

docs/examples/certinfo.c

@@ -52,18 +52,24 @@ int main(void)
     res = curl_easy_perform(curl);
 
     if(!res) {
-      struct curl_certinfo *ci = NULL;
+      union {
+        struct curl_slist    *to_info;
+        struct curl_certinfo *to_certinfo;
+      } ptr;
 
-      res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ci);
+      ptr.to_info = NULL;
 
-      if(!res && ci) {
+      res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ptr.to_info);
+
+      if(!res && ptr.to_info) {
         int i;
-        printf("%d certs!\n", ci->num_of_certs);
 
-        for(i=0; i<ci->num_of_certs; i++) {
+        printf("%d certs!\n", ptr.to_certinfo->num_of_certs);
+
+        for(i = 0; i < ptr.to_certinfo->num_of_certs; i++) {
           struct curl_slist *slist;
 
-          for(slist = ci->certinfo[i]; slist; slist = slist->next)
+          for(slist = ptr.to_certinfo->certinfo[i]; slist; slist = slist->next)
             printf("%s\n", slist->data);
 
         }
@@ -71,7 +77,6 @@ int main(void)
 
     }
 
-
     curl_easy_cleanup(curl);
   }
 

docs/examples/cookie_interface.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -89,7 +89,7 @@ main(void)
 #endif
     /* Netscape format cookie */
     snprintf(nline, sizeof(nline), "%s\t%s\t%s\t%s\t%lu\t%s\t%s",
-      ".google.com", "TRUE", "/", "FALSE", time(NULL) + 31337, "PREF", "hello google, i like you very much!");
+      ".google.com", "TRUE", "/", "FALSE", (unsigned long)time(NULL) + 31337UL, "PREF", "hello google, i like you very much!");
     res = curl_easy_setopt(curl, CURLOPT_COOKIELIST, nline);
     if (res != CURLE_OK) {
       fprintf(stderr, "Curl curl_easy_setopt failed: %s\n", curl_easy_strerror(res));

docs/examples/debug.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -130,6 +130,9 @@ int main(void)
     /* the DEBUGFUNCTION has no effect until we enable VERBOSE */
     curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
 
+    /* example.com is redirected, so we tell libcurl to follow redirection */
+    curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+
     curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/");
     res = curl_easy_perform(curl);
     /* Check for errors */

docs/examples/externalsocket.c

@@ -47,6 +47,10 @@
 #define IPADDR "127.0.0.1"
 #define PORTNUM 80
 
+#ifndef INADDR_NONE
+#define INADDR_NONE 0xffffffff
+#endif
+
 static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream)
 {
   int written = fwrite(ptr, size, nmemb, (FILE *)stream);

docs/examples/ftpgetinfo.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -43,8 +43,8 @@ int main(void)
   char ftpurl[] = "ftp://ftp.example.com/gnu/binutils/binutils-2.19.1.tar.bz2";
   CURL *curl;
   CURLcode res;
-  const time_t filetime;
-  const double filesize;
+  long filetime = -1;
+  double filesize = 0.0;
   const char *filename = strrchr(ftpurl, '/') + 1;
 
   curl_global_init(CURL_GLOBAL_DEFAULT);
@@ -67,10 +67,12 @@ int main(void)
     if(CURLE_OK == res) {
       /* http://curl.haxx.se/libcurl/c/curl_easy_getinfo.html */
       res = curl_easy_getinfo(curl, CURLINFO_FILETIME, &filetime);
-      if((CURLE_OK == res) && filetime)
-        printf("filetime %s: %s", filename, ctime(&filetime));
+      if((CURLE_OK == res) && (filetime >= 0)) {
+        time_t file_time = (time_t)filetime;
+        printf("filetime %s: %s", filename, ctime(&file_time));
+      }
       res = curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD, &filesize);
-      if((CURLE_OK == res) && (filesize>0))
+      if((CURLE_OK == res) && (filesize>0.0))
         printf("filesize %s: %0.0f bytes\n", filename, filesize);
     } else {
       /* we failed */

docs/examples/post-callback.c

@@ -58,7 +58,7 @@ int main(void)
   struct WriteThis pooh;
 
   pooh.readptr = data;
-  pooh.sizeleft = strlen(data);
+  pooh.sizeleft = (long)strlen(data);
 
   /* In windows, this will init the winsock stuff */
   res = curl_global_init(CURL_GLOBAL_DEFAULT);

docs/examples/progressfunc.c

@@ -59,7 +59,7 @@ static int progress(void *p,
 int main(void)
 {
   CURL *curl;
-  CURLcode res=0;
+  CURLcode res = CURLE_OK;
   struct myprogress prog;
 
   curl = curl_easy_init();
@@ -74,7 +74,7 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0L);
     res = curl_easy_perform(curl);
 
-    if(res)
+    if(res != CURLE_OK)
       fprintf(stderr, "%s\n", curl_easy_strerror(res));
 
     /* always cleanup */

docs/examples/rtsp.c

@@ -178,7 +178,7 @@ int main(int argc, char * const argv[])
 #endif
   const char *range = "0.000-";
   int rc = EXIT_SUCCESS;
-  char *basename = NULL;
+  char *base_name = NULL;
 
   printf("\nRTSP request %s\n", VERSION_STR);
   printf("    Project web site: http://code.google.com/p/rtsprequest/\n");
@@ -186,20 +186,20 @@ int main(int argc, char * const argv[])
 
   /* check command line */
   if ((argc != 2) && (argc != 3)) {
-    basename = strrchr(argv[0], '/');
-    if (basename == NULL) {
-      basename = strrchr(argv[0], '\\');
+    base_name = strrchr(argv[0], '/');
+    if (base_name == NULL) {
+      base_name = strrchr(argv[0], '\\');
     }
-    if (basename == NULL) {
-      basename = argv[0];
+    if (base_name == NULL) {
+      base_name = argv[0];
     } else {
-      basename++;
+      base_name++;
     }
-    printf("Usage:   %s url [transport]\n", basename);
+    printf("Usage:   %s url [transport]\n", base_name);
     printf("         url of video server\n");
     printf("         transport (optional) specifier for media stream protocol\n");
     printf("         default transport: %s\n", transport);
-    printf("Example: %s rtsp://192.168.0.2/media/video1\n\n", basename);
+    printf("Example: %s rtsp://192.168.0.2/media/video1\n\n", base_name);
     rc = EXIT_FAILURE;
   } else {
     const char *url = argv[1];

docs/examples/simple.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -30,6 +30,8 @@ int main(void)
   curl = curl_easy_init();
   if(curl) {
     curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+    /* example.com is redirected, so we tell libcurl to follow redirection */
+    curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
 
     /* Perform the request, res will get the return code */
     res = curl_easy_perform(curl);

docs/examples/simplessl.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -43,6 +43,7 @@
 
 int main(void)
 {
+  int i;
   CURL *curl;
   CURLcode res;
   FILE *headerfile;
@@ -76,7 +77,7 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_URL, "HTTPS://your.favourite.ssl.site");
     curl_easy_setopt(curl, CURLOPT_WRITEHEADER, headerfile);
 
-    while(1)                    /* do some ugly short cut... */
+    for(i = 0; i < 1; i++) /* single-iteration loop, just to break out from */
     {
       if (pEngine)             /* use crypto engine */
       {
@@ -125,7 +126,7 @@ int main(void)
         fprintf(stderr, "curl_easy_perform() failed: %s\n",
                 curl_easy_strerror(res));
 
-      break;                   /* we are done... */
+      /* we are done... */
     }
     /* always cleanup */
     curl_easy_cleanup(curl);

docs/libcurl/curl_easy_getinfo.3

@@ -162,7 +162,7 @@ method(s) available for your proxy authentication.  (Added in 7.10.8)
 .IP CURLINFO_OS_ERRNO
 Pass a pointer to a long to receive the errno variable from a connect failure.
 Note that the value is only set on failure, it is not reset upon a
-successfull operation.  (Added in 7.12.2)
+successful operation.  (Added in 7.12.2)
 .IP CURLINFO_NUM_CONNECTS
 Pass a pointer to a long to receive how many new connections libcurl had to
 create to achieve the previous transfer (only the successful connects are

docs/libcurl/curl_easy_recv.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -59,8 +59,13 @@ On success, returns \fBCURLE_OK\fP, stores the received data into
 
 On failure, returns the appropriate error code.
 
-If there is no data to read, the function returns \fBCURLE_AGAIN\fP. Use
-your operating system facilities to wait until the data is ready, and retry.
+If there is no data to read, the function returns \fBCURLE_AGAIN\fP. Use your
+operating system facilities to wait until the data is ready, and retry.
+
+Reading exactly 0 bytes would indicate a closed connection.
+
+If there's no socket available to use from the previous transfer, this function
+returns CURLE_UNSUPPORTED_PROTOCOL.
 .SH EXAMPLE
 See \fBsendrecv.c\fP in \fBdocs/examples\fP directory for usage example.
 .SH "SEE ALSO"

docs/libcurl/curl_easy_send.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -57,6 +57,9 @@ sent into \fB*n\fP. Note that this may very well be less than the amount you
 wanted to send.
 
 On failure, returns the appropriate error code.
+
+If there's no socket available to use from the previous transfer, this function
+returns CURLE_UNSUPPORTED_PROTOCOL.
 .SH EXAMPLE
 See \fBsendrecv.c\fP in \fBdocs/examples\fP directory for usage example.
 .SH "SEE ALSO"

docs/libcurl/curl_easy_setopt.3

@@ -2093,11 +2093,12 @@ Resolve to IPv6 addresses.
 .IP CURLOPT_CONNECT_ONLY
 Pass a long. If the parameter equals 1, it tells the library to perform all
 the required proxy authentication and connection setup, but no data transfer.
-This option is useful only on HTTP URLs.
+This option is implemented for HTTP, SMTP and POP3.
 
-This option is useful with the \fICURLINFO_LASTSOCKET\fP option to
-\fIcurl_easy_getinfo(3)\fP. The library can set up the connection and then the
-application can obtain the most recently used socket for special data
+The option can be used to simply test a connection to a server, but is more
+useful when used with the \fICURLINFO_LASTSOCKET\fP option to
+\fIcurl_easy_getinfo(3)\fP as the library can set up the connection and then
+the application can obtain the most recently used socket for special data
 transfers. (Added in 7.15.2)
 .IP CURLOPT_USE_SSL
 Pass a long using one of the values from below, to make libcurl use your
@@ -2259,8 +2260,8 @@ even indicate an accessible file.
 This option is by default set to the system path where libcurl's cacert bundle
 is assumed to be stored, as established at build time.
 
-When built against NSS, this is the directory that the NSS certificate
-database resides in.
+If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
+(libnsspem.so) needs to be available for this option to work properly.
 .IP CURLOPT_ISSUERCERT
 Pass a char * to a zero terminated string naming a file holding a CA
 certificate in PEM format. If the option is set, an additional check against

docs/libcurl/curl_global_init_mem.3

@@ -52,7 +52,7 @@ To replace strdup()
 .IP "void *calloc_callback(size_t nmemb, size_t size);"
 To replace calloc()
 .SH "CAUTION"
-Manipulating these gives considerable powers to the application to severly
+Manipulating these gives considerable powers to the application to severely
 screw things up for libcurl. Take care!
 .SH "SEE ALSO"
 .BR curl_global_init "(3), "

docs/mk-ca-bundle.1

@@ -1,51 +1,70 @@
-.Dd April 27, 2012
-.Dt MK-CA-BUNDLE 1
-.Os
-.Sh NAME
-.Nm mk-ca-bundle
-.Nd create a new ca-bundle.crt from mozilla's certdata.txt
-.Sh SYNOPSIS
-.Nm
-.Op Fl bilnqtuv
-.Or outputfile
-.Sh DESCRIPTION
-The
-.Nm
-tool downloads the certdata.txt file from Mozilla's source tree, then
-parses certdata.txt and extracts CA Root Certificates into PEM format.
-These are then processed with the OpenSSL commandline tool to produce the
-final ca-bundle.crt file.
-.Sh OPTIONS
-The following options are supported by
-.Nm :
-.Bl -tag -width _h
-.It Fl b
-backup an existing version of ca-bundle.crt
-.It Fl i
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 2008 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH mk-ca-bundle 1 "5 Jan 2013" "version 1.17" "mk-ca-bundle manual"
+.SH NAME
+mk-ca-bundle \- convert mozilla's certdata.txt to PEM format
+.SH SYNOPSIS
+mk-ca-bundle [bilnqtuv]
+.I [outputfile]
+.SH DESCRIPTION
+The mk-ca-bundle tool downloads the certdata.txt file from Mozilla's source
+tree over HTTP, then parses certdata.txt and extracts CA Root Certificates
+into PEM format.  These are then processed with the OpenSSL commandline tool
+to produce the final ca-bundle file.
+
+The default \fIoutputfile\fP name is \fBca-bundle.crt\fP. By setting it to '-'
+(a single dash) you will get the output sent to STDOUT instead of a file.
+
+The PEM format this scripts uses for output makes the result readily available
+for use by just about all OpenSSL or GnuTLS powered applications, such as
+curl, wget and more.
+.SH OPTIONS
+The following options are supported:
+.IP -b
+backup an existing version of \fIoutputfilename\fP
+.IP -f
+force rebuild even if certdata.txt is current (Added in version 1.17)
+.IP -i
 print version info about used modules
-.It Fl l
+.IP -l
 print license info about certdata.txt
-.It Fl n
+.IP -n
 no download of certdata.txt (to use existing)
-.It Fl q
+.IP -q
 be really quiet (no progress output at all)
-.It Fl t
+.IP -t
 include plain text listing of certificates
-.It Fl u
+.IP -u
 unlink (remove) certdata.txt after processing
-.It Fl v
+.IP -v
 be verbose and print out processed CAs
-.El
-.Sh EXIT STATUS
-.Ex -std
-.Sh SEE ALSO
-.Xr curl 1
-.Sh HISTORY
-.Nm
-was based on the parse-certs script written by
-.An Roland Krikava
-and hacked by
-.An Guenter Knauf .
-This manual page was written by
-.An Jan Schaumann
-.Aq jschauma@netmeister.org .
+.SH EXIT STATUS
+Returns 0 on success. Returns 1 if it fails to download data.
+.SH SEE ALSO
+.BR curl (1)
+.SH HISTORY
+\fBmk-ca-bundle\fP is a command line tool that is shipped as part of every
+curl and libcurl release (see http://curl.haxx.se/). It was originally based
+on the parse-certs script written by Roland Krikava and was later much
+improved by Guenter Knauf.  This manual page was written by Jan Schaumann
+\&<jschauma@netmeister.org>.

include/curl/curlbuild.h.in

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -151,6 +151,13 @@
 #  include <sys/socket.h>
 #endif
 
+/* Configure process defines this to 1 when it finds out that system  */
+/* header file sys/poll.h must be included by the external interface. */
+#undef CURL_PULL_SYS_POLL_H
+#ifdef CURL_PULL_SYS_POLL_H
+#  include <sys/poll.h>
+#endif
+
 /* The size of `long', as computed by sizeof. */
 #undef CURL_SIZEOF_LONG
 

include/curl/curlrules.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -190,7 +190,7 @@ typedef char
  * CURL_ISOCPP and CURL_OFF_T_C definitions are done here in order to allow
  * these to be visible and exported by the external libcurl interface API,
  * while also making them visible to the library internals, simply including
- * setup.h, without actually needing to include curl.h internally.
+ * curl_setup.h, without actually needing to include curl.h internally.
  * If some day this section would grow big enough, all this should be moved
  * to its own header file.
  */
@@ -248,6 +248,7 @@ typedef char
 #undef CURL_PULL_WS2TCPIP_H
 #undef CURL_PULL_SYS_TYPES_H
 #undef CURL_PULL_SYS_SOCKET_H
+#undef CURL_PULL_SYS_POLL_H
 #undef CURL_PULL_STDINT_H
 #undef CURL_PULL_INTTYPES_H
 

include/curl/curlver.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -26,17 +26,17 @@
    a script at release-time. This was made its own header file in 7.11.2 */
 
 /* This is the global package copyright */
-#define LIBCURL_COPYRIGHT "1996 - 2012 Daniel Stenberg, <daniel@haxx.se>."
+#define LIBCURL_COPYRIGHT "1996 - 2013 Daniel Stenberg, <daniel@haxx.se>."
 
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "7.28.1-DEV"
+#define LIBCURL_VERSION "7.28.2-DEV"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 7
 #define LIBCURL_VERSION_MINOR 28
-#define LIBCURL_VERSION_PATCH 1
+#define LIBCURL_VERSION_PATCH 2
 
 /* This is the numeric version of the libcurl version number, meant for easier
    parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
@@ -53,7 +53,7 @@
    and it is always a greater number in a more recent release. It makes
    comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x071c01
+#define LIBCURL_VERSION_NUM 0x071c02
 
 /*
  * This is the date and time when the full source package was created. The

lib/Makefile.Watcom

@@ -89,7 +89,7 @@ ZLIB_ROOT = ..$(DS)..$(DS)zlib-1.2.7
 !ifdef %libssh2_root
 LIBSSH2_ROOT = $(%libssh2_root)
 !else
-LIBSSH2_ROOT = ..$(DS)..$(DS)libssh2-1.4.2
+LIBSSH2_ROOT = ..$(DS)..$(DS)libssh2-1.4.3
 !endif
 
 !ifdef %librtmp_root

lib/Makefile.am

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -30,15 +30,15 @@ DOCS = README.encoding README.memoryleak README.ares README.curlx	\
 
 CMAKE_DIST = CMakeLists.txt curl_config.h.cmake
 
-EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 $(DSP)              \
- vc6libcurl.dsw config-win32.h config-win32ce.h config-riscos.h         \
- config-mac.h curl_config.h.in makefile.dj config-dos.h libcurl.plist   \
- libcurl.rc config-amigaos.h makefile.amiga                             \
- Makefile.netware nwlib.c nwos.c msvcproj.head msvcproj.foot		\
- config-win32ce.h config-os400.h setup-os400.h config-symbian.h		\
- Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ) mk-ca-bundle.pl		\
- mk-ca-bundle.vbs firefox-db2pem.sh $(CMAKE_DIST) config-vxworks.h	\
- Makefile.vxworks config-vms.h checksrc.pl
+EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 $(DSP)		\
+ vc6libcurl.dsw config-win32.h config-win32ce.h config-riscos.h		\
+ config-mac.h curl_config.h.in makefile.dj config-dos.h libcurl.plist	\
+ libcurl.rc config-amigaos.h makefile.amiga Makefile.netware nwlib.c	\
+ nwos.c msvcproj.head msvcproj.foot config-win32ce.h config-os400.h	\
+ setup-os400.h config-symbian.h Makefile.Watcom config-tpf.h $(DOCS)	\
+ $(VCPROJ) mk-ca-bundle.pl mk-ca-bundle.vbs firefox-db2pem.sh		\
+ $(CMAKE_DIST) config-vxworks.h Makefile.vxworks checksrc.pl		\
+ objnames-test08.sh objnames-test10.sh objnames.inc
 
 CLEANFILES = $(DSP) $(VCPROJ)
 
@@ -56,10 +56,10 @@ CFLAG_CURL_SYMBOL_HIDING = @CFLAG_CURL_SYMBOL_HIDING@
 # might possibly already be installed in the system.
 #
 # $(top_builddir)/include/curl for generated curlbuild.h included from curl.h
-# $(top_builddir)/include for generated curlbuild.h included from lib/setup.h
+# $(top_builddir)/include for generated curlbuild.h inc. from lib/curl_setup.h
 # $(top_srcdir)/include is for libcurl's external include files
 # $(top_builddir)/lib is for libcurl's generated lib/curl_config.h file
-# $(top_srcdir)/lib is for libcurl's lib/setup.h and other "private" files
+# $(top_srcdir)/lib for libcurl's lib/curl_setup.h and other "private" files
 # $(top_builddir)/ares is for in-tree c-ares's generated ares_build.h file
 # $(top_srcdir)/ares is for in-tree c-ares's external include files
 
@@ -132,6 +132,9 @@ if VERSIONED_SYMBOLS
 VERSIONED_SYMBOLS = -Wl,--version-script=libcurl.vers
 endif
 
+# Prevent LIBS from being used for all link targets
+LIBS = $(BLANK_AT_MAKETIME)
+
 libcurl_la_LDFLAGS = $(UNDEF) $(VERSIONINFO) $(MIMPURE) $(VERSIONED_SYMBOLS) $(LIBCURL_LIBS)
 
 if DOING_CURL_SYMBOL_HIDING

lib/Makefile.inc

@@ -23,8 +23,9 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c	\
   curl_rtmp.c openldap.c curl_gethostname.c gopher.c axtls.c		\
   idn_win32.c http_negotiate_sspi.c cyassl.c http_proxy.c non-ascii.c	\
   asyn-ares.c asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c	\
-  curl_ntlm_core.c curl_ntlm_msgs.c curl_sasl.c curl_schannel.c	\
-  curl_multibyte.c curl_darwinssl.c hostcheck.c
+  curl_ntlm_core.c curl_ntlm_msgs.c curl_sasl.c curl_schannel.c	        \
+  curl_multibyte.c curl_darwinssl.c hostcheck.c                         \
+  bundles.c conncache.c
 
 HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h	\
   progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h	\
@@ -33,13 +34,14 @@ HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h	\
   curl_fnmatch.h wildcard.h fileinfo.h ftplistparser.h strtok.h		\
   connect.h llist.h hash.h content_encoding.h share.h curl_md4.h	\
   curl_md5.h http_digest.h http_negotiate.h inet_pton.h amigaos.h	\
-  strtoofft.h strerror.h inet_ntop.h curlx.h curl_memory.h setup.h	\
+  strtoofft.h strerror.h inet_ntop.h curlx.h curl_memory.h curl_setup.h	\
   transfer.h select.h easyif.h multiif.h parsedate.h sslgen.h gtls.h	\
-  tftp.h sockaddr.h splay.h strdup.h setup_once.h socks.h ssh.h nssg.h	\
+  tftp.h sockaddr.h splay.h strdup.h socks.h ssh.h nssg.h		\
   curl_base64.h rawstr.h curl_addrinfo.h curl_sspi.h slist.h nonblock.h	\
   curl_memrchr.h imap.h pop3.h smtp.h pingpong.h rtsp.h curl_threads.h	\
   warnless.h curl_hmac.h polarssl.h curl_rtmp.h curl_gethostname.h	\
   gopher.h axtls.h cyassl.h http_proxy.h non-ascii.h asyn.h curl_ntlm.h	\
   curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h curl_ntlm_msgs.h	\
-  curl_sasl.h curl_schannel.h curl_multibyte.h curl_darwinssl.h	\
-  hostcheck.h
+  curl_sasl.h curl_schannel.h curl_multibyte.h curl_darwinssl.h	        \
+  hostcheck.h bundles.h conncache.h curl_setup_once.h multihandle.h     \
+  setup-vms.h

lib/Makefile.m32

@@ -22,7 +22,7 @@ OPENSSL_PATH = ../../openssl-0.9.8x
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-1.4.2
+LIBSSH2_PATH = ../../libssh2-1.4.3
 endif
 # Edit the path below to point to the base of your librtmp package.
 ifndef LIBRTMP_PATH

lib/Makefile.netware

@@ -24,7 +24,7 @@ endif
 
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-1.4.2
+LIBSSH2_PATH = ../../libssh2-1.4.3
 endif
 
 # Edit the path below to point to the base of your axTLS package.

lib/Makefile.vc6

@@ -69,7 +69,7 @@ OPENSSL_PATH   = ../../openssl-0.9.8x
 !ENDIF
 
 !IFNDEF LIBSSH2_PATH
-LIBSSH2_PATH   = ../../libssh2-1.4.2
+LIBSSH2_PATH   = ../../libssh2-1.4.3
 !ENDIF
 
 !IFNDEF ZLIB_PATH
@@ -497,6 +497,8 @@ X_OBJS= \
 	$(DIROBJ)\asyn-ares.obj \
 	$(DIROBJ)\asyn-thread.obj \
 	$(DIROBJ)\base64.obj \
+	$(DIROBJ)\bundles.obj \
+	$(DIROBJ)\conncache.obj \
 	$(DIROBJ)\connect.obj \
 	$(DIROBJ)\content_encoding.obj \
 	$(DIROBJ)\cookie.obj \
@@ -531,6 +533,7 @@ X_OBJS= \
 	$(DIROBJ)\hash.obj \
 	$(DIROBJ)\hmac.obj \
 	$(DIROBJ)\hostasyn.obj \
+	$(DIROBJ)\hostcheck.obj \
 	$(DIROBJ)\hostip.obj \
 	$(DIROBJ)\hostip4.obj \
 	$(DIROBJ)\hostip6.obj \

lib/README.hostip

@@ -32,4 +32,4 @@
  hostip6.c  - ipv6-specific functions
 
  The hostip.h is the single united header file for all this. It defines the
- CURLRES_* defines based on the config*.h and setup.h defines.
+ CURLRES_* defines based on the config*.h and curl_setup.h defines.

lib/amigaos.c

@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #if defined(__AMIGA__) && !defined(__ixemul__)
 

lib/amigaos.h

@@ -21,7 +21,7 @@
  * KIND, either express or implied.
  *
  ***************************************************************************/
-#include "setup.h"
+#include "curl_setup.h"
 
 #if defined(__AMIGA__) && !defined(__ixemul__)
 

lib/asyn-ares.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -20,14 +20,11 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef HAVE_LIMITS_H
 #include <limits.h>
 #endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
 #ifdef HAVE_NETINET_IN_H
 #include <netinet/in.h>
 #endif
@@ -37,9 +34,6 @@
 #ifdef HAVE_ARPA_INET_H
 #include <arpa/inet.h>
 #endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>     /* for the close() proto */
-#endif
 #ifdef __VMS
 #include <in.h>
 #include <inet.h>
@@ -213,12 +207,12 @@ static void destroy_async_data (struct Curl_async *async)
 }
 
 /*
- * Curl_resolver_fdset() is called when someone from the outside world (using
- * curl_multi_fdset()) wants to get our fd_set setup and we're talking with
- * ares. The caller must make sure that this function is only called when we
- * have a working ares channel.
+ * Curl_resolver_getsock() is called when someone from the outside world
+ * (using curl_multi_fdset()) wants to get our fd_set setup and we're talking
+ * with ares. The caller must make sure that this function is only called when
+ * we have a working ares channel.
  *
- * Returns: CURLE_OK always!
+ * Returns: sockets-in-use-bitmap
  */
 
 int Curl_resolver_getsock(struct connectdata *conn,

lib/asyn-thread.c

@@ -20,11 +20,8 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
 #ifdef HAVE_NETINET_IN_H
 #include <netinet/in.h>
 #endif
@@ -34,9 +31,6 @@
 #ifdef HAVE_ARPA_INET_H
 #include <arpa/inet.h>
 #endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>     /* for the close() proto */
-#endif
 #ifdef __VMS
 #include <in.h>
 #include <inet.h>

lib/asyn.h

@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 #include "curl_addrinfo.h"
 
 struct addrinfo;

lib/axtls.c

@@ -26,16 +26,12 @@
  * but sslgen.c should ever call or use these functions.
  */
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef USE_AXTLS
 #include <axTLS/ssl.h>
 #include "axtls.h"
 
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
 #include "sendf.h"
 #include "inet_pton.h"
 #include "sslgen.h"

lib/axtls.h

@@ -1,5 +1,5 @@
-#ifndef __AXTLS_H
-#define __AXTLS_H
+#ifndef HEADER_CURL_AXTLS_H
+#define HEADER_CURL_AXTLS_H
 /***************************************************************************
  *                                  _   _ ____  _
  *  Project                     ___| | | |  _ \| |
@@ -59,4 +59,5 @@ int Curl_axtls_check_cxn(struct connectdata *conn);
 #define curlssl_data_pending(x,y) (x=x, y=y, 0)
 
 #endif /* USE_AXTLS */
-#endif
+#endif /* HEADER_CURL_AXTLS_H */
+

lib/base64.c

@@ -22,7 +22,7 @@
 
 /* Base64 encoding/decoding */
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>

lib/bundles.c

@@ -0,0 +1,110 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 2012, Linus Nielsen Feltzing, <linus@haxx.se>
+ * Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+#include "curl_setup.h"
+
+#include <curl/curl.h>
+
+#include "urldata.h"
+#include "url.h"
+#include "progress.h"
+#include "multiif.h"
+#include "bundles.h"
+#include "sendf.h"
+#include "rawstr.h"
+
+#include "curl_memory.h"
+/* The last #include file should be: */
+#include "memdebug.h"
+
+static void conn_llist_dtor(void *user, void *element)
+{
+  struct connectdata *data = element;
+  (void)user;
+
+  data->bundle = NULL;
+}
+
+CURLcode Curl_bundle_create(struct SessionHandle *data,
+                            struct connectbundle **cb_ptr)
+{
+  (void)data;
+  DEBUGASSERT(*cb_ptr == NULL);
+  *cb_ptr = malloc(sizeof(struct connectbundle));
+  if(!*cb_ptr)
+    return CURLE_OUT_OF_MEMORY;
+
+  (*cb_ptr)->num_connections = 0;
+  (*cb_ptr)->server_supports_pipelining = FALSE;
+
+  (*cb_ptr)->conn_list = Curl_llist_alloc((curl_llist_dtor) conn_llist_dtor);
+  if(!(*cb_ptr)->conn_list) {
+    Curl_safefree(*cb_ptr);
+    return CURLE_OUT_OF_MEMORY;
+  }
+  return CURLE_OK;
+}
+
+void Curl_bundle_destroy(struct connectbundle *cb_ptr)
+{
+  if(!cb_ptr)
+    return;
+
+  if(cb_ptr->conn_list) {
+    Curl_llist_destroy(cb_ptr->conn_list, NULL);
+    cb_ptr->conn_list = NULL;
+  }
+  Curl_safefree(cb_ptr);
+}
+
+/* Add a connection to a bundle */
+CURLcode Curl_bundle_add_conn(struct connectbundle *cb_ptr,
+                              struct connectdata *conn)
+{
+  if(!Curl_llist_insert_next(cb_ptr->conn_list, cb_ptr->conn_list->tail, conn))
+    return CURLE_OUT_OF_MEMORY;
+
+  conn->bundle = cb_ptr;
+
+  cb_ptr->num_connections++;
+  return CURLE_OK;
+}
+
+/* Remove a connection from a bundle */
+int Curl_bundle_remove_conn(struct connectbundle *cb_ptr,
+                            struct connectdata *conn)
+{
+  struct curl_llist_element *curr;
+
+  curr = cb_ptr->conn_list->head;
+  while(curr) {
+    if(curr->ptr == conn) {
+      Curl_llist_remove(cb_ptr->conn_list, curr, NULL);
+      cb_ptr->num_connections--;
+      conn->bundle = NULL;
+      return 1; /* we removed a handle */
+    }
+    curr = curr->next;
+  }
+  return 0;
+}

lib/bundles.h

@@ -0,0 +1,45 @@
+#ifndef HEADER_CURL_BUNDLES_H
+#define HEADER_CURL_BUNDLES_H
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 2012, Linus Nielsen Feltzing, <linus@haxx.se>
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+struct connectbundle {
+  bool server_supports_pipelining; /* TRUE if server supports pipelining,
+                                      set after first response */
+  size_t num_connections;       /* Number of connections in the bundle */
+  struct curl_llist *conn_list; /* The connectdata members of the bundle */
+};
+
+CURLcode Curl_bundle_create(struct SessionHandle *data,
+                            struct connectbundle **cb_ptr);
+
+void Curl_bundle_destroy(struct connectbundle *cb_ptr);
+
+CURLcode Curl_bundle_add_conn(struct connectbundle *cb_ptr,
+                              struct connectdata *conn);
+
+int Curl_bundle_remove_conn(struct connectbundle *cb_ptr,
+                            struct connectdata *conn);
+
+
+#endif /* HEADER_CURL_BUNDLES_H */
+

lib/config-dos.h

@@ -1,5 +1,5 @@
-#ifndef HEADER_CONFIG_DOS_H
-#define HEADER_CONFIG_DOS_H
+#ifndef HEADER_CURL_CONFIG_DOS_H
+#define HEADER_CURL_CONFIG_DOS_H
 /***************************************************************************
  *                                  _   _ ____  _
  *  Project                     ___| | | |  _ \| |
@@ -188,5 +188,5 @@
 #undef word
 #undef byte
 
-#endif /* HEADER_CONFIG_DOS_H */
+#endif /* HEADER_CURL_CONFIG_DOS_H */
 

lib/config-vms.h

@@ -1,398 +0,0 @@
-#ifndef HEADER_CONFIG_VMS_H
-#define HEADER_CONFIG_VMS_H
-/***************************************************************************
- *                                  _   _ ____  _
- *  Project                     ___| | | |  _ \| |
- *                             / __| | | | |_) | |
- *                            | (__| |_| |  _ <| |___
- *                             \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at http://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-/*                                                                         */
-/* MSK, 02/05/04, Hand edited for trail build on Alpha V7.3, DEC C 6.5-003 */
-/* MSK, 03/09/04, Seems to work for all platforms I've built on so far.    */
-/*      Added HAVE_SYS_IOCTL_H define                                      */
-/* TES, 10/06/04, Added MAX_INITIAL_POST_SIZE, HAVE_BASENAME               */
-/* MSK, 02/02/05, Changed HAVE_TERMIOS_H to an undef since the change in   */
-/*                getpass.c no longer undef'd it during compile.           */
-/* MSK, 02/08/05, turned two config-vms files into one by using USE_SSLEAY */
-/* MPZ, 12/28/05, changed HAVE_STRTOK_R define to use CRTL_VER             */
-/* MSK, 01/27/07, needed to add HAVE_STRUCT_TIMEVAL define                 */
-
-/* Define cpu-machine-OS */
-#if defined(__alpha)
-#  define OS "ALPHA-HP-VMS"
-#elif defined(__vax)
-#  define OS "VAX-HP-VMS"
-#elif defined(__ia64)
-#  define OS "IA64-HP-VMS"
-#else
-#  define OS "UNKNOWN-HP-VMS"
-#endif
-
-/* Define if you have the ANSI C header files.  */
-#define STDC_HEADERS 1
-
-/* Define if you can safely include both <sys/time.h> and <time.h>.  */
-#define TIME_WITH_SYS_TIME 1
-
-/* The size of `int', as computed by sizeof. */
-#define SIZEOF_INT 4
-
-/* The size of `long double', as computed by sizeof. */
-#define SIZEOF_LONG_DOUBLE 8
-
-/* The size of `long long', as computed by sizeof. */
-#define SIZEOF_LONG_LONG 8
-
-/* The size of `short', as computed by sizeof. */
-#define SIZEOF_SHORT 2
-
-/* The size of `size_t', as computed by sizeof. */
-#define SIZEOF_SIZE_T 4
-
-/* Define if you have the alarm function.  */
-#define HAVE_ALARM 1
-
-/* Define if you have the geteuid function.  */
-#define HAVE_GETEUID 1
-
-/* Define if you have the basename function. */
-#define HAVE_BASENAME 1
-
-/* Define if you have the gethostbyaddr function.  */
-#define HAVE_GETHOSTBYADDR 1
-
-/* Define if you have the gethostname function.  */
-#define HAVE_GETHOSTNAME 1
-
-/* Define if you have the getpwuid function.  */
-#define HAVE_GETPWUID 1
-
-/* Define if you have the getservbyname function.  */
-#define HAVE_GETSERVBYNAME 1
-
-/* Define if you have the gettimeofday function.  */
-#define HAVE_GETTIMEOFDAY 1
-
-/* Define if you have the inet_addr function.  */
-#define HAVE_INET_ADDR 1
-
-/* Define if you have the ioctl function. */
-#define HAVE_IOCTL 1
-
-/* Define if you have a working ioctl FIONBIO function. */
-#define HAVE_IOCTL_FIONBIO 1
-
-/* Define if you have a working ioctl SIOCGIFADDR function. */
-#define HAVE_IOCTL_SIOCGIFADDR 1
-
-/* Define if you have the perror function.  */
-#define HAVE_PERROR 1
-
-/* Define if you have the select function.  */
-#define HAVE_SELECT 1
-
-/* Define if you have the setvbuf function.  */
-#define HAVE_SETVBUF 1
-
-/* Define if you have the sigaction function.  */
-#define HAVE_SIGACTION 1
-
-/* Define if you have the signal function.  */
-#define HAVE_SIGNAL 1
-
-/* Define if you have the socket function.  */
-#define HAVE_SOCKET 1
-
-/* Define if you have the strcasecmp function.  */
-#define HAVE_STRCASECMP 1
-
-/* Define if you have the strcmpi function.  */
-/* #define HAVE_STRCMPI 1 */
-
-/* Define if you have the strdup function.  */
-#define HAVE_STRDUP 1
-
-/* Define if you have the strftime function.  */
-#define HAVE_STRFTIME 1
-
-/* Define if you have the stricmp function.  */
-/* #define HAVE_STRICMP 1 */
-
-/* Define if you have the strstr function.  */
-#define HAVE_STRSTR 1
-
-/* Define if you have the ftruncate function. */
-#define HAVE_FTRUNCATE 1
-
-/* Define if you have the uname function.  */
-#define HAVE_UNAME 1
-
-/* Define if you have the <errno.h> header file.  */
-#define HAVE_ERRNO_H 1
-
-/* Define if you have the <err.h> header file.  */
-#define HAVE_ERR_H 1
-
-/* Define if you have the <fcntl.h> header file.  */
-#define HAVE_FCNTL_H 1
-
-/* Define if you have the <getopt.h> header file.  */
-#define HAVE_GETOPT_H 1
-
-/* Define if you have the <malloc.h> header file.  */
-#define HAVE_MALLOC_H 1
-
-/* Define if you need the malloc.h header header file even with stdlib.h  */
-/* #define NEED_MALLOC_H 1 */
-
-/* Define if you have the <net/if.h> header file.  */
-#define HAVE_NET_IF_H 1
-
-/* Define if you have the <netdb.h> header file.  */
-#define HAVE_NETDB_H 1
-
-/* Define if you have the <netinet/if_ether.h> header file.  */
-#define HAVE_NETINET_IF_ETHER_H 1
-
-/* Define if you have the <netinet/in.h> header file.  */
-#define HAVE_NETINET_IN_H 1
-
-/* OpenSSL section starts here */
-
-/* Define if you have a working OpenSSL installation */
-#ifdef USE_SSLEAY
-
-/* if OpenSSL is in use */
-#define USE_OPENSSL 1
-
-/* Define if you have the crypto library (-lcrypto).  */
-#define HAVE_LIBCRYPTO 1
-
-/* Define if you have the ssl library (-lssl).  */
-#define HAVE_LIBSSL 1
-
-/* Define if you have the <openssl/crypto.h> header file.  */
-#define HAVE_OPENSSL_CRYPTO_H 1
-
-/* Define if you have the <openssl/err.h> header file.  */
-#define HAVE_OPENSSL_ERR_H 1
-
-/* Define if you have the <openssl/pem.h> header file.  */
-#define HAVE_OPENSSL_PEM_H 1
-
-/* Define if you have the <openssl/rsa.h> header file.  */
-#define HAVE_OPENSSL_RSA_H 1
-
-/* Define if you have the <openssl/ssl.h> header file.  */
-#define HAVE_OPENSSL_SSL_H 1
-
-/* Define if you have the <openssl/x509.h> header file.  */
-#define HAVE_OPENSSL_X509_H 1
-
-/*
- * This needs to be defined for OpenSSL 0.9.7 and other versions that have the
- * ENGINE stuff supported. If an include of "openssl/engine.h" fails, then
- * undefine the define below.
-*/
-#define HAVE_OPENSSL_ENGINE_H 1
-
-#endif /* USE_SSLEAY */
-/* OpenSSL section ends here */
-
-/* Define if you have the <pwd.h> header file.  */
-#define HAVE_PWD_H 1
-
-/* Define if you have the <sgtty.h> header file.  */
-#define HAVE_SGTTY_H 1
-
-/* Define if you have the <stdlib.h> header file.  */
-#define HAVE_STDLIB_H 1
-
-/* Define if you have the <sys/socket.h> header file.  */
-#define HAVE_SYS_SOCKET_H 1
-
-/* Define if you have the <sys/stat.h> header file.  */
-#define HAVE_SYS_STAT_H 1
-
-/* Define if you have the <sys/time.h> header file.  */
-#define HAVE_SYS_TIME_H 1
-
-/* Define if you have the <sys/types.h> header file.  */
-#define HAVE_SYS_TYPES_H 1
-
-/* Define if you have the <termios.h> header file.  */
-#undef HAVE_TERMIOS_H
-
-/* Define if you have the <time.h> header file.  */
-#define HAVE_TIME_H 1
-
-/* Define if you have the <unistd.h> header file.  */
-#define HAVE_UNISTD_H 1
-
-/* Define if you have the resolv library (-lresolv).  */
-#define HAVE_LIBRESOLV 1
-
-/* Define if you have the socket library (-lsocket).  */
-#define HAVE_LIBSOCKET 1
-
-/* Define if getaddrinfo exists and works */
-#define HAVE_GETADDRINFO 1
-
-/* Define if you have the <timeval.h> header file.  */
-#define HAVE_TIMEVAL_H 1
-
-/* Define if you have the timeval struct.  */
-#define HAVE_STRUCT_TIMEVAL 1
-
-/* Name of this package! */
-#define PACKAGE "not-used"
-
-/* Version number of this archive. */
-#define VERSION "not-used"
-
-/* Define if you have the getpass function.  */
-#undef HAVE_GETPASS
-
-/* Define if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define if you have the <strings.h> header file. */
-#define HAVE_STRINGS_H 1
-
-/* Define if you have the <string.h> header file. */
-#define HAVE_STRING_H 1
-
-/* Define if you have the `strtok_r' function.  */
-/* Condition lifted from <string.h>             */
-#if __CRTL_VER >= 70301000
-#  define HAVE_STRTOK_R 1
-#endif
-
-/* Define if you have the `strtoll' function. */
-#define HAVE_STRTOLL 1
-
-/* Define if you have the <memory.h> header file. */
-#define HAVE_MEMORY_H 1
-
-/* Define to 1 if you need the memory.h header file even with stdlib.h */
-#define NEED_MEMORY_H 1
-
-/* Define if you have the `sigsetjmp' function. */
-#define HAVE_SIGSETJMP 1
-
-/* Define to 1 if you have the <setjmp.h> header file. */
-#define HAVE_SETJMP_H 1
-
-/* Define to 1 if you have the <limits.h> header file. */
-#define HAVE_LIMITS_H 1
-
-/* Define to 1 if you have the <sys/ioctl.h> header file. */
-#define HAVE_SYS_IOCTL_H 1
-
-/* Define to 1 if you have the <stropts.h> header file. */
-#define HAVE_STROPTS_H 1
-
-/* Define if you have the getnameinfo function. */
-#define HAVE_GETNAMEINFO 1
-
-/* Define to the type qualifier of arg 1 for getnameinfo. */
-#define GETNAMEINFO_QUAL_ARG1 const
-
-/* Define to the type of arg 1 for getnameinfo. */
-#define GETNAMEINFO_TYPE_ARG1 struct sockaddr *
-
-/* Define to the type of arg 2 for getnameinfo. */
-#define GETNAMEINFO_TYPE_ARG2 size_t
-
-/* Define to the type of args 4 and 6 for getnameinfo. */
-#define GETNAMEINFO_TYPE_ARG46 size_t
-
-/* Define to the type of arg 7 for getnameinfo. */
-#define GETNAMEINFO_TYPE_ARG7 int
-
-/* Define if you have the recv function. */
-#define HAVE_RECV 1
-
-/* Define to the type of arg 1 for recv. */
-#define RECV_TYPE_ARG1 int
-
-/* Define to the type of arg 2 for recv. */
-#define RECV_TYPE_ARG2 void *
-
-/* Define to the type of arg 3 for recv. */
-#define RECV_TYPE_ARG3 int
-
-/* Define to the type of arg 4 for recv. */
-#define RECV_TYPE_ARG4 int
-
-/* Define to the function return type for recv. */
-#define RECV_TYPE_RETV int
-
-/* Define if you have the recvfrom function. */
-#define HAVE_RECVFROM 1
-
-/* Define to the type of arg 1 for recvfrom. */
-#define RECVFROM_TYPE_ARG1 int
-
-/* Define to the type pointed by arg 2 for recvfrom. */
-#define RECVFROM_TYPE_ARG2 void
-
-/* Define if the type pointed by arg 2 for recvfrom is void. */
-#define RECVFROM_TYPE_ARG2_IS_VOID 1
-
-/* Define to the type of arg 3 for recvfrom. */
-#define RECVFROM_TYPE_ARG3 int
-
-/* Define to the type of arg 4 for recvfrom. */
-#define RECVFROM_TYPE_ARG4 int
-
-/* Define to the type pointed by arg 5 for recvfrom. */
-#define RECVFROM_TYPE_ARG5 struct sockaddr
-
-/* Define to the type pointed by arg 6 for recvfrom. */
-#define RECVFROM_TYPE_ARG6 int
-
-/* Define to the function return type for recvfrom. */
-#define RECVFROM_TYPE_RETV int
-
-/* Define if you have the send function. */
-#define HAVE_SEND 1
-
-/* Define to the type of arg 1 for send. */
-#define SEND_TYPE_ARG1 int
-
-/* Define to the type qualifier of arg 2 for send. */
-#define SEND_QUAL_ARG2 const
-
-/* Define to the type of arg 2 for send. */
-#define SEND_TYPE_ARG2 void *
-
-/* Define to the type of arg 3 for send. */
-#define SEND_TYPE_ARG3 int
-
-/* Define to the type of arg 4 for send. */
-#define SEND_TYPE_ARG4 int
-
-/* Define to the function return type for send. */
-#define SEND_TYPE_RETV int
-
-/* Define to hide dollar sign from compilers in strict ansi mode. */
-#define decc_translate_vms(__s) decc$translate_vms(__s)
-
-#endif /* HEADER_CONFIG_VMS_H */

lib/conncache.c

@@ -0,0 +1,282 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 2012, Linus Nielsen Feltzing, <linus@haxx.se>
+ * Copyright (C) 2012 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+#include "curl_setup.h"
+
+#include <curl/curl.h>
+
+#include "urldata.h"
+#include "url.h"
+#include "progress.h"
+#include "multiif.h"
+#include "sendf.h"
+#include "rawstr.h"
+#include "bundles.h"
+#include "conncache.h"
+
+#include "curl_memory.h"
+/* The last #include file should be: */
+#include "memdebug.h"
+
+#define CONNECTION_HASH_SIZE 97
+
+static void free_bundle_hash_entry(void *freethis)
+{
+  struct connectbundle *b = (struct connectbundle *) freethis;
+
+  Curl_bundle_destroy(b);
+}
+
+struct conncache *Curl_conncache_init(void)
+{
+  struct conncache *connc;
+
+  connc = calloc(1, sizeof(struct conncache));
+  if(!connc)
+    return NULL;
+
+  connc->hash = Curl_hash_alloc(CONNECTION_HASH_SIZE, Curl_hash_str,
+                                Curl_str_key_compare, free_bundle_hash_entry);
+
+  if(!connc->hash) {
+    free(connc);
+    return NULL;
+  }
+
+  return connc;
+}
+
+void Curl_conncache_destroy(struct conncache *connc)
+{
+  if(connc) {
+    Curl_hash_destroy(connc->hash);
+    connc->hash = NULL;
+    free(connc);
+  }
+}
+
+struct connectbundle *Curl_conncache_find_bundle(struct conncache *connc,
+                                                 char *hostname)
+{
+  struct connectbundle *bundle = NULL;
+
+  if(connc)
+    bundle = Curl_hash_pick(connc->hash, hostname, strlen(hostname)+1);
+
+  return bundle;
+}
+
+static bool conncache_add_bundle(struct conncache *connc,
+                                 char *hostname,
+                                 struct connectbundle *bundle)
+{
+  void *p;
+
+  p = Curl_hash_add(connc->hash, hostname, strlen(hostname)+1, bundle);
+
+  return p?TRUE:FALSE;
+}
+
+static void conncache_remove_bundle(struct conncache *connc,
+                                    struct connectbundle *bundle)
+{
+  struct curl_hash_iterator iter;
+  struct curl_hash_element *he;
+
+  if(!connc)
+    return;
+
+  Curl_hash_start_iterate(connc->hash, &iter);
+
+  he = Curl_hash_next_element(&iter);
+  while(he) {
+    if(he->ptr == bundle) {
+      /* The bundle is destroyed by the hash destructor function,
+         free_bundle_hash_entry() */
+      Curl_hash_delete(connc->hash, he->key, he->key_len);
+      return;
+    }
+
+    he = Curl_hash_next_element(&iter);
+  }
+}
+
+CURLcode Curl_conncache_add_conn(struct conncache *connc,
+                                 struct connectdata *conn)
+{
+  CURLcode result;
+  struct connectbundle *bundle;
+  struct connectbundle *new_bundle = NULL;
+  struct SessionHandle *data = conn->data;
+
+  bundle = Curl_conncache_find_bundle(data->state.conn_cache,
+                                      conn->host.name);
+  if(!bundle) {
+    result = Curl_bundle_create(data, &new_bundle);
+    if(result != CURLE_OK)
+      return result;
+
+    if(!conncache_add_bundle(data->state.conn_cache,
+                             conn->host.name, new_bundle)) {
+      Curl_bundle_destroy(new_bundle);
+      return CURLE_OUT_OF_MEMORY;
+    }
+    bundle = new_bundle;
+  }
+
+  result = Curl_bundle_add_conn(bundle, conn);
+  if(result != CURLE_OK) {
+    if(new_bundle)
+      conncache_remove_bundle(data->state.conn_cache, new_bundle);
+    return result;
+  }
+
+  connc->num_connections++;
+
+  return CURLE_OK;
+}
+
+void Curl_conncache_remove_conn(struct conncache *connc,
+                                struct connectdata *conn)
+{
+  struct connectbundle *bundle = conn->bundle;
+
+  /* The bundle pointer can be NULL, since this function can be called
+     due to a failed connection attempt, before being added to a bundle */
+  if(bundle) {
+    Curl_bundle_remove_conn(bundle, conn);
+    if(bundle->num_connections == 0) {
+      conncache_remove_bundle(connc, bundle);
+    }
+    connc->num_connections--;
+
+    DEBUGF(infof(conn->data, "The cache now contains %d members\n",
+                 connc->num_connections));
+  }
+}
+
+/* This function iterates the entire connection cache and calls the
+   function func() with the connection pointer as the first argument
+   and the supplied 'param' argument as the other,
+
+   Return 0 from func() to continue the loop, return 1 to abort it.
+ */
+void Curl_conncache_foreach(struct conncache *connc,
+                            void *param,
+                            int (*func)(struct connectdata *conn, void *param))
+{
+  struct curl_hash_iterator iter;
+  struct curl_llist_element *curr;
+  struct curl_hash_element *he;
+
+  if(!connc)
+    return;
+
+  Curl_hash_start_iterate(connc->hash, &iter);
+
+  he = Curl_hash_next_element(&iter);
+  while(he) {
+    struct connectbundle *bundle;
+    struct connectdata *conn;
+
+    bundle = he->ptr;
+
+    curr = bundle->conn_list->head;
+    while(curr) {
+      /* Yes, we need to update curr before calling func(), because func()
+         might decide to remove the connection */
+      conn = curr->ptr;
+      curr = curr->next;
+
+      if(1 == func(conn, param))
+        return;
+    }
+
+    he = Curl_hash_next_element(&iter);
+  }
+}
+
+/* Return the first connection found in the cache. Used when closing all
+   connections */
+struct connectdata *
+Curl_conncache_find_first_connection(struct conncache *connc)
+{
+  struct curl_hash_iterator iter;
+  struct curl_llist_element *curr;
+  struct curl_hash_element *he;
+  struct connectbundle *bundle;
+
+  Curl_hash_start_iterate(connc->hash, &iter);
+
+  he = Curl_hash_next_element(&iter);
+  while(he) {
+    bundle = he->ptr;
+
+    curr = bundle->conn_list->head;
+    if(curr) {
+      return curr->ptr;
+    }
+
+    he = Curl_hash_next_element(&iter);
+  }
+
+  return NULL;
+}
+
+
+#if 0
+/* Useful for debugging the connection cache */
+void Curl_conncache_print(struct conncache *connc)
+{
+  struct curl_hash_iterator iter;
+  struct curl_llist_element *curr;
+  struct curl_hash_element *he;
+
+  if(!connc)
+    return;
+
+  fprintf(stderr, "=Bundle cache=\n");
+
+  Curl_hash_start_iterate(connc->hash, &iter);
+
+  he = Curl_hash_next_element(&iter);
+  while(he) {
+    struct connectbundle *bundle;
+    struct connectdata *conn;
+
+    bundle = he->ptr;
+
+    fprintf(stderr, "%s -", he->key);
+    curr = bundle->conn_list->head;
+    while(curr) {
+      conn = curr->ptr;
+
+      fprintf(stderr, " [%p %d]", (void *)conn, conn->inuse);
+      curr = curr->next;
+    }
+    fprintf(stderr, "\n");
+
+    he = Curl_hash_next_element(&iter);
+  }
+}
+#endif

lib/conncache.h

@@ -0,0 +1,53 @@
+#ifndef HEADER_CURL_CONNCACHE_H
+#define HEADER_CURL_CONNCACHE_H
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 2012, 2013, Linus Nielsen Feltzing, <linus@haxx.se>
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+struct conncache {
+  struct curl_hash *hash;
+  size_t num_connections;
+};
+
+struct conncache *Curl_conncache_init(void);
+
+void Curl_conncache_destroy(struct conncache *connc);
+
+struct connectbundle *Curl_conncache_find_bundle(struct conncache *connc,
+                                                 char *hostname);
+
+CURLcode Curl_conncache_add_conn(struct conncache *connc,
+                                 struct connectdata *conn);
+
+void Curl_conncache_remove_conn(struct conncache *connc,
+                                struct connectdata *conn);
+
+void Curl_conncache_foreach(struct conncache *connc,
+                            void *param,
+                            int (*func)(struct connectdata *conn,
+                                        void *param));
+
+struct connectdata *
+Curl_conncache_find_first_connection(struct conncache *connc);
+
+void Curl_conncache_print(struct conncache *connc);
+
+#endif /* HEADER_CURL_CONNCACHE_H */

lib/connect.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -20,11 +20,8 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
 #ifdef HAVE_NETINET_IN_H
 #include <netinet/in.h> /* <netinet/tcp.h> may need it */
 #endif
@@ -37,9 +34,6 @@
 #ifdef HAVE_SYS_IOCTL_H
 #include <sys/ioctl.h>
 #endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
 #ifdef HAVE_NETDB_H
 #include <netdb.h>
 #endif
@@ -80,6 +74,8 @@
 #include "sslgen.h" /* for Curl_ssl_check_cxn() */
 #include "progress.h"
 #include "warnless.h"
+#include "conncache.h"
+#include "multihandle.h"
 
 /* The last #include file should be: */
 #include "memdebug.h"
@@ -132,7 +128,6 @@ tcpkeepalive(struct SessionHandle *data,
 static CURLcode
 singleipconnect(struct connectdata *conn,
                 const Curl_addrinfo *ai, /* start connecting to this */
-                long timeout_ms,
                 curl_socket_t *sock,
                 bool *connected);
 
@@ -203,20 +198,19 @@ long Curl_timeleft(struct SessionHandle *data,
 }
 
 /*
- * waitconnect() waits for a TCP connect on the given socket for the specified
- * number if milliseconds. It returns:
+ * checkconnect() checks for a TCP connect on the given socket.
+ * It returns:
  */
 
-#define WAITCONN_CONNECTED     0
-#define WAITCONN_SELECT_ERROR -1
-#define WAITCONN_TIMEOUT       1
-#define WAITCONN_FDSET_ERROR   2
-#define WAITCONN_ABORTED       3
+enum chkconn_t {
+  CHKCONN_SELECT_ERROR = -1,
+  CHKCONN_CONNECTED    = 0,
+  CHKCONN_IDLE         = 1,
+  CHKCONN_FDSET_ERROR  = 2
+};
 
-static
-int waitconnect(struct connectdata *conn,
-                curl_socket_t sockfd, /* socket */
-                long timeout_msec)
+static enum chkconn_t
+checkconnect(curl_socket_t sockfd)
 {
   int rc;
 #ifdef mpeix
@@ -226,34 +220,20 @@ int waitconnect(struct connectdata *conn,
   (void)verifyconnect(sockfd, NULL);
 #endif
 
-  for(;;) {
+  rc = Curl_socket_ready(CURL_SOCKET_BAD, sockfd, 0);
 
-    /* now select() until we get connect or timeout */
-    rc = Curl_socket_ready(CURL_SOCKET_BAD, sockfd, timeout_msec>1000?
-                           1000:timeout_msec);
-    if(Curl_pgrsUpdate(conn))
-      return WAITCONN_ABORTED;
+  if(-1 == rc)
+    /* error, no connect here, try next */
+    return CHKCONN_SELECT_ERROR;
 
-    if(-1 == rc)
-      /* error, no connect here, try next */
-      return WAITCONN_SELECT_ERROR;
+  else if(rc & CURL_CSELECT_ERR)
+    /* error condition caught */
+    return CHKCONN_FDSET_ERROR;
 
-    else if(0 == rc) {
-      /* timeout */
-      timeout_msec -= 1000;
-      if(timeout_msec <= 0)
-        return WAITCONN_TIMEOUT;
+  else if(rc)
+    return CHKCONN_CONNECTED;
 
-      continue;
-    }
-
-    if(rc & CURL_CSELECT_ERR)
-      /* error condition caught */
-      return WAITCONN_FDSET_ERROR;
-
-    break;
-  }
-  return WAITCONN_CONNECTED;
+  return CHKCONN_IDLE;
 }
 
 static CURLcode bindlocal(struct connectdata *conn,
@@ -552,7 +532,7 @@ static CURLcode trynextip(struct connectdata *conn,
   ai = conn->ip_addr->ai_next;
 
   while(ai) {
-    CURLcode res = singleipconnect(conn, ai, 0L, &sockfd, connected);
+    CURLcode res = singleipconnect(conn, ai, &sockfd, connected);
     if(res)
       return res;
     if(sockfd != CURL_SOCKET_BAD) {
@@ -680,21 +660,20 @@ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd)
 }
 
 /*
- * Curl_is_connected() is used from the multi interface to check if the
- * firstsocket has connected.
+ * Curl_is_connected() checks if the socket has connected.
  */
 
 CURLcode Curl_is_connected(struct connectdata *conn,
                            int sockindex,
                            bool *connected)
 {
-  int rc;
   struct SessionHandle *data = conn->data;
   CURLcode code = CURLE_OK;
   curl_socket_t sockfd = conn->sock[sockindex];
   long allow = DEFAULT_CONNECT_TIMEOUT;
   int error = 0;
   struct timeval now;
+  enum chkconn_t chk;
 
   DEBUGASSERT(sockindex >= FIRSTSOCKET && sockindex <= SECONDARYSOCKET);
 
@@ -717,9 +696,9 @@ CURLcode Curl_is_connected(struct connectdata *conn,
     return CURLE_OPERATION_TIMEDOUT;
   }
 
-  /* check for connect without timeout as we want to return immediately */
-  rc = waitconnect(conn, sockfd, 0);
-  if(WAITCONN_TIMEOUT == rc) {
+  /* check socket for connect */
+  chk = checkconnect(sockfd);
+  if(CHKCONN_IDLE == chk) {
     if(curlx_tvdiff(now, conn->connecttime) >= conn->timeoutms_per_addr) {
       infof(data, "After %ldms connect time, move on!\n",
             conn->timeoutms_per_addr);
@@ -730,7 +709,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
     return code;
   }
 
-  if(WAITCONN_CONNECTED == rc) {
+  if(CHKCONN_CONNECTED == chk) {
     if(verifyconnect(sockfd, &error)) {
       /* we are connected with TCP, awesome! */
 
@@ -740,6 +719,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
         return code;
 
       conn->bits.tcpconnect[sockindex] = TRUE;
+
       *connected = TRUE;
       if(sockindex == FIRSTSOCKET)
         Curl_pgrsTime(data, TIMER_CONNECT); /* connect done */
@@ -752,7 +732,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
   }
   else {
     /* nope, not connected  */
-    if(WAITCONN_FDSET_ERROR == rc) {
+    if(CHKCONN_FDSET_ERROR == chk) {
       (void)verifyconnect(sockfd, &error);
       infof(data, "%s\n",Curl_strerror(conn, error));
     }
@@ -868,12 +848,11 @@ void Curl_sndbufset(curl_socket_t sockfd)
  * CURL_SOCKET_BAD. Other errors will however return proper errors.
  *
  * singleipconnect() connects to the given IP only, and it may return without
- * having connected if used from the multi interface.
+ * having connected.
  */
 static CURLcode
 singleipconnect(struct connectdata *conn,
                 const Curl_addrinfo *ai,
-                long timeout_ms,
                 curl_socket_t *sockp,
                 bool *connected)
 {
@@ -944,17 +923,24 @@ singleipconnect(struct connectdata *conn,
   /* set socket non-blocking */
   curlx_nonblock(sockfd, TRUE);
 
+  conn->connecttime = Curl_tvnow();
+  if(conn->num_addr > 1)
+    Curl_expire(data, conn->timeoutms_per_addr);
+
   /* Connect TCP sockets, bind UDP */
   if(!isconnected && (conn->socktype == SOCK_STREAM)) {
     rc = connect(sockfd, &addr.sa_addr, addr.addrlen);
     if(-1 == rc)
       error = SOCKERRNO;
-    conn->connecttime = Curl_tvnow();
-    if(conn->num_addr > 1)
-      Curl_expire(data, conn->timeoutms_per_addr);
   }
-  else
-    rc = 0;
+  else {
+    *sockp = sockfd;
+    return CURLE_OK;
+  }
+
+#ifdef ENABLE_IPV6
+  conn->bits.ipv6 = (addr.family == AF_INET6)?TRUE:FALSE;
+#endif
 
   if(-1 == rc) {
     switch (error) {
@@ -969,54 +955,23 @@ singleipconnect(struct connectdata *conn,
     case EAGAIN:
 #endif
 #endif
-      rc = waitconnect(conn, sockfd, timeout_ms);
-      if(WAITCONN_ABORTED == rc) {
-        Curl_closesocket(conn, sockfd);
-        return CURLE_ABORTED_BY_CALLBACK;
-      }
-      break;
+      *sockp = sockfd;
+      return CURLE_OK;
+
     default:
       /* unknown error, fallthrough and try another address! */
       failf(data, "Failed to connect to %s: %s",
             conn->ip_addr_str, Curl_strerror(conn,error));
       data->state.os_errno = error;
+
+      /* connect failed */
+      Curl_closesocket(conn, sockfd);
+
       break;
     }
   }
-
-  /* The 'WAITCONN_TIMEOUT == rc' comes from the waitconnect(), and not from
-     connect(). We can be sure of this since connect() cannot return 1. */
-  if((WAITCONN_TIMEOUT == rc) &&
-     (data->state.used_interface == Curl_if_multi)) {
-    /* Timeout when running the multi interface */
+  else
     *sockp = sockfd;
-    return CURLE_OK;
-  }
-
-  if(!isconnected)
-    isconnected = verifyconnect(sockfd, &error);
-
-  if(!rc && isconnected) {
-    /* we are connected, awesome! */
-    *connected = TRUE; /* this is a true connect */
-    infof(data, "connected\n");
-#ifdef ENABLE_IPV6
-    conn->bits.ipv6 = (addr.family == AF_INET6)?TRUE:FALSE;
-#endif
-
-    Curl_updateconninfo(conn, sockfd);
-    *sockp = sockfd;
-    return CURLE_OK;
-  }
-  else if(WAITCONN_TIMEOUT == rc)
-    infof(data, "Timeout\n");
-  else {
-    data->state.os_errno = error;
-    infof(data, "%s\n", Curl_strerror(conn, error));
-  }
-
-  /* connect failed or timed out */
-  Curl_closesocket(conn, sockfd);
 
   return CURLE_OK;
 }
@@ -1078,9 +1033,7 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
 
     /* start connecting to the IP curr_addr points to */
     res = singleipconnect(conn, curr_addr,
-                          /* don't hang when doing multi */
-                          (data->state.used_interface == Curl_if_multi)?0:
-                          conn->timeoutms_per_addr, &sockfd, connected);
+                          &sockfd, connected);
     if(res)
       return res;
 
@@ -1118,6 +1071,21 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
   return CURLE_OK;
 }
 
+struct connfind {
+  struct connectdata *tofind;
+  bool found;
+};
+
+static int conn_is_conn(struct connectdata *conn, void *param)
+{
+  struct connfind *f = (struct connfind *)param;
+  if(conn == f->tofind) {
+    f->found = TRUE;
+    return 1;
+  }
+  return 0;
+}
+
 /*
  * Used to extract socket and connectdata struct for the most recent
  * transfer on the given SessionHandle.
@@ -1131,10 +1099,21 @@ curl_socket_t Curl_getconnectinfo(struct SessionHandle *data,
 
   DEBUGASSERT(data);
 
-  if((data->state.lastconnect != -1) &&
-     (data->state.connc->connects[data->state.lastconnect] != NULL)) {
-    struct connectdata *c =
-      data->state.connc->connects[data->state.lastconnect];
+  /* this only works for an easy handle that has been used for
+     curl_easy_perform()! */
+  if(data->state.lastconnect && data->multi_easy) {
+    struct connectdata *c = data->state.lastconnect;
+    struct connfind find;
+    find.tofind = data->state.lastconnect;
+    find.found = FALSE;
+
+    Curl_conncache_foreach(data->multi_easy->conn_cache, &find, conn_is_conn);
+
+    if(!find.found) {
+      data->state.lastconnect = NULL;
+      return CURL_SOCKET_BAD;
+    }
+
     if(connp)
       /* only store this if the caller cares for it */
       *connp = c;

lib/connect.h

@@ -21,7 +21,7 @@
  * KIND, either express or implied.
  *
  ***************************************************************************/
-#include "setup.h"
+#include "curl_setup.h"
 
 #include "nonblock.h" /* for curlx_nonblock(), formerly Curl_nonblock() */
 #include "sockaddr.h"

lib/content_encoding.c

@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef HAVE_LIBZ
 

lib/content_encoding.h

@@ -21,7 +21,7 @@
  * KIND, either express or implied.
  *
  ***************************************************************************/
-#include "setup.h"
+#include "curl_setup.h"
 
 /*
  * Comma-separated list all supported Content-Encodings ('identity' is implied)

lib/cookie.c

@@ -77,7 +77,7 @@ Example set of cookies:
 ****/
 
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
 

lib/cookie.h

@@ -21,7 +21,7 @@
  * KIND, either express or implied.
  *
  ***************************************************************************/
-#include "setup.h"
+#include "curl_setup.h"
 
 #include <curl/curl.h>
 

lib/curl_addrinfo.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -20,13 +20,10 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #include <curl/curl.h>
 
-#ifdef HAVE_SYS_SOCKET_H
-#  include <sys/socket.h>
-#endif
 #ifdef HAVE_NETINET_IN_H
 #  include <netinet/in.h>
 #endif

lib/curl_addrinfo.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -22,11 +22,8 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
-#ifdef HAVE_SYS_SOCKET_H
-#  include <sys/socket.h>
-#endif
 #ifdef HAVE_NETINET_IN_H
 #  include <netinet/in.h>
 #endif

lib/curl_darwinssl.c

@@ -5,8 +5,8 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 2012, Nick Zitzmann, <nickzman@gmail.com>.
- * Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012-2013, Nick Zitzmann, <nickzman@gmail.com>.
+ * Copyright (C) 2012-2013, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -26,21 +26,21 @@
  * TLS/SSL layer. No code but sslgen.c should ever call or use these functions.
  */
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef USE_DARWINSSL
 
 #ifdef HAVE_LIMITS_H
 #include <limits.h>
 #endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
 
 #include <Security/Security.h>
 #include <Security/SecureTransport.h>
 #include <CoreFoundation/CoreFoundation.h>
 #include <CommonCrypto/CommonDigest.h>
+#if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE))
+#include <sys/sysctl.h>
+#endif
 
 #include "urldata.h"
 #include "sendf.h"
@@ -78,15 +78,15 @@ static OSStatus SocketRead(SSLConnectionRef connection,
                                                  * RETURNED */
                            size_t *dataLength)  /* IN/OUT */
 {
-  UInt32 bytesToGo = *dataLength;
-  UInt32 initLen = bytesToGo;
+  size_t bytesToGo = *dataLength;
+  size_t initLen = bytesToGo;
   UInt8 *currData = (UInt8 *)data;
   /*int sock = *(int *)connection;*/
   struct ssl_connect_data *connssl = (struct ssl_connect_data *)connection;
   int sock = connssl->ssl_sockfd;
   OSStatus rtn = noErr;
-  UInt32 bytesRead;
-  int rrtn;
+  size_t bytesRead;
+  ssize_t rrtn;
   int theErr;
 
   *dataLength = 0;
@@ -140,12 +140,12 @@ static OSStatus SocketWrite(SSLConnectionRef connection,
                             const void *data,
                             size_t *dataLength)  /* IN/OUT */
 {
-  UInt32 bytesSent = 0;
+  size_t bytesSent = 0;
   /*int sock = *(int *)connection;*/
   struct ssl_connect_data *connssl = (struct ssl_connect_data *)connection;
   int sock = connssl->ssl_sockfd;
-  int length;
-  UInt32 dataLen = *dataLength;
+  ssize_t length;
+  size_t dataLen = *dataLength;
   const UInt8 *dataPtr = (UInt8 *)data;
   OSStatus ortn;
   int theErr;
@@ -626,6 +626,41 @@ CF_INLINE const char *TLSCipherNameForNumber(SSLCipherSuite cipher) {
   return "TLS_NULL_WITH_NULL_NULL";
 }
 
+CF_INLINE bool IsRunningMountainLionOrLater(void)
+{
+#if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE))
+  int mib[2];
+  char *os_version;
+  size_t os_version_len;
+  char *os_version_major/*, *os_version_minor, *os_version_point*/;
+  int os_version_major_int;
+
+  /* Get the Darwin kernel version from the kernel using sysctl(): */
+  mib[0] = CTL_KERN;
+  mib[1] = KERN_OSRELEASE;
+  if(sysctl(mib, 2, NULL, &os_version_len, NULL, 0) == -1)
+    return false;
+  os_version = malloc(os_version_len*sizeof(char));
+  if(!os_version)
+    return false;
+  if(sysctl(mib, 2, os_version, &os_version_len, NULL, 0) == -1) {
+    free(os_version);
+    return false;
+  }
+
+  /* Parse the version. If it's version 12.0.0 or later, then this user is
+     using Mountain Lion. */
+  os_version_major = strtok(os_version, ".");
+  /*os_version_minor = strtok(NULL, ".");
+  os_version_point = strtok(NULL, ".");*/
+  os_version_major_int = atoi(os_version_major);
+  free(os_version);
+  return os_version_major_int >= 12;
+#else
+  return true;  /* iOS users: this doesn't concern you */
+#endif
+}
+
 static CURLcode darwinssl_connect_step1(struct connectdata *conn,
                                         int sockindex)
 {
@@ -775,7 +810,14 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn,
    * anyway. In the latter case the result of the verification is checked with
    * SSL_get_verify_result() below. */
 #if defined(__MAC_10_6) || defined(__IPHONE_5_0)
-  if(SSLSetSessionOption != NULL) {
+  /* Snow Leopard introduced the SSLSetSessionOption() function, but due to
+     a library bug with the way the kSSLSessionOptionBreakOnServerAuth flag
+     works, it doesn't work as expected under Snow Leopard or Lion.
+     So we need to call SSLSetEnableCertVerify() on those older cats in order
+     to disable certificate validation if the user turned that off.
+     (SecureTransport will always validate the certificate chain by
+     default.) */
+  if(SSLSetSessionOption != NULL && IsRunningMountainLionOrLater()) {
     err = SSLSetSessionOption(connssl->ssl_ctx,
                               kSSLSessionOptionBreakOnServerAuth,
                               data->set.ssl.verifypeer?false:true);
@@ -1330,7 +1372,7 @@ void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */
                            size_t md5len)
 {
   (void)md5len;
-  (void)CC_MD5(tmp, tmplen, md5sum);
+  (void)CC_MD5(tmp, (CC_LONG)tmplen, md5sum);
 }
 
 static ssize_t darwinssl_send(struct connectdata *conn,
@@ -1341,12 +1383,14 @@ static ssize_t darwinssl_send(struct connectdata *conn,
 {
   /*struct SessionHandle *data = conn->data;*/
   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
-  size_t processed;
+  size_t processed = 0UL;
   OSStatus err = SSLWrite(connssl->ssl_ctx, mem, len, &processed);
 
   if(err != noErr) {
     switch (err) {
-      case errSSLWouldBlock:  /* we're not done yet; keep sending */
+      case errSSLWouldBlock:  /* return how much we sent (if anything) */
+        if(processed)
+          return (ssize_t)processed;
         *curlcode = CURLE_AGAIN;
         return -1;
         break;
@@ -1369,12 +1413,14 @@ static ssize_t darwinssl_recv(struct connectdata *conn,
 {
   /*struct SessionHandle *data = conn->data;*/
   struct ssl_connect_data *connssl = &conn->ssl[num];
-  size_t processed;
+  size_t processed = 0UL;
   OSStatus err = SSLRead(connssl->ssl_ctx, buf, buffersize, &processed);
 
   if(err != noErr) {
     switch (err) {
-      case errSSLWouldBlock:  /* we're not done yet; keep reading */
+      case errSSLWouldBlock:  /* return how much we read (if anything) */
+        if(processed)
+          return (ssize_t)processed;
         *curlcode = CURLE_AGAIN;
         return -1;
         break;

lib/curl_darwinssl.h

@@ -21,7 +21,7 @@
  * KIND, either express or implied.
  *
  ***************************************************************************/
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef USE_DARWINSSL
 

lib/curl_fnmatch.c

@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #include "curl_fnmatch.h"
 

lib/curl_gethostname.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -20,11 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
-
-#ifdef HAVE_UNISTD_H
-#  include <unistd.h>
-#endif
+#include "curl_setup.h"
 
 #include "curl_gethostname.h"
 

lib/curl_gssapi.c

@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef HAVE_GSSAPI
 

lib/curl_gssapi.h

@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 #include "urldata.h"
 
 #ifdef HAVE_GSSAPI

lib/curl_ldap.h

@@ -1,6 +1,5 @@
-#ifndef __CURL_LDAP_H
-#define __CURL_LDAP_H
-
+#ifndef HEADER_CURL_LDAP_H
+#define HEADER_CURL_LDAP_H
 /***************************************************************************
  *                                  _   _ ____  _
  *  Project                     ___| | | |  _ \| |
@@ -32,4 +31,5 @@ extern const struct Curl_handler Curl_handler_ldaps;
 #endif
 
 #endif
-#endif /* __CURL_LDAP_H */
+#endif /* HEADER_CURL_LDAP_H */
+

lib/curl_md4.h

@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 /* NSS crypto library does not provide the MD4 hash algorithm, so that we have
  * a local implementation of it */

lib/curl_memrchr.c

@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #include "curl_memrchr.h"
 

lib/curl_memrchr.h

@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef HAVE_MEMRCHR
 

lib/curl_multibyte.c

@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #if defined(USE_WIN32_IDN) || (defined(USE_WINDOWS_SSPI) && defined(UNICODE))
 

lib/curl_multibyte.h

@@ -21,7 +21,7 @@
  * KIND, either express or implied.
  *
  ***************************************************************************/
-#include "setup.h"
+#include "curl_setup.h"
 
 #if defined(USE_WIN32_IDN) || (defined(USE_WINDOWS_SSPI) && defined(UNICODE))
 

lib/curl_ntlm.c

@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef USE_NTLM
 

lib/curl_ntlm.h

@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef USE_NTLM
 

lib/curl_ntlm_core.c

@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #if defined(USE_NTLM) && !defined(USE_WINDOWS_SSPI)
 

lib/curl_ntlm_core.h

@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #if defined(USE_NTLM) && !defined(USE_WINDOWS_SSPI)
 

lib/curl_ntlm_msgs.c

@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef USE_NTLM
 

lib/curl_ntlm_msgs.h

@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef USE_NTLM
 

lib/curl_ntlm_wb.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #if defined(USE_NTLM) && defined(NTLM_WB_ENABLED)
 
@@ -33,9 +33,6 @@
 
 #define DEBUG_ME 0
 
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
 #ifdef HAVE_SYS_WAIT_H
 #include <sys/wait.h>
 #endif

lib/curl_ntlm_wb.h

@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #if defined(USE_NTLM) && defined(NTLM_WB_ENABLED)
 

lib/curl_rand.c

@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #include <curl/curl.h>
 

lib/curl_rtmp.c

@@ -20,7 +20,7 @@
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef USE_LIBRTMP
 

lib/curl_sasl.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012-2013, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -20,11 +20,12 @@
  *
  * RFC2195 CRAM-MD5 authentication
  * RFC2831 DIGEST-MD5 authentication
+ * RFC4422 Simple Authentication and Security Layer (SASL)
  * RFC4616 PLAIN authentication
  *
  ***************************************************************************/
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #include <curl/curl.h>
 #include "urldata.h"
@@ -345,9 +346,7 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
     snprintf(&HA1_hex[2 * i], 3, "%02x", digest[i]);
 
   /* Prepare the URL string */
-  strcpy(uri, service);
-  strcat(uri, "/");
-  strcat(uri, realm);
+  snprintf(uri, sizeof(uri), "%s/%s", service, realm);
 
   /* Calculate H(A2) */
   ctxt = Curl_MD5_init(Curl_DIGEST_MD5);
@@ -391,20 +390,11 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
   for(i = 0; i < MD5_DIGEST_LEN; i++)
     snprintf(&resp_hash_hex[2 * i], 3, "%02x", digest[i]);
 
-  strcpy(response, "username=\"");
-  strcat(response, userp);
-  strcat(response, "\",realm=\"");
-  strcat(response, realm);
-  strcat(response, "\",nonce=\"");
-  strcat(response, nonce);
-  strcat(response, "\",cnonce=\"");
-  strcat(response, cnonce);
-  strcat(response, "\",nc=");
-  strcat(response, nonceCount);
-  strcat(response, ",digest-uri=\"");
-  strcat(response, uri);
-  strcat(response, "\",response=");
-  strcat(response, resp_hash_hex);
+  snprintf(response, sizeof(response),
+           "username=\"%s\",realm=\"%s\",nonce=\"%s\","
+           "cnonce=\"%s\",nc=\"%s\",digest-uri=\"%s\",response=%s",
+           userp, realm, nonce,
+           cnonce, nonceCount, uri, resp_hash_hex);
 
   /* Base64 encode the reply */
   return Curl_base64_encode(data, response, 0, outptr, outlen);

lib/curl_schannel.c

@@ -5,9 +5,9 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 2012, Marc Hoersken, <info@marc-hoersken.de>, et al.
+ * Copyright (C) 2012 - 2013, Marc Hoersken, <info@marc-hoersken.de>
  * Copyright (C) 2012, Mark Salisbury, <mark.salisbury@hp.com>
- * Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -51,7 +51,7 @@
  *   http://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx
  */
 
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef USE_SCHANNEL
 
@@ -219,8 +219,8 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
 
   /* setup request flags */
   connssl->req_flags = ISC_REQ_SEQUENCE_DETECT | ISC_REQ_REPLAY_DETECT |
-                       ISC_REQ_CONFIDENTIALITY | ISC_REQ_EXTENDED_ERROR |
-                       ISC_REQ_ALLOCATE_MEMORY | ISC_REQ_STREAM;
+                       ISC_REQ_CONFIDENTIALITY | ISC_REQ_ALLOCATE_MEMORY |
+                       ISC_REQ_STREAM;
 
   /* allocate memory for the security context handle */
   connssl->ctxt = malloc(sizeof(struct curl_schannel_ctxt));
@@ -503,8 +503,6 @@ schannel_connect_step3(struct connectdata *conn, int sockindex)
       failf(data, "schannel: failed to setup replay detection");
     if(!(connssl->ret_flags & ISC_RET_CONFIDENTIALITY))
       failf(data, "schannel: failed to setup confidentiality");
-    if(!(connssl->ret_flags & ISC_RET_EXTENDED_ERROR))
-      failf(data, "schannel: failed to setup extended errors");
     if(!(connssl->ret_flags & ISC_RET_ALLOCATED_MEMORY))
       failf(data, "schannel: failed to setup memory allocation");
     if(!(connssl->ret_flags & ISC_RET_STREAM))

lib/curl_schannel.h

@@ -22,7 +22,7 @@
  * KIND, either express or implied.
  *
  ***************************************************************************/
-#include "setup.h"
+#include "curl_setup.h"
 
 #ifdef USE_SCHANNEL
 

lib/curl_setup.h

@@ -229,6 +229,14 @@
 #  include "setup-os400.h"
 #endif
 
+/*
+ * VMS setup file includes some system headers.
+ */
+
+#ifdef __VMS
+#  include "setup-vms.h"
+#endif
+
 /*
  * Include header files for windows builds before redefining anything.
  * Use this preprocessor block only to include or exclude windows.h,
@@ -645,8 +653,8 @@ int netware_init(void);
  * Include macros and defines that should only be processed once.
  */
 
-#ifndef __SETUP_ONCE_H
-#include "setup_once.h"
+#ifndef HEADER_CURL_SETUP_ONCE_H
+#include "curl_setup_once.h"
 #endif
 
 /*

lib/curl_setup_once.h

@@ -1,5 +1,5 @@
-#ifndef __SETUP_ONCE_H
-#define __SETUP_ONCE_H
+#ifndef HEADER_CURL_SETUP_ONCE_H
+#define HEADER_CURL_SETUP_ONCE_H
 /***************************************************************************
  *                                  _   _ ____  _
  *  Project                     ___| | | |  _ \| |
@@ -23,16 +23,6 @@
  ***************************************************************************/
 
 
-/********************************************************************
- *                              NOTICE                              *
- *                             ========                             *
- *                                                                  *
- *  Content of header files lib/setup_once.h and ares/setup_once.h  *
- *  must be kept in sync. Modify the other one if you change this.  *
- *                                                                  *
- ********************************************************************/
-
-
 /*
  * Inclusion of common header files.
  */
@@ -83,6 +73,34 @@
 #include <stdbool.h>
 #endif
 
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+
+#ifdef __hpux
+#  if !defined(_XOPEN_SOURCE_EXTENDED) || defined(_KERNEL)
+#    ifdef _APP32_64BIT_OFF_T
+#      define OLD_APP32_64BIT_OFF_T _APP32_64BIT_OFF_T
+#      undef _APP32_64BIT_OFF_T
+#    else
+#      undef OLD_APP32_64BIT_OFF_T
+#    endif
+#  endif
+#endif
+
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+
+#ifdef __hpux
+#  if !defined(_XOPEN_SOURCE_EXTENDED) || defined(_KERNEL)
+#    ifdef OLD_APP32_64BIT_OFF_T
+#      define _APP32_64BIT_OFF_T OLD_APP32_64BIT_OFF_T
+#      undef OLD_APP32_64BIT_OFF_T
+#    endif
+#  endif
+#endif
+
 
 /*
  * Definition of timeval struct for platforms that don't have it.
@@ -276,6 +294,18 @@ struct timeval {
 #define TOLOWER(x)  (tolower((int)  ((unsigned char)x)))
 
 
+/*
+ * 'bool' stuff compatible with HP-UX headers.
+ */
+
+#if defined(__hpux) && !defined(HAVE_BOOL_T)
+   typedef int bool;
+#  define false 0
+#  define true 1
+#  define HAVE_BOOL_T
+#endif
+
+
 /*
  * 'bool' exists on platforms with <stdbool.h>, i.e. C99 platforms.
  * On non-C99 platforms there's no bool, so define an enum for that.
@@ -496,17 +526,6 @@ typedef int sig_atomic_t;
 #define EREMOTE          WSAEREMOTE
 #endif
 
-
-/*
- *  Actually use __32_getpwuid() on 64-bit VMS builds for getpwuid()
- */
-
-#if defined(__VMS) && \
-    defined(__INITIAL_POINTER_SIZE) && (__INITIAL_POINTER_SIZE == 64)
-#define getpwuid __32_getpwuid
-#endif
-
-
 /*
  * Macro argv_item_t hides platform details to code using it.
  */
@@ -526,4 +545,5 @@ typedef int sig_atomic_t;
 #define ZERO_NULL 0
 
 
-#endif /* __SETUP_ONCE_H */
+#endif /* HEADER_CURL_SETUP_ONCE_H */
+