RELEASE-NOTES: version 7.40.0

darwinssl: fix session ID keys to only reuse identical sessions
...to avoid a session ID getting cached without certificate checking and then after a subsequent _enabling_ of the check libcurl could still re-use the session done without cert checks. Bug: http://curl.haxx.se/docs/adv_20150108A.html Reported-by: Marc Hesse
2015-01-07 23:08:53 +01:00 · 2015-01-07 22:55:56 +01:00 · 2015-01-07 22:55:56 +01:00 · 2015-01-07 22:55:56 +01:00 · 2015-01-07 20:01:29 +00:00 · 2015-01-07 20:01:27 +00:00
1299 changed files with 102269 additions and 22308 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -45,4 +45,4 @@ CHANGES.dist
 .project
 .cproject
 .settings
-/[0-9]*.patch
+.dirstamp
--- a/.travis.yml
+++ b/.travis.yml
@@ -0,0 +1,11 @@
 language: c
 before_script:
  - ./buildconf
 compiler:
  - clang
  - gcc
 notifications:
  email: false
--- a/CHANGES.0
+++ b/CHANGES.0
@@ -267,7 +267,7 @@ Daniel Stenberg (16 Apr 2010)
 Daniel Stenberg (15 Apr 2010)
 - Rainer Canavan filed bug report #2987196 that identified libcurl doing
  unnecesary reverse name lookups in many cases when built to use IPv4 and
-  getaddrinfo(). The logic for ipv6 is now used for ipv4 too.
+  getaddrinfo(). The logic for IPv6 is now used for IPv4 too.
  (http://curl.haxx.se/bug/view.cgi?id=2963679)
@@ -4271,7 +4271,7 @@ Daniel S (15 Nov 2007)
  list.
 - Michal Marek fixed the test suite to better deal with the case when the HTTP
-  ipv6 server can't run.
+  IPv6 server can't run.
 Yang Tse (14 Nov 2007)
 - Fix a variable potential wrapping in add_buffer() when using absolutely
@@ -6109,7 +6109,7 @@ Daniel (22 August 2006)
 - David McCreedy fixed a remaining mistake from the August 19 TYPE change.
 - Peter Sylvester pointed out a flaw in the AllowServerConnect() in the FTP
-  code when doing pure ipv6 EPRT connections.
+  code when doing pure IPv6 EPRT connections.
 Daniel (19 August 2006)
 - Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE
@@ -6666,8 +6666,8 @@ Daniel (24 January 2006)
 Daniel (20 January 2006)
 - Duane Cathey was one of our friends who reported that curl -P [IP]
-  (CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a
+  (CURLOPT_FTPPORT) didn't work for IPv6-enabed curls if the IP wasn't a
-  "native" IP while it works fine for ipv6-disabled builds!
+  "native" IP while it works fine for IPv6-disabled builds!
  In the process of fixing this, I removed the support for LPRT since I can't
  think of many reasons to keep doing it and asking on the mailing list didn't
@@ -6676,7 +6676,7 @@ Daniel (20 January 2006)
 Daniel (19 January 2006)
 - Jon Turner pointed out that doing -P [hostname] (CURLOPT_FTPPORT) with curl
-  (built ipv4-only) didn't work.
+  (built IPv4-only) didn't work.
 Daniel (18 January 2006)
 - As reported in bug #1408742 (http://curl.haxx.se/bug/view.cgi?id=1408742),
@@ -7557,7 +7557,7 @@ Daniel (29 March 2005)
 Daniel (16 March 2005)
 - Tru64 and some IRIX boxes seem to not like test 237 as it is. Their
  inet_addr() functions seems to use &255 on all numericals in a ipv4 dotted
-  address which makes a different failure... Now I've modified the ipv4
+  address which makes a different failure... Now I've modified the IPv4
  resolve code to use inet_pton() instead in an attempt to make these systems
  better detect this as a bad IP address rather than creating a toally bogus
  address that is then passed on and used.
@@ -7750,7 +7750,7 @@ Daniel (7 February 2005)
 Daniel (5 February 2005)
 - Eric Vergnaud found a use of an uninitialised variable in the ftp when doing
-  PORT on ipv6-enabled hosts.
+  PORT on IPv6-enabled hosts.
 - David Byron pointed out we could use BUFSIZE to read data (in
  lib/transfer.c) instead of using BUFSIZE -1.
@@ -7822,7 +7822,7 @@ Daniel (28 January 2005)
  8. fetch a URL from the same server as before (re-using the connection)
 - Stephen More pointed out that CURLOPT_FTPPORT and the -P option didn't work
-  when built ipv6-enabled. I've now made a fix for it. Writing test cases for
+  when built IPv6-enabled. I've now made a fix for it. Writing test cases for
  custom port hosts turned too tricky so unfortunately there's none.
 Daniel (25 January 2005)
@@ -8560,9 +8560,9 @@ Daniel (20 August 2004)
  byte file is downloaded.
 Daniel (18 August 2004)
- Ling Thio pointed out that when libcurl is built ipv6-enabled, it still did
+- Ling Thio pointed out that when libcurl is built IPv6-enabled, it still did
  reverse DNS lookups when fed with a numerical IP-address (like
-  http://127.0.0.1/), although it doesn't when built ipv6-disabled. libcurl
+  http://127.0.0.1/), although it doesn't when built IPv6-disabled. libcurl
  should never do reverse lookups.
 Daniel (17 August 2004)
@@ -8714,7 +8714,7 @@ Daniel (27 June 2004)
 Daniel (24 June 2004)
 - The standard curl_version() string now only includes version info about
  involved libraries and not about particular features. Thus it will no longer
-  include info about ipv6 nor GSS. That info is of course still available in
+  include info about IPv6 nor GSS. That info is of course still available in
  the feature bitmask curl_version_info() offers.
 - Replaced all occurances of sprintf() with snprintf(). This is mostly because
@@ -8729,8 +8729,8 @@ Daniel (24 June 2004)
  Internally, this means amongst other things that we can stop doing the weird
  "increase buffer size until it works" trick when resolving hosts on
-  ipv4-only with gethostbyname_r(), we support socks even on libcurls built
+  IPv4-only with gethostbyname_r(), we support socks even on libcurls built
-  with ipv6 enabled (but only to socks servers that resolve to an ipv4
+  with IPv6 enabled (but only to socks servers that resolve to an IPv4
  address) and we no longer deep-copy or relocate hostent structs (we create
  Curl_addrinfo chains instead).
@@ -9074,7 +9074,7 @@ Daniel (27 April 2004)
  and proxy name to the ACE encoded version to use internally for resolves and
  cookies etc. They are now using one 'struct hostname' each that keep both
  the original name and the possibly encoded name. IDN resolves work for me
-  now using ipv6, ipv4 and ares resolving. Even cookies on IDN sites seem to
+  now using IPv6, IPv4 and ares resolving. Even cookies on IDN sites seem to
  do right. I got some failures at first when CHARSET wasn't set at all which
  confused libidn completely and it decided by encoding of choice was
  'ANSI_X3.4-1968'...
@@ -9115,7 +9115,7 @@ Daniel (25 April 2004)
  CURLRES_ARES - is defined if libcurl is built to use c-ares for asynchronous
  name resolves. It cannot have ENABLE_IPV6 defined at the same time, as
-  c-ares has no ipv6 support. This can be Windows or *nix.
+  c-ares has no IPv6 support. This can be Windows or *nix.
  CURLRES_THREADED - is defined if libcurl is built to run under (native)
  Windows, and then the name resolve will be done in a new thread, and the
@@ -9132,8 +9132,8 @@ Daniel (25 April 2004)
  hostsyn.c  - functions for synchronous name resolves
  hostares.c - functions for ares-using name resolves
  hostthre.c - functions for threaded name resolves
-  hostip4.c  - ipv4-specific functions
+  hostip4.c  - IPv4 specific functions
-  hostip6.c  - ipv6-specific functions
+  hostip6.c  - IPv6 specific functions
  The hostip.h is the single united header file for all this. It defines the
  CURLRES_* defines based on the config*.h and setup.h defines.
@@ -9225,7 +9225,7 @@ Daniel (15 April 2004)
  for the typical (not very deep) case.
 Daniel (14 April 2004)
- Asking for CURL_IPRESOLVE_V6 when ipv6 addresses can't be resolved will
+- Asking for CURL_IPRESOLVE_V6 when IPv6 addresses can't be resolved will
  now cause the resolve function to return NULL immediately. This flaw was
  pointed out by Gisle Vanem.
@@ -9380,7 +9380,7 @@ Daniel (29 March 2004)
 - The postit2.c source example used the wrong struct name for the post data.
 Daniel (26 March 2004)
- Gisle Vanem improved ipv6 support on windows by making the curl build to use
+- Gisle Vanem improved IPv6 support on Windows by making the curl build use
  the correct getaddrinfo() function.
 Daniel (25 March 2004)
@@ -9673,7 +9673,7 @@ Daniel (16 February 2004)
  and re-use that same handle during the entire curl handle's life-time. It
  improves performance.
- Fixed a problem when displaying verbose for ipv6-enabled libcurls and
+- Fixed a problem when displaying verbose for IPv6-enabled libcurls and
  re-used connections. Problem reported and fix verified by Grigory Entin.
 - Jeff Lawson fixed the version-check in the SOCKS5 code.
@@ -9725,7 +9725,7 @@ Daniel (9 February 2004)
 - Tor Arntsen provided a patch that makes libcurl work-around a bug in the
  AIX5 implementation of getaddrinfo(). This makes the FTP PORT stuff work on
-  ipv6-enabled AIX builds.
+  IPv6-enabled AIX builds.
 - Ken Rastatter provided portability fixes for the curlgtk.c example, and now
  it runs on windows with GTK as well!
@@ -9754,7 +9754,7 @@ Daniel (5 February 2004)
  verifies this functionality.
 - Tor Arntsen fixed a weird getaddrinfo() usage in the FTP code, preventing
-  the ipv6-code for PORT work on AIX 5.2. We now also provide (better) error
+  the IPv6-code for PORT work on AIX 5.2. We now also provide (better) error
  messages when bailing out in the that function.
 - Tor Arntsen now provides AIX and IRIX (using gcc, xlc and the MIPSPro
@@ -10133,10 +10133,10 @@ Daniel (13 November)
  possibly other platforms too.
 - Peter Sylvester identified a problem in the connect code, which made the
-  multi interface on a ipv6-enabled solaris box do bad. Test case 504 to be
+  multi interface on a IPv6-enabled Solaris box do bad. Test case 504 to be
  specific. I've spent some time to clean-up the Curl_connecthost() function
-  now to use less duplicated code for the two different sections: ipv6 and
+  now to use less duplicated code for the two different sections: IPv6 and
-  ipv4.
+  IPv4.
 Daniel (11 November)
 - Added CURLOPT_NETRC_FILE. Use this to tell libcurl which file to use instead
@@ -10234,7 +10234,7 @@ Daniel (29 October)
 Daniel (28 October)
 - Dan C tracked down yet another weird behavior in the glibc gethostbyname_r()
  function for some specific versions (reported on 2.2.5 and 2.1.1), and
-  provided a fix. On Linux machines with these glibc versions, non-ipv6
+  provided a fix. On Linux machines with these glibc versions, non-IPv6
  builds of libcurl would often fail to resolve perfectly resolvable host
  names.
@@ -10353,7 +10353,7 @@ Version 7.10.8-pre3 (8 October 2003)
 Daniel (8 October)
 - Frank Ticheler provided a patch that fixes how libcurl connects to multiple
-  addresses, if one of them fails (ipv4-code).
+  addresses, if one of them fails (IPv4 code).
 Daniel (7 October)
 - Neil Dunbar provided a patch that now makes libcurl check SSL
@@ -11865,7 +11865,7 @@ Daniel (30 Sep 2002)
  updated the man page accordingly.
 - Cris Bailiff found out that the pre-releases crashed on name lookups on
-  names such as "a:" or "baz:" (on Linux versions not being ipv6-enabled) due
+  names such as "a:" or "baz:" (on Linux versions not being IPv6-enabled) due
  to some weird return codes from gethostbyname_r(). I'll blame the complete
  lack of docs in that department. Cris provided a fix, which I modified only
  slightly.
@@ -17598,7 +17598,7 @@ Version 4.8.4
 - As Julian Romero Nieto reported, curl reported wrong version number.
 - As Teemu Yli-Elsila pointed out, the win32 version of 4.8 (and probably all
   other versions for win32) didn't work with binary files since I'm too used
-   to the UNIX style fopen() where binary and text don't differ...
+   to the Unix style fopen() where binary and text don't differ...
 - Ralph Beckmann brought me some changes that lets curl compile error and
   warning free with -Wall -pedantic with g++. I also took the opportunity to
   clean off some unused variables and similar.
@@ -17851,7 +17851,7 @@ Version 2.7
   rewrite the former -l kludge in an external script that'll use urlget to
   fetch multipart files like that.
 - '-f' is introduced, it means Fail without output in case of HTTP server
-   errors (return code >=300).
+   errors (return code >=400).
 - Added support for -r, ranges. Specify which part of a document you
   want, and only that part is returned. Only with HTTP/1.1-servers.
 - Split up the source in 3 parts. Now all pure URL functions are in
--- a/CMake/CurlCheckCSourceCompiles.cmake
+++ b/CMake/CurlCheckCSourceCompiles.cmake
@@ -1,75 +0,0 @@
 # - Check if the source code provided in the SOURCE argument compiles.
 # CURL_CHECK_C_SOURCE_COMPILES(SOURCE VAR)
 # - macro which checks if the source code compiles
 #  SOURCE   - source code to try to compile
 #  VAR      - variable to store whether the source code compiled
 #
 # The following variables may be set before calling this macro to
 # modify the way the check is run:
 #
 #  CMAKE_REQUIRED_FLAGS = string of compile command line flags
 #  CMAKE_REQUIRED_DEFINITIONS = list of macros to define (-DFOO=bar)
 #  CMAKE_REQUIRED_INCLUDES = list of include directories
 #  CMAKE_REQUIRED_LIBRARIES = list of libraries to link
 macro(CURL_CHECK_C_SOURCE_COMPILES SOURCE VAR)
  if("${VAR}" MATCHES "^${VAR}$" OR "${VAR}" MATCHES "UNKNOWN")
    set(message "${VAR}")
    # If the number of arguments is greater than 2 (SOURCE VAR)
    if(${ARGC} GREATER 2)
      # then add the third argument as a message
      set(message "${ARGV2} (${VAR})")
    endif(${ARGC} GREATER 2)
    set(MACRO_CHECK_FUNCTION_DEFINITIONS
      "-D${VAR} ${CMAKE_REQUIRED_FLAGS}")
    if(CMAKE_REQUIRED_LIBRARIES)
      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_LIBRARIES
        "-DLINK_LIBRARIES:STRING=${CMAKE_REQUIRED_LIBRARIES}")
    else(CMAKE_REQUIRED_LIBRARIES)
      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_LIBRARIES)
    endif(CMAKE_REQUIRED_LIBRARIES)
    if(CMAKE_REQUIRED_INCLUDES)
      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_INCLUDES
        "-DINCLUDE_DIRECTORIES:STRING=${CMAKE_REQUIRED_INCLUDES}")
    else(CMAKE_REQUIRED_INCLUDES)
      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_INCLUDES)
    endif(CMAKE_REQUIRED_INCLUDES)
    set(src "")
    foreach(def ${EXTRA_DEFINES})
      set(src "${src}#define ${def} 1\n")
    endforeach(def)
    foreach(inc ${HEADER_INCLUDES})
      set(src "${src}#include <${inc}>\n")
    endforeach(inc)
    set(src "${src}\nint main() { ${SOURCE} ; return 0; }")
    set(CMAKE_CONFIGURABLE_FILE_CONTENT "${src}")
    configure_file(${CMAKE_CURRENT_SOURCE_DIR}/CMake/CMakeConfigurableFile.in
      "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/src.c"
      IMMEDIATE)
    message(STATUS "Performing Test ${message}")
    try_compile(${VAR}
      ${CMAKE_BINARY_DIR}
      ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/src.c
      COMPILE_DEFINITIONS ${CMAKE_REQUIRED_DEFINITIONS}
      CMAKE_FLAGS -DCOMPILE_DEFINITIONS:STRING=${MACRO_CHECK_FUNCTION_DEFINITIONS}
      "${CURL_CHECK_C_SOURCE_COMPILES_ADD_LIBRARIES}"
      "${CURL_CHECK_C_SOURCE_COMPILES_ADD_INCLUDES}"
      OUTPUT_VARIABLE OUTPUT)
    if(${VAR})
      set(${VAR} 1 CACHE INTERNAL "Test ${message}")
      message(STATUS "Performing Test ${message} - Success")
      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeOutput.log
        "Performing C SOURCE FILE Test ${message} succeded with the following output:\n"
        "${OUTPUT}\n"
        "Source file was:\n${src}\n")
    else(${VAR})
      message(STATUS "Performing Test ${message} - Failed")
      set(${VAR} "" CACHE INTERNAL "Test ${message}")
      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log
        "Performing C SOURCE FILE Test ${message} failed with the following output:\n"
        "${OUTPUT}\n"
        "Source file was:\n${src}\n")
    endif(${VAR})
  endif("${VAR}" MATCHES "^${VAR}$" OR "${VAR}" MATCHES "UNKNOWN")
 endmacro(CURL_CHECK_C_SOURCE_COMPILES)
--- a/CMake/CurlCheckCSourceRuns.cmake
+++ b/CMake/CurlCheckCSourceRuns.cmake
@@ -1,83 +0,0 @@
 # - Check if the source code provided in the SOURCE argument compiles and runs.
 # CURL_CHECK_C_SOURCE_RUNS(SOURCE VAR)
 # - macro which checks if the source code runs
 #  SOURCE   - source code to try to compile
 #  VAR - variable to store size if the type exists.
 #
 # The following variables may be set before calling this macro to
 # modify the way the check is run:
 #
 #  CMAKE_REQUIRED_FLAGS = string of compile command line flags
 #  CMAKE_REQUIRED_DEFINITIONS = list of macros to define (-DFOO=bar)
 #  CMAKE_REQUIRED_INCLUDES = list of include directories
 #  CMAKE_REQUIRED_LIBRARIES = list of libraries to link
 macro(CURL_CHECK_C_SOURCE_RUNS SOURCE VAR)
  if("${VAR}" MATCHES "^${VAR}$" OR "${VAR}" MATCHES "UNKNOWN")
    set(message "${VAR}")
    # If the number of arguments is greater than 2 (SOURCE VAR)
    if(${ARGC} GREATER 2)
      # then add the third argument as a message
      set(message "${ARGV2} (${VAR})")
    endif(${ARGC} GREATER 2)
    set(MACRO_CHECK_FUNCTION_DEFINITIONS
      "-D${VAR} ${CMAKE_REQUIRED_FLAGS}")
    if(CMAKE_REQUIRED_LIBRARIES)
      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_LIBRARIES
        "-DLINK_LIBRARIES:STRING=${CMAKE_REQUIRED_LIBRARIES}")
    else(CMAKE_REQUIRED_LIBRARIES)
      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_LIBRARIES)
    endif(CMAKE_REQUIRED_LIBRARIES)
    if(CMAKE_REQUIRED_INCLUDES)
      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_INCLUDES
        "-DINCLUDE_DIRECTORIES:STRING=${CMAKE_REQUIRED_INCLUDES}")
    else(CMAKE_REQUIRED_INCLUDES)
      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_INCLUDES)
    endif(CMAKE_REQUIRED_INCLUDES)
    set(src "")
    foreach(def ${EXTRA_DEFINES})
      set(src "${src}#define ${def} 1\n")
    endforeach(def)
    foreach(inc ${HEADER_INCLUDES})
      set(src "${src}#include <${inc}>\n")
    endforeach(inc)
    set(src "${src}\nint main() { ${SOURCE} ; return 0; }")
    set(CMAKE_CONFIGURABLE_FILE_CONTENT "${src}")
    configure_file(${CMAKE_CURRENT_SOURCE_DIR}/CMake/CMakeConfigurableFile.in
      "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/src.c"
      IMMEDIATE)
    message(STATUS "Performing Test ${message}")
    try_run(${VAR} ${VAR}_COMPILED
      ${CMAKE_BINARY_DIR}
      ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/src.c
      COMPILE_DEFINITIONS ${CMAKE_REQUIRED_DEFINITIONS}
      CMAKE_FLAGS -DCOMPILE_DEFINITIONS:STRING=${MACRO_CHECK_FUNCTION_DEFINITIONS}
      "${CURL_CHECK_C_SOURCE_COMPILES_ADD_LIBRARIES}"
      "${CURL_CHECK_C_SOURCE_COMPILES_ADD_INCLUDES}"
      OUTPUT_VARIABLE OUTPUT)
    # if it did not compile make the return value fail code of 1
    if(NOT ${VAR}_COMPILED)
      set(${VAR} 1)
    endif(NOT ${VAR}_COMPILED)
    # if the return value was 0 then it worked
    set(result_var ${${VAR}})
    if("${result_var}" EQUAL 0)
      set(${VAR} 1 CACHE INTERNAL "Test ${message}")
      message(STATUS "Performing Test ${message} - Success")
      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeOutput.log
        "Performing C SOURCE FILE Test ${message} succeded with the following output:\n"
        "${OUTPUT}\n"
        "Return value: ${${VAR}}\n"
        "Source file was:\n${src}\n")
    else("${result_var}" EQUAL 0)
      message(STATUS "Performing Test ${message} - Failed")
      set(${VAR} "" CACHE INTERNAL "Test ${message}")
      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log
        "Performing C SOURCE FILE Test ${message} failed with the following output:\n"
        "${OUTPUT}\n"
        "Return value: ${result_var}\n"
        "Source file was:\n${src}\n")
    endif("${result_var}" EQUAL 0)
  endif("${VAR}" MATCHES "^${VAR}$" OR "${VAR}" MATCHES "UNKNOWN")
 endmacro(CURL_CHECK_C_SOURCE_RUNS)
--- a/CMake/CurlTests.c
+++ b/CMake/CurlTests.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -71,264 +71,88 @@ main ()
 }
 #endif
-#ifdef HAVE_GETHOSTBYADDR_R_5
+/* tests for gethostbyaddr_r or gethostbyname_r */
 #if defined(HAVE_GETHOSTBYADDR_R_5_REENTRANT) || \
    defined(HAVE_GETHOSTBYADDR_R_7_REENTRANT) || \
    defined(HAVE_GETHOSTBYADDR_R_8_REENTRANT) || \
    defined(HAVE_GETHOSTBYNAME_R_3_REENTRANT) || \
    defined(HAVE_GETHOSTBYNAME_R_5_REENTRANT) || \
    defined(HAVE_GETHOSTBYNAME_R_6_REENTRANT)
 #   define _REENTRANT
    /* no idea whether _REENTRANT is always set, just invent a new flag */
 #   define TEST_GETHOSTBYFOO_REENTRANT
 #endif
 #if defined(HAVE_GETHOSTBYADDR_R_5) || \
    defined(HAVE_GETHOSTBYADDR_R_7) || \
    defined(HAVE_GETHOSTBYADDR_R_8) || \
    defined(HAVE_GETHOSTBYNAME_R_3) || \
    defined(HAVE_GETHOSTBYNAME_R_5) || \
    defined(HAVE_GETHOSTBYNAME_R_6) || \
    defined(TEST_GETHOSTBYFOO_REENTRANT)
 #include <sys/types.h>
 #include <netdb.h>
-int
+int main(void)
 main ()
 {
-
+  char *address = "example.com";
-char * address;
+  int length = 0;
-int length;
+  int type = 0;
 int type;
  struct hostent h;
  int rc = 0;
 #if defined(HAVE_GETHOSTBYADDR_R_5) || \
    defined(HAVE_GETHOSTBYADDR_R_5_REENTRANT) || \
    \
    defined(HAVE_GETHOSTBYNAME_R_3) || \
    defined(HAVE_GETHOSTBYNAME_R_3_REENTRANT)
  struct hostent_data hdata;
-int rc;
+#elif defined(HAVE_GETHOSTBYADDR_R_7) || \
      defined(HAVE_GETHOSTBYADDR_R_7_REENTRANT) || \
      defined(HAVE_GETHOSTBYADDR_R_8) || \
      defined(HAVE_GETHOSTBYADDR_R_8_REENTRANT) || \
      \
      defined(HAVE_GETHOSTBYNAME_R_5) || \
      defined(HAVE_GETHOSTBYNAME_R_5_REENTRANT) || \
      defined(HAVE_GETHOSTBYNAME_R_6) || \
      defined(HAVE_GETHOSTBYNAME_R_6_REENTRANT)
  char buffer[8192];
  int h_errnop;
  struct hostent *hp;
 #endif
 #ifndef gethostbyaddr_r
  (void)gethostbyaddr_r;
 #endif
 #if   defined(HAVE_GETHOSTBYADDR_R_5) || \
      defined(HAVE_GETHOSTBYADDR_R_5_REENTRANT)
  rc = gethostbyaddr_r(address, length, type, &h, &hdata);
-  ;
+#elif defined(HAVE_GETHOSTBYADDR_R_7) || \
      defined(HAVE_GETHOSTBYADDR_R_7_REENTRANT)
  hp = gethostbyaddr_r(address, length, type, &h, buffer, 8192, &h_errnop);
  (void)hp;
 #elif defined(HAVE_GETHOSTBYADDR_R_8) || \
      defined(HAVE_GETHOSTBYADDR_R_8_REENTRANT)
  rc = gethostbyaddr_r(address, length, type, &h, buffer, 8192, &hp, &h_errnop);
 #endif
 #if   defined(HAVE_GETHOSTBYNAME_R_3) || \
      defined(HAVE_GETHOSTBYNAME_R_3_REENTRANT)
  rc = gethostbyname_r(address, &h, &hdata);
 #elif defined(HAVE_GETHOSTBYNAME_R_5) || \
      defined(HAVE_GETHOSTBYNAME_R_5_REENTRANT)
  rc = gethostbyname_r(address, &h, buffer, 8192, 0, &h_errnop);
  (void)hp; /* not used for test */
 #elif defined(HAVE_GETHOSTBYNAME_R_6) || \
      defined(HAVE_GETHOSTBYNAME_R_6_REENTRANT)
  rc = gethostbyname_r(address, &h, buffer, 8192, &hp, &h_errnop);
 #endif
  (void)length;
  (void)type;
  (void)rc;
  return 0;
 }
 #endif
 #ifdef HAVE_GETHOSTBYADDR_R_5_REENTRANT
 #define _REENTRANT
 #include <sys/types.h>
 #include <netdb.h>
 int
 main ()
 {
 char * address;
 int length;q
 int type;
 struct hostent h;
 struct hostent_data hdata;
 int rc;
 #ifndef gethostbyaddr_r
  (void)gethostbyaddr_r;
 #endif
 rc = gethostbyaddr_r(address, length, type, &h, &hdata);
  ;
  return 0;
 }
 #endif
 #ifdef HAVE_GETHOSTBYADDR_R_7
 #include <sys/types.h>
 #include <netdb.h>
 int
 main ()
 {
 char * address;
 int length;
 int type;
 struct hostent h;
 char buffer[8192];
 int h_errnop;
 struct hostent * hp;
 #ifndef gethostbyaddr_r
  (void)gethostbyaddr_r;
 #endif
 hp = gethostbyaddr_r(address, length, type, &h,
                     buffer, 8192, &h_errnop);
  ;
  return 0;
 }
 #endif
 #ifdef HAVE_GETHOSTBYADDR_R_7_REENTRANT
 #define _REENTRANT
 #include <sys/types.h>
 #include <netdb.h>
 int
 main ()
 {
 char * address;
 int length;
 int type;
 struct hostent h;
 char buffer[8192];
 int h_errnop;
 struct hostent * hp;
 #ifndef gethostbyaddr_r
  (void)gethostbyaddr_r;
 #endif
 hp = gethostbyaddr_r(address, length, type, &h,
                     buffer, 8192, &h_errnop);
  ;
  return 0;
 }
 #endif
 #ifdef HAVE_GETHOSTBYADDR_R_8
 #include <sys/types.h>
 #include <netdb.h>
 int
 main ()
 {
 char * address;
 int length;
 int type;
 struct hostent h;
 char buffer[8192];
 int h_errnop;
 struct hostent * hp;
 int rc;
 #ifndef gethostbyaddr_r
  (void)gethostbyaddr_r;
 #endif
 rc = gethostbyaddr_r(address, length, type, &h,
                     buffer, 8192, &hp, &h_errnop);
  ;
  return 0;
 }
 #endif
 #ifdef HAVE_GETHOSTBYADDR_R_8_REENTRANT
 #define _REENTRANT
 #include <sys/types.h>
 #include <netdb.h>
 int
 main ()
 {
 char * address;
 int length;
 int type;
 struct hostent h;
 char buffer[8192];
 int h_errnop;
 struct hostent * hp;
 int rc;
 #ifndef gethostbyaddr_r
  (void)gethostbyaddr_r;
 #endif
 rc = gethostbyaddr_r(address, length, type, &h,
                     buffer, 8192, &hp, &h_errnop);
  ;
  return 0;
 }
 #endif
 #ifdef HAVE_GETHOSTBYNAME_R_3
 #include <string.h>
 #include <sys/types.h>
 #include <netdb.h>
 #undef NULL
 #define NULL (void *)0
 int
 main ()
 {
 struct hostent_data data;
 #ifndef gethostbyname_r
  (void)gethostbyname_r;
 #endif
 gethostbyname_r(NULL, NULL, NULL);
  ;
  return 0;
 }
 #endif
 #ifdef HAVE_GETHOSTBYNAME_R_3_REENTRANT
 #define _REENTRANT
 #include <string.h>
 #include <sys/types.h>
 #include <netdb.h>
 #undef NULL
 #define NULL (void *)0
 int
 main ()
 {
 struct hostent_data data;
 #ifndef gethostbyname_r
  (void)gethostbyname_r;
 #endif
 gethostbyname_r(NULL, NULL, NULL);
  ;
  return 0;
 }
 #endif
 #ifdef HAVE_GETHOSTBYNAME_R_5
 #include <sys/types.h>
 #include <netinet/in.h>
 #include <netdb.h>
 #undef NULL
 #define NULL (void *)0
 int
 main ()
 {
 #ifndef gethostbyname_r
  (void)gethostbyname_r;
 #endif
 gethostbyname_r(NULL, NULL, NULL, 0, NULL);
  ;
  return 0;
 }
 #endif
 #ifdef HAVE_GETHOSTBYNAME_R_5_REENTRANT
 #define _REENTRANT
 #include <sys/types.h>
 #include <netdb.h>
 #undef NULL
 #define NULL (void *)0
 int
 main ()
 {
 #ifndef gethostbyname_r
  (void)gethostbyname_r;
 #endif
 gethostbyname_r(NULL, NULL, NULL, 0, NULL);
  ;
  return 0;
 }
 #endif
 #ifdef HAVE_GETHOSTBYNAME_R_6
 #include <sys/types.h>
 #include <netdb.h>
 #undef NULL
 #define NULL (void *)0
 int
 main ()
 {
 #ifndef gethostbyname_r
  (void)gethostbyname_r;
 #endif
 gethostbyname_r(NULL, NULL, NULL, 0, NULL, NULL);
  ;
  return 0;
 }
 #endif
 #ifdef HAVE_GETHOSTBYNAME_R_6_REENTRANT
 #define _REENTRANT
 #include <sys/types.h>
 #include <netdb.h>
 #undef NULL
 #define NULL (void *)0
 int
 main ()
 {
 #ifndef gethostbyname_r
  (void)gethostbyname_r;
 #endif
 gethostbyname_r(NULL, NULL, NULL, 0, NULL, NULL);
  ;
  return 0;
 }
 #endif
 #ifdef HAVE_SOCKLEN_T
 #ifdef _WIN32
 #include <ws2tcpip.h>
--- a/CMake/FindGSS.cmake
+++ b/CMake/FindGSS.cmake
@@ -0,0 +1,289 @@
 # - Try to find the GSS Kerberos library
 # Once done this will define
 #
 #  GSS_ROOT_DIR - Set this variable to the root installation of GSS
 #
 # Read-Only variables:
 #  GSS_FOUND - system has the Heimdal library
 #  GSS_FLAVOUR - "MIT" or "Heimdal" if anything found.
 #  GSS_INCLUDE_DIR - the Heimdal include directory
 #  GSS_LIBRARIES - The libraries needed to use GSS
 #  GSS_LINK_DIRECTORIES - Directories to add to linker search path
 #  GSS_LINKER_FLAGS - Additional linker flags
 #  GSS_COMPILER_FLAGS - Additional compiler flags
 #  GSS_VERSION - This is set to version advertised by pkg-config or read from manifest.
 #                In case the library is found but no version info availabe it'll be set to "unknown"
 set(_MIT_MODNAME mit-krb5-gssapi)
 set(_HEIMDAL_MODNAME heimdal-gssapi)
 include(CheckIncludeFile)
 include(CheckIncludeFiles)
 include(CheckTypeSize)
 set(_GSS_ROOT_HINTS
    "${GSS_ROOT_DIR}"
    "$ENV{GSS_ROOT_DIR}"
 )
 # try to find library using system pkg-config if user didn't specify root dir
 if(NOT GSS_ROOT_DIR AND NOT "$ENV{GSS_ROOT_DIR}")
    if(UNIX)
        find_package(PkgConfig QUIET)
        pkg_search_module(_GSS_PKG ${_MIT_MODNAME} ${_HEIMDAL_MODNAME})
        list(APPEND _GSS_ROOT_HINTS "${_GSS_PKG_PREFIX}")
    elseif(WIN32)
        list(APPEND _GSS_ROOT_HINTS "[HKEY_LOCAL_MACHINE\\SOFTWARE\\MIT\\Kerberos;InstallDir]")
    endif()
 endif()
 if(NOT _GSS_FOUND) #not found by pkg-config. Let's take more traditional approach.
    find_file(_GSS_CONFIGURE_SCRIPT
        NAMES
            "krb5-config"
        HINTS
            ${_GSS_ROOT_HINTS}
        PATH_SUFFIXES
            bin
        NO_CMAKE_PATH
        NO_CMAKE_ENVIRONMENT_PATH
    )
    # if not found in user-supplied directories, maybe system knows better
    find_file(_GSS_CONFIGURE_SCRIPT
        NAMES
            "krb5-config"
        PATH_SUFFIXES
            bin
    )
    if(_GSS_CONFIGURE_SCRIPT)
        execute_process(
            COMMAND ${_GSS_CONFIGURE_SCRIPT} "--cflags" "gssapi"
            OUTPUT_VARIABLE _GSS_CFLAGS
            RESULT_VARIABLE _GSS_CONFIGURE_FAILED
        )
 message(STATUS "CFLAGS: ${_GSS_CFLAGS}")
        if(NOT _GSS_CONFIGURE_FAILED) # 0 means success
            # should also work in an odd case when multiple directories are given
            string(STRIP "${_GSS_CFLAGS}" _GSS_CFLAGS)
            string(REGEX REPLACE " +-I" ";" _GSS_CFLAGS "${_GSS_CFLAGS}")
            string(REGEX REPLACE " +-([^I][^ \\t;]*)" ";-\\1"_GSS_CFLAGS "${_GSS_CFLAGS}")
            foreach(_flag ${_GSS_CFLAGS})
                if(_flag MATCHES "^-I.*")
                    string(REGEX REPLACE "^-I" "" _val "${_flag}")
                    list(APPEND _GSS_INCLUDE_DIR "${_val}")
                else()
                    list(APPEND _GSS_COMPILER_FLAGS "${_flag}")
                endif()
            endforeach()
        endif()
        execute_process(
            COMMAND ${_GSS_CONFIGURE_SCRIPT} "--libs" "gssapi"
            OUTPUT_VARIABLE _GSS_LIB_FLAGS
            RESULT_VARIABLE _GSS_CONFIGURE_FAILED
        )
 message(STATUS "LDFLAGS: ${_GSS_LIB_FLAGS}")
        if(NOT _GSS_CONFIGURE_FAILED) # 0 means success
            # this script gives us libraries and link directories. Blah. We have to deal with it.
            string(STRIP "${_GSS_LIB_FLAGS}" _GSS_LIB_FLAGS)
            string(REGEX REPLACE " +-(L|l)" ";-\\1" _GSS_LIB_FLAGS "${_GSS_LIB_FLAGS}")
            string(REGEX REPLACE " +-([^Ll][^ \\t;]*)" ";-\\1"_GSS_LIB_FLAGS "${_GSS_LIB_FLAGS}")
            foreach(_flag ${_GSS_LIB_FLAGS})
                if(_flag MATCHES "^-l.*")
                    string(REGEX REPLACE "^-l" "" _val "${_flag}")
                    list(APPEND _GSS_LIBRARIES "${_val}")
                elseif(_flag MATCHES "^-L.*")
                    string(REGEX REPLACE "^-L" "" _val "${_flag}")
                    list(APPEND _GSS_LINK_DIRECTORIES "${_val}")
                else()
                    list(APPEND _GSS_LINKER_FLAGS "${_flag}")
                endif()
            endforeach()
        endif()
        execute_process(
            COMMAND ${_GSS_CONFIGURE_SCRIPT} "--version"
            OUTPUT_VARIABLE _GSS_VERSION
            RESULT_VARIABLE _GSS_CONFIGURE_FAILED
        )
        # older versions may not have the "--version" parameter. In this case we just don't care.
        if(_GSS_CONFIGURE_FAILED)
            set(_GSS_VERSION 0)
        endif()
        execute_process(
            COMMAND ${_GSS_CONFIGURE_SCRIPT} "--vendor"
            OUTPUT_VARIABLE _GSS_VENDOR
            RESULT_VARIABLE _GSS_CONFIGURE_FAILED
        )
        # older versions may not have the "--vendor" parameter. In this case we just don't care.
        if(_GSS_CONFIGURE_FAILED)
            set(GSS_FLAVOUR "Heimdal") # most probably, shouldn't really matter
        else()
            if(_GSS_VENDOR MATCHES ".*H|heimdal.*")
                set(GSS_FLAVOUR "Heimdal")
            else()
                set(GSS_FLAVOUR "MIT")
            endif()
        endif()
    else() # either there is no config script or we are on platform that doesn't provide one (Windows?)
        find_path(_GSS_INCLUDE_DIR
            NAMES
                "gssapi/gssapi.h"
            HINTS
                ${_GSS_ROOT_HINTS}
            PATH_SUFFIXES
                include
                inc
        )
        if(_GSS_INCLUDE_DIR) #jay, we've found something
            set(CMAKE_REQUIRED_INCLUDES "${_GSS_INCLUDE_DIR}")
            check_include_files( "gssapi/gssapi_generic.h;gssapi/gssapi_krb5.h" _GSS_HAVE_MIT_HEADERS)
            if(_GSS_HAVE_MIT_HEADERS)
                set(GSS_FLAVOUR "MIT")
            else()
                # prevent compiling the header - just check if we can include it
                set(CMAKE_REQUIRED_DEFINITIONS "-D__ROKEN_H__")
                check_include_file( "roken.h" _GSS_HAVE_ROKEN_H)
                check_include_file( "heimdal/roken.h" _GSS_HAVE_HEIMDAL_ROKEN_H)
                if(_GSS_HAVE_ROKEN_H OR _GSS_HAVE_HEIMDAL_ROKEN_H)
                    set(GSS_FLAVOUR "Heimdal")
                endif()
                set(CMAKE_REQUIRED_DEFINITIONS "")
            endif()
        else()
            # I'm not convienced if this is the right way but this is what autotools do at the moment
            find_path(_GSS_INCLUDE_DIR
                NAMES
                    "gssapi.h"
                HINTS
                    ${_GSS_ROOT_HINTS}
                PATH_SUFFIXES
                    include
                    inc
            )
            if(_GSS_INCLUDE_DIR)
                set(GSS_FLAVOUR "Heimdal")
            endif()
        endif()
        # if we have headers, check if we can link libraries
        if(GSS_FLAVOUR)
            set(_GSS_LIBDIR_SUFFIXES "")
            set(_GSS_LIBDIR_HINTS ${_GSS_ROOT_HINTS})
            get_filename_component(_GSS_CALCULATED_POTENTIAL_ROOT "${_GSS_INCLUDE_DIR}" PATH)
            list(APPEND _GSS_LIBDIR_HINTS ${_GSS_CALCULATED_POTENTIAL_ROOT})
            if(WIN32)
                if(CMAKE_SIZEOF_VOID_P EQUAL 8)
                    list(APPEND _GSS_LIBDIR_SUFFIXES "lib/AMD64")
                    if(GSS_FLAVOUR STREQUAL "MIT")
                        set(_GSS_LIBNAME "gssapi64")
                    else()
                        set(_GSS_LIBNAME "libgssapi")
                    endif()
                else()
                    list(APPEND _GSS_LIBDIR_SUFFIXES "lib/i386")
                    if(GSS_FLAVOUR STREQUAL "MIT")
                        set(_GSS_LIBNAME "gssapi32")
                    else()
                        set(_GSS_LIBNAME "libgssapi")
                    endif()
                endif()
            else()
                list(APPEND _GSS_LIBDIR_SUFFIXES "lib;lib64") # those suffixes are not checked for HINTS
                if(GSS_FLAVOUR STREQUAL "MIT")
                    set(_GSS_LIBNAME "gssapi_krb5")
                else()
                    set(_GSS_LIBNAME "gssapi")
                endif()
            endif()
            find_library(_GSS_LIBRARIES
                NAMES
                    ${_GSS_LIBNAME}
                HINTS
                    ${_GSS_LIBDIR_HINTS}
                PATH_SUFFIXES
                    ${_GSS_LIBDIR_SUFFIXES}
            )
        endif()
    endif()
 else()
    if(_GSS_PKG_${_MIT_MODNAME}_VERSION)
        set(GSS_FLAVOUR "MIT")
        set(_GSS_VERSION _GSS_PKG_${_MIT_MODNAME}_VERSION)
    else()
        set(GSS_FLAVOUR "Heimdal")
        set(_GSS_VERSION _GSS_PKG_${_MIT_HEIMDAL}_VERSION)
    endif()
 endif()
 set(GSS_INCLUDE_DIR ${_GSS_INCLUDE_DIR})
 set(GSS_LIBRARIES ${_GSS_LIBRARIES})
 set(GSS_LINK_DIRECTORIES ${_GSS_LINK_DIRECTORIES})
 set(GSS_LINKER_FLAGS ${_GSS_LINKER_FLAGS})
 set(GSS_COMPILER_FLAGS ${_GSS_COMPILER_FLAGS})
 set(GSS_VERSION ${_GSS_VERSION})
 if(GSS_FLAVOUR)
    if(NOT GSS_VERSION AND GSS_FLAVOUR STREQUAL "Heimdal")
        if(CMAKE_SIZEOF_VOID_P EQUAL 8)
            set(HEIMDAL_MANIFEST_FILE "Heimdal.Application.amd64.manifest")
        else()
            set(HEIMDAL_MANIFEST_FILE "Heimdal.Application.x86.manifest")
        endif()
        if(EXISTS "${GSS_INCLUDE_DIR}/${HEIMDAL_MANIFEST_FILE}")
            file(STRINGS "${GSS_INCLUDE_DIR}/${HEIMDAL_MANIFEST_FILE}" heimdal_version_str
                 REGEX "^.*version=\"[0-9]\\.[^\"]+\".*$")
            string(REGEX MATCH "[0-9]\\.[^\"]+"
                   GSS_VERSION "${heimdal_version_str}")
        endif()
        if(NOT GSS_VERSION)
            set(GSS_VERSION "Heimdal Unknown")
        endif()
    elseif(NOT GSS_VERSION AND GSS_FLAVOUR STREQUAL "MIT")
        get_filename_component(_MIT_VERSION "[HKEY_LOCAL_MACHINE\\SOFTWARE\\MIT\\Kerberos\\SDK\\CurrentVersion;VersionString]" NAME CACHE)
        if(WIN32 AND _MIT_VERSION)
            set(GSS_VERSION "${_MIT_VERSION}")
        else()
            set(GSS_VERSION "MIT Unknown")
        endif()
    endif()
 endif()
 include(FindPackageHandleStandardArgs)
 set(_GSS_REQUIRED_VARS GSS_LIBRARIES GSS_FLAVOUR)
 find_package_handle_standard_args(GSS
    REQUIRED_VARS
        ${_GSS_REQUIRED_VARS}
    VERSION_VAR
        GSS_VERSION
    FAIL_MESSAGE
        "Could NOT find GSS, try to set the path to GSS root folder in the system variable GSS_ROOT_DIR"
 )
 mark_as_advanced(GSS_INCLUDE_DIR GSS_LIBRARIES)
--- a/CMake/FindLibSSH2.cmake
+++ b/CMake/FindLibSSH2.cmake
@@ -0,0 +1,35 @@
 # - Try to find the libssh2 library
 # Once done this will define
 #
 # LIBSSH2_FOUND - system has the libssh2 library
 # LIBSSH2_INCLUDE_DIR - the libssh2 include directory
 # LIBSSH2_LIBRARY - the libssh2 library name
 if (LIBSSH2_INCLUDE_DIR AND LIBSSH2_LIBRARY)
  set(LibSSH2_FIND_QUIETLY TRUE)
 endif (LIBSSH2_INCLUDE_DIR AND LIBSSH2_LIBRARY)
 FIND_PATH(LIBSSH2_INCLUDE_DIR libssh2.h
 )
 FIND_LIBRARY(LIBSSH2_LIBRARY NAMES ssh2
 )
 if(LIBSSH2_INCLUDE_DIR)
  file(STRINGS "${LIBSSH2_INCLUDE_DIR}/libssh2.h" libssh2_version_str REGEX "^#define[\t ]+LIBSSH2_VERSION_NUM[\t ]+0x[0-9][0-9][0-9][0-9][0-9][0-9].*")
  string(REGEX REPLACE "^.*LIBSSH2_VERSION_NUM[\t ]+0x([0-9][0-9]).*$" "\\1" LIBSSH2_VERSION_MAJOR "${libssh2_version_str}")
  string(REGEX REPLACE "^.*LIBSSH2_VERSION_NUM[\t ]+0x[0-9][0-9]([0-9][0-9]).*$" "\\1" LIBSSH2_VERSION_MINOR  "${libssh2_version_str}")
  string(REGEX REPLACE "^.*LIBSSH2_VERSION_NUM[\t ]+0x[0-9][0-9][0-9][0-9]([0-9][0-9]).*$" "\\1" LIBSSH2_VERSION_PATCH "${libssh2_version_str}")
  string(REGEX REPLACE "^0(.+)" "\\1" LIBSSH2_VERSION_MAJOR "${LIBSSH2_VERSION_MAJOR}")
  string(REGEX REPLACE "^0(.+)" "\\1" LIBSSH2_VERSION_MINOR "${LIBSSH2_VERSION_MINOR}")
  string(REGEX REPLACE "^0(.+)" "\\1" LIBSSH2_VERSION_PATCH "${LIBSSH2_VERSION_PATCH}")
  set(LIBSSH2_VERSION "${LIBSSH2_VERSION_MAJOR}.${LIBSSH2_VERSION_MINOR}.${LIBSSH2_VERSION_PATCH}")
 endif(LIBSSH2_INCLUDE_DIR)
 include(FindPackageHandleStandardArgs)
 FIND_PACKAGE_HANDLE_STANDARD_ARGS(LibSSH2 DEFAULT_MSG LIBSSH2_INCLUDE_DIR LIBSSH2_LIBRARY )
 MARK_AS_ADVANCED(LIBSSH2_INCLUDE_DIR LIBSSH2_LIBRARY LIBSSH2_VERSION_MAJOR LIBSSH2_VERSION_MINOR LIBSSH2_VERSION_PATCH LIBSSH2_VERSION)
--- a/CMake/FindOpenSSL.cmake
+++ b/CMake/FindOpenSSL.cmake
@@ -1,21 +0,0 @@
 # Extension of the standard FindOpenSSL.cmake
 # Adds OPENSSL_INCLUDE_DIRS and libeay32
 include("${CMAKE_ROOT}/Modules/FindOpenSSL.cmake")
 # starting 2.8 it is better to use standard modules
 if(CMAKE_MAJOR_VERSION EQUAL "2" AND CMAKE_MINOR_VERSION LESS "8")
  # Bill Hoffman told that libeay32 is necessary for him:
  find_library(SSL_LIBEAY NAMES libeay32)
  if(OPENSSL_FOUND)
    if(SSL_LIBEAY)
      list(APPEND OPENSSL_LIBRARIES ${SSL_LIBEAY})
    else()
      set(OPENSSL_FOUND FALSE)
    endif()
  endif()
 endif() # if (CMAKE_MAJOR_VERSION EQUAL "2" AND CMAKE_MINOR_VERSION LESS "8")
 if(OPENSSL_FOUND)
  set(OPENSSL_INCLUDE_DIRS ${OPENSSL_INCLUDE_DIR})
 endif()
--- a/CMake/FindZLIB.cmake
+++ b/CMake/FindZLIB.cmake
@@ -1,10 +0,0 @@
 # Locate zlib
 include("${CMAKE_ROOT}/Modules/FindZLIB.cmake")
 # starting 2.8 it is better to use standard modules
 if(CMAKE_MAJOR_VERSION EQUAL "2" AND CMAKE_MINOR_VERSION LESS "8")
  find_library(ZLIB_LIBRARY_DEBUG NAMES zd zlibd zdlld zlib1d )
  if(ZLIB_FOUND AND ZLIB_LIBRARY_DEBUG)
    set( ZLIB_LIBRARIES optimized "${ZLIB_LIBRARY}" debug ${ZLIB_LIBRARY_DEBUG})
  endif()
 endif()
--- a/CMake/Macros.cmake
+++ b/CMake/Macros.cmake
@@ -0,0 +1,95 @@
 #File defines convenience macros for available feature testing
 # This macro checks if the symbol exists in the library and if it
 # does, it prepends library to the list.  It is intended to be called
 # multiple times with a sequence of possibly dependent libraries in
 # order of least-to-most-dependent.  Some libraries depend on others
 # to link correctly.
 macro(CHECK_LIBRARY_EXISTS_CONCAT LIBRARY SYMBOL VARIABLE)
  check_library_exists("${LIBRARY};${CURL_LIBS}" ${SYMBOL} "${CMAKE_LIBRARY_PATH}"
    ${VARIABLE})
  if(${VARIABLE})
    set(CURL_LIBS ${LIBRARY} ${CURL_LIBS})
  endif(${VARIABLE})
 endmacro(CHECK_LIBRARY_EXISTS_CONCAT)
 # Check if header file exists and add it to the list.
 # This macro is intended to be called multiple times with a sequence of
 # possibly dependent header files.  Some headers depend on others to be
 # compiled correctly.
 macro(CHECK_INCLUDE_FILE_CONCAT FILE VARIABLE)
  check_include_files("${CURL_INCLUDES};${FILE}" ${VARIABLE})
  if(${VARIABLE})
    set(CURL_INCLUDES ${CURL_INCLUDES} ${FILE})
    set(CURL_TEST_DEFINES "${CURL_TEST_DEFINES} -D${VARIABLE}")
  endif(${VARIABLE})
 endmacro(CHECK_INCLUDE_FILE_CONCAT)
 # For other curl specific tests, use this macro.
 macro(CURL_INTERNAL_TEST CURL_TEST)
  if(NOT DEFINED "${CURL_TEST}")
    set(MACRO_CHECK_FUNCTION_DEFINITIONS
      "-D${CURL_TEST} ${CURL_TEST_DEFINES} ${CMAKE_REQUIRED_FLAGS}")
    if(CMAKE_REQUIRED_LIBRARIES)
      set(CURL_TEST_ADD_LIBRARIES
        "-DLINK_LIBRARIES:STRING=${CMAKE_REQUIRED_LIBRARIES}")
    endif(CMAKE_REQUIRED_LIBRARIES)
    message(STATUS "Performing Curl Test ${CURL_TEST}")
    try_compile(${CURL_TEST}
      ${CMAKE_BINARY_DIR}
      ${CMAKE_CURRENT_SOURCE_DIR}/CMake/CurlTests.c
      CMAKE_FLAGS -DCOMPILE_DEFINITIONS:STRING=${MACRO_CHECK_FUNCTION_DEFINITIONS}
      "${CURL_TEST_ADD_LIBRARIES}"
      OUTPUT_VARIABLE OUTPUT)
    if(${CURL_TEST})
      set(${CURL_TEST} 1 CACHE INTERNAL "Curl test ${FUNCTION}")
      message(STATUS "Performing Curl Test ${CURL_TEST} - Success")
      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeOutput.log
        "Performing Curl Test ${CURL_TEST} passed with the following output:\n"
        "${OUTPUT}\n")
    else(${CURL_TEST})
      message(STATUS "Performing Curl Test ${CURL_TEST} - Failed")
      set(${CURL_TEST} "" CACHE INTERNAL "Curl test ${FUNCTION}")
      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log
        "Performing Curl Test ${CURL_TEST} failed with the following output:\n"
        "${OUTPUT}\n")
    endif(${CURL_TEST})
  endif()
 endmacro(CURL_INTERNAL_TEST)
 macro(CURL_INTERNAL_TEST_RUN CURL_TEST)
  if(NOT DEFINED "${CURL_TEST}_COMPILE")
    set(MACRO_CHECK_FUNCTION_DEFINITIONS
      "-D${CURL_TEST} ${CMAKE_REQUIRED_FLAGS}")
    if(CMAKE_REQUIRED_LIBRARIES)
      set(CURL_TEST_ADD_LIBRARIES
        "-DLINK_LIBRARIES:STRING=${CMAKE_REQUIRED_LIBRARIES}")
    endif(CMAKE_REQUIRED_LIBRARIES)
    message(STATUS "Performing Curl Test ${CURL_TEST}")
    try_run(${CURL_TEST} ${CURL_TEST}_COMPILE
      ${CMAKE_BINARY_DIR}
      ${CMAKE_CURRENT_SOURCE_DIR}/CMake/CurlTests.c
      CMAKE_FLAGS -DCOMPILE_DEFINITIONS:STRING=${MACRO_CHECK_FUNCTION_DEFINITIONS}
      "${CURL_TEST_ADD_LIBRARIES}"
      OUTPUT_VARIABLE OUTPUT)
    if(${CURL_TEST}_COMPILE AND NOT ${CURL_TEST})
      set(${CURL_TEST} 1 CACHE INTERNAL "Curl test ${FUNCTION}")
      message(STATUS "Performing Curl Test ${CURL_TEST} - Success")
    else(${CURL_TEST}_COMPILE AND NOT ${CURL_TEST})
      message(STATUS "Performing Curl Test ${CURL_TEST} - Failed")
      set(${CURL_TEST} "" CACHE INTERNAL "Curl test ${FUNCTION}")
      file(APPEND "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log"
        "Performing Curl Test ${CURL_TEST} failed with the following output:\n"
        "${OUTPUT}")
      if(${CURL_TEST}_COMPILE)
        file(APPEND
          "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log"
          "There was a problem running this test\n")
      endif(${CURL_TEST}_COMPILE)
      file(APPEND "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log"
        "\n\n")
    endif(${CURL_TEST}_COMPILE AND NOT ${CURL_TEST})
  endif()
 endmacro(CURL_INTERNAL_TEST_RUN)
--- a/CMake/OtherTests.cmake
+++ b/CMake/OtherTests.cmake
@@ -1,15 +1,10 @@
-include(CurlCheckCSourceCompiles)
+include(CheckCSourceCompiles)
-set(EXTRA_DEFINES "__unused1\n#undef inline\n#define __unused2")
+# The begin of the sources (macros and includes)
-set(HEADER_INCLUDES)
+set(_source_epilogue "#undef inline")
 set(headers_hack)
 macro(add_header_include check header)
  if(${check})
-    set(headers_hack
+    set(_source_epilogue "${_source_epilogue}\n#include <${header}>")
      "${headers_hack}\n#include <${header}>")
    #SET(HEADER_INCLUDES
    #  ${HEADER_INCLUDES}
    #  "${header}")
  endif(${check})
 endmacro(add_header_include)
@@ -18,22 +13,23 @@ if(HAVE_WINDOWS_H)
  add_header_include(HAVE_WINDOWS_H "windows.h")
  add_header_include(HAVE_WINSOCK2_H "winsock2.h")
  add_header_include(HAVE_WINSOCK_H "winsock.h")
-  set(EXTRA_DEFINES ${EXTRA_DEFINES}
+  set(_source_epilogue
-    "__unused7\n#ifndef WIN32_LEAN_AND_MEAN\n#define WIN32_LEAN_AND_MEAN\n#endif\n#define __unused3")
+      "${_source_epilogue}\n#ifndef WIN32_LEAN_AND_MEAN\n#define WIN32_LEAN_AND_MEAN\n#endif")
  set(signature_call_conv "PASCAL")
  if(HAVE_LIBWS2_32)
    set(CMAKE_REQUIRED_LIBRARIES ws2_32)
  endif()
 else(HAVE_WINDOWS_H)
  add_header_include(HAVE_SYS_TYPES_H "sys/types.h")
  add_header_include(HAVE_SYS_SOCKET_H "sys/socket.h")
 endif(HAVE_WINDOWS_H)
-set(EXTRA_DEFINES_BACKUP "${EXTRA_DEFINES}")
+check_c_source_compiles("${_source_epilogue}
-set(EXTRA_DEFINES "${EXTRA_DEFINES_BACKUP}\n${headers_hack}\n${extern_line}\n#define __unused5")
+int main(void) {
-curl_check_c_source_compiles("recv(0, 0, 0, 0)" curl_cv_recv)
+    recv(0, 0, 0, 0);
    return 0;
 }" curl_cv_recv)
 if(curl_cv_recv)
  #    AC_CACHE_CHECK([types of arguments and return type for recv],
  #[curl_cv_func_recv_args], [
  #SET(curl_cv_func_recv_args "unknown")
  #for recv_retv in 'int' 'ssize_t'; do
  if(NOT DEFINED curl_cv_func_recv_args OR "${curl_cv_func_recv_args}" STREQUAL "unknown")
    foreach(recv_retv "int" "ssize_t" )
      foreach(recv_arg1 "int" "ssize_t" "SOCKET")
@@ -41,17 +37,23 @@ if(curl_cv_recv)
          foreach(recv_arg3 "size_t" "int" "socklen_t" "unsigned int")
            foreach(recv_arg4 "int" "unsigned int")
              if(NOT curl_cv_func_recv_done)
-                set(curl_cv_func_recv_test "UNKNOWN")
+                unset(curl_cv_func_recv_test CACHE)
-                set(extern_line "extern ${recv_retv} ${signature_call_conv} recv(${recv_arg1}, ${recv_arg2}, ${recv_arg3}, ${recv_arg4})\;")
+                check_c_source_compiles("
-                set(EXTRA_DEFINES "${EXTRA_DEFINES_BACKUP}\n${headers_hack}\n${extern_line}\n#define __unused5")
+                  ${_source_epilogue}
-                curl_check_c_source_compiles("
+                  extern ${recv_retv} ${signature_call_conv}
                  recv(${recv_arg1}, ${recv_arg2}, ${recv_arg3}, ${recv_arg4});
                  int main(void) {
                    ${recv_arg1} s=0;
                    ${recv_arg2} buf=0;
                    ${recv_arg3} len=0;
                    ${recv_arg4} flags=0;
-                    ${recv_retv} res = recv(s, buf, len, flags)"
+                    ${recv_retv} res = recv(s, buf, len, flags);
-                  curl_cv_func_recv_test
+                    (void) res;
-                  "${recv_retv} recv(${recv_arg1}, ${recv_arg2}, ${recv_arg3}, ${recv_arg4})")
+                    return 0;
                  }"
                  curl_cv_func_recv_test)
                message(STATUS
                  "Tested: ${recv_retv} recv(${recv_arg1}, ${recv_arg2}, ${recv_arg3}, ${recv_arg4})")
                if(curl_cv_func_recv_test)
                  set(curl_cv_func_recv_args
                    "${recv_arg1},${recv_arg2},${recv_arg3},${recv_arg4},${recv_retv}")
@@ -69,18 +71,13 @@ if(curl_cv_recv)
        endforeach(recv_arg2)
      endforeach(recv_arg1)
    endforeach(recv_retv)
-  else(NOT DEFINED curl_cv_func_recv_args OR "${curl_cv_func_recv_args}" STREQUAL "unknown")
+  else()
    string(REGEX REPLACE "^([^,]*),[^,]*,[^,]*,[^,]*,[^,]*$" "\\1" RECV_TYPE_ARG1 "${curl_cv_func_recv_args}")
    string(REGEX REPLACE "^[^,]*,([^,]*),[^,]*,[^,]*,[^,]*$" "\\1" RECV_TYPE_ARG2 "${curl_cv_func_recv_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,([^,]*),[^,]*,[^,]*$" "\\1" RECV_TYPE_ARG3 "${curl_cv_func_recv_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,[^,]*,([^,]*),[^,]*$" "\\1" RECV_TYPE_ARG4 "${curl_cv_func_recv_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,[^,]*,[^,]*,([^,]*)$" "\\1" RECV_TYPE_RETV "${curl_cv_func_recv_args}")
-    #MESSAGE("RECV_TYPE_ARG1 ${RECV_TYPE_ARG1}")
+  endif()
    #MESSAGE("RECV_TYPE_ARG2 ${RECV_TYPE_ARG2}")
    #MESSAGE("RECV_TYPE_ARG3 ${RECV_TYPE_ARG3}")
    #MESSAGE("RECV_TYPE_ARG4 ${RECV_TYPE_ARG4}")
    #MESSAGE("RECV_TYPE_RETV ${RECV_TYPE_RETV}")
  endif(NOT DEFINED curl_cv_func_recv_args OR "${curl_cv_func_recv_args}" STREQUAL "unknown")
  if("${curl_cv_func_recv_args}" STREQUAL "unknown")
    message(FATAL_ERROR "Cannot find proper types to use for recv args")
@@ -91,12 +88,12 @@ endif(curl_cv_recv)
 set(curl_cv_func_recv_args "${curl_cv_func_recv_args}" CACHE INTERNAL "Arguments for recv")
 set(HAVE_RECV 1)
-curl_check_c_source_compiles("send(0, 0, 0, 0)" curl_cv_send)
+check_c_source_compiles("${_source_epilogue}
 int main(void) {
    send(0, 0, 0, 0);
    return 0;
 }" curl_cv_send)
 if(curl_cv_send)
  #    AC_CACHE_CHECK([types of arguments and return type for send],
  #[curl_cv_func_send_args], [
  #SET(curl_cv_func_send_args "unknown")
  #for send_retv in 'int' 'ssize_t'; do
  if(NOT DEFINED curl_cv_func_send_args OR "${curl_cv_func_send_args}" STREQUAL "unknown")
    foreach(send_retv "int" "ssize_t" )
      foreach(send_arg1 "int" "ssize_t" "SOCKET")
@@ -104,19 +101,24 @@ if(curl_cv_send)
          foreach(send_arg3 "size_t" "int" "socklen_t" "unsigned int")
            foreach(send_arg4 "int" "unsigned int")
              if(NOT curl_cv_func_send_done)
-                set(curl_cv_func_send_test "UNKNOWN")
+                unset(curl_cv_func_send_test CACHE)
-                set(extern_line "extern ${send_retv} ${signature_call_conv} send(${send_arg1}, ${send_arg2}, ${send_arg3}, ${send_arg4})\;")
+                check_c_source_compiles("
-                set(EXTRA_DEFINES "${EXTRA_DEFINES_BACKUP}\n${headers_hack}\n${extern_line}\n#define __unused5")
+                  ${_source_epilogue}
-                curl_check_c_source_compiles("
+                  extern ${send_retv} ${signature_call_conv}
                  send(${send_arg1}, ${send_arg2}, ${send_arg3}, ${send_arg4});
                  int main(void) {
                    ${send_arg1} s=0;
                    ${send_arg2} buf=0;
                    ${send_arg3} len=0;
                    ${send_arg4} flags=0;
-                    ${send_retv} res = send(s, buf, len, flags)"
+                    ${send_retv} res = send(s, buf, len, flags);
-                  curl_cv_func_send_test
+                    (void) res;
-                  "${send_retv} send(${send_arg1}, ${send_arg2}, ${send_arg3}, ${send_arg4})")
+                    return 0;
                  }"
                  curl_cv_func_send_test)
                message(STATUS
                  "Tested: ${send_retv} send(${send_arg1}, ${send_arg2}, ${send_arg3}, ${send_arg4})")
                if(curl_cv_func_send_test)
                  #MESSAGE("Found arguments: ${curl_cv_func_send_test}")
                  string(REGEX REPLACE "(const) .*" "\\1" send_qual_arg2 "${send_arg2}")
                  string(REGEX REPLACE "const (.*)" "\\1" send_arg2 "${send_arg2}")
                  set(curl_cv_func_send_args
@@ -135,20 +137,14 @@ if(curl_cv_send)
        endforeach(send_arg2)
      endforeach(send_arg1)
    endforeach(send_retv)
-  else(NOT DEFINED curl_cv_func_send_args OR "${curl_cv_func_send_args}" STREQUAL "unknown")
+  else()
    string(REGEX REPLACE "^([^,]*),[^,]*,[^,]*,[^,]*,[^,]*,[^,]*$" "\\1" SEND_TYPE_ARG1 "${curl_cv_func_send_args}")
    string(REGEX REPLACE "^[^,]*,([^,]*),[^,]*,[^,]*,[^,]*,[^,]*$" "\\1" SEND_TYPE_ARG2 "${curl_cv_func_send_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,([^,]*),[^,]*,[^,]*,[^,]*$" "\\1" SEND_TYPE_ARG3 "${curl_cv_func_send_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,[^,]*,([^,]*),[^,]*,[^,]*$" "\\1" SEND_TYPE_ARG4 "${curl_cv_func_send_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,[^,]*,[^,]*,([^,]*),[^,]*$" "\\1" SEND_TYPE_RETV "${curl_cv_func_send_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,[^,]*,[^,]*,[^,]*,([^,]*)$" "\\1" SEND_QUAL_ARG2 "${curl_cv_func_send_args}")
-    #MESSAGE("SEND_TYPE_ARG1 ${SEND_TYPE_ARG1}")
+  endif()
    #MESSAGE("SEND_TYPE_ARG2 ${SEND_TYPE_ARG2}")
    #MESSAGE("SEND_TYPE_ARG3 ${SEND_TYPE_ARG3}")
    #MESSAGE("SEND_TYPE_ARG4 ${SEND_TYPE_ARG4}")
    #MESSAGE("SEND_TYPE_RETV ${SEND_TYPE_RETV}")
    #MESSAGE("SEND_QUAL_ARG2 ${SEND_QUAL_ARG2}")
  endif(NOT DEFINED curl_cv_func_send_args OR "${curl_cv_func_send_args}" STREQUAL "unknown")
  if("${curl_cv_func_send_args}" STREQUAL "unknown")
    message(FATAL_ERROR "Cannot find proper types to use for send args")
@@ -160,88 +156,71 @@ endif(curl_cv_send)
 set(curl_cv_func_send_args "${curl_cv_func_send_args}" CACHE INTERNAL "Arguments for send")
 set(HAVE_SEND 1)
-set(EXTRA_DEFINES "${EXTRA_DEFINES}\n${headers_hack}\n#define __unused5")
+check_c_source_compiles("${_source_epilogue}
-curl_check_c_source_compiles("int flag = MSG_NOSIGNAL" HAVE_MSG_NOSIGNAL)
+  int main(void) {
    int flag = MSG_NOSIGNAL;
    (void)flag;
    return 0;
  }" HAVE_MSG_NOSIGNAL)
-set(EXTRA_DEFINES "__unused1\n#undef inline\n#define __unused2")
+if(NOT HAVE_WINDOWS_H)
 set(HEADER_INCLUDES)
 set(headers_hack)
 macro(add_header_include check header)
  if(${check})
    set(headers_hack
      "${headers_hack}\n#include <${header}>")
    #SET(HEADER_INCLUDES
    #  ${HEADER_INCLUDES}
    #  "${header}")
  endif(${check})
 endmacro(add_header_include header)
 if(HAVE_WINDOWS_H)
  set(EXTRA_DEFINES ${EXTRA_DEFINES}
    "__unused7\n#ifndef WIN32_LEAN_AND_MEAN\n#define WIN32_LEAN_AND_MEAN\n#endif\n#define __unused3")
  add_header_include(HAVE_WINDOWS_H "windows.h")
  add_header_include(HAVE_WINSOCK2_H "winsock2.h")
  add_header_include(HAVE_WINSOCK_H "winsock.h")
 else(HAVE_WINDOWS_H)
  add_header_include(HAVE_SYS_TYPES_H "sys/types.h")
  add_header_include(HAVE_SYS_TIME_H "sys/time.h")
  add_header_include(TIME_WITH_SYS_TIME "time.h")
  add_header_include(HAVE_TIME_H "time.h")
-endif(HAVE_WINDOWS_H)
+endif()
-set(EXTRA_DEFINES "${EXTRA_DEFINES}\n${headers_hack}\n#define __unused5")
+check_c_source_compiles("${_source_epilogue}
-curl_check_c_source_compiles("struct timeval ts;\nts.tv_sec  = 0;\nts.tv_usec = 0" HAVE_STRUCT_TIMEVAL)
+int main(void) {
  struct timeval ts;
  ts.tv_sec  = 0;
  ts.tv_usec = 0;
  (void)ts;
  return 0;
 }" HAVE_STRUCT_TIMEVAL)
-include(CurlCheckCSourceRuns)
+include(CheckCSourceRuns)
-set(EXTRA_DEFINES)
+set(CMAKE_REQUIRED_FLAGS)
 set(HEADER_INCLUDES)
 if(HAVE_SYS_POLL_H)
-  set(HEADER_INCLUDES "sys/poll.h")
+  set(CMAKE_REQUIRED_FLAGS "-DHAVE_SYS_POLL_H")
 endif(HAVE_SYS_POLL_H)
-curl_check_c_source_runs("return poll((void *)0, 0, 10 /*ms*/)" HAVE_POLL_FINE)
+check_c_source_runs("
  #ifdef HAVE_SYS_POLL_H
  #  include <sys/poll.h>
  #endif
  int main(void) {
    return poll((void *)0, 0, 10 /*ms*/);
  }" HAVE_POLL_FINE)
 set(HAVE_SIG_ATOMIC_T 1)
-set(EXTRA_DEFINES)
+set(CMAKE_REQUIRED_FLAGS)
 set(HEADER_INCLUDES)
 if(HAVE_SIGNAL_H)
-  set(HEADER_INCLUDES "signal.h")
+  set(CMAKE_REQUIRED_FLAGS "-DHAVE_SIGNAL_H")
  set(CMAKE_EXTRA_INCLUDE_FILES "signal.h")
 endif(HAVE_SIGNAL_H)
 check_type_size("sig_atomic_t" SIZEOF_SIG_ATOMIC_T)
 if(HAVE_SIZEOF_SIG_ATOMIC_T)
-  curl_check_c_source_compiles("static volatile sig_atomic_t dummy = 0" HAVE_SIG_ATOMIC_T_NOT_VOLATILE)
+  check_c_source_compiles("
    #ifdef HAVE_SIGNAL_H
    #  include <signal.h>
    #endif
    int main(void) {
      static volatile sig_atomic_t dummy = 0;
      (void)dummy;
      return 0;
    }" HAVE_SIG_ATOMIC_T_NOT_VOLATILE)
  if(NOT HAVE_SIG_ATOMIC_T_NOT_VOLATILE)
    set(HAVE_SIG_ATOMIC_T_VOLATILE 1)
  endif(NOT HAVE_SIG_ATOMIC_T_NOT_VOLATILE)
 endif(HAVE_SIZEOF_SIG_ATOMIC_T)
 set(CHECK_TYPE_SIZE_PREINCLUDE
  "#undef inline")
 if(HAVE_WINDOWS_H)
-  set(CHECK_TYPE_SIZE_PREINCLUDE "${CHECK_TYPE_SIZE_PREINCLUDE}
+  set(CMAKE_EXTRA_INCLUDE_FILES winsock2.h)
-  #ifndef WIN32_LEAN_AND_MEAN
+else()
-  #define WIN32_LEAN_AND_MEAN
+  set(CMAKE_EXTRA_INCLUDE_FILES)
  #endif
  #include <windows.h>")
  if(HAVE_WINSOCK2_H)
    set(CHECK_TYPE_SIZE_PREINCLUDE "${CHECK_TYPE_SIZE_PREINCLUDE}\n#include <winsock2.h>")
  endif(HAVE_WINSOCK2_H)
 else(HAVE_WINDOWS_H)
  if(HAVE_SYS_SOCKET_H)
-    set(CMAKE_EXTRA_INCLUDE_FILES ${CMAKE_EXTRA_INCLUDE_FILES}
+    set(CMAKE_EXTRA_INCLUDE_FILES sys/socket.h)
      "sys/socket.h")
  endif(HAVE_SYS_SOCKET_H)
-  if(HAVE_NETINET_IN_H)
+endif()
    set(CMAKE_EXTRA_INCLUDE_FILES ${CMAKE_EXTRA_INCLUDE_FILES}
      "netinet/in.h")
  endif(HAVE_NETINET_IN_H)
  if(HAVE_ARPA_INET_H)
    set(CMAKE_EXTRA_INCLUDE_FILES ${CMAKE_EXTRA_INCLUDE_FILES}
      "arpa/inet.h")
  endif(HAVE_ARPA_INET_H)
 endif(HAVE_WINDOWS_H)
 check_type_size("struct sockaddr_storage" SIZEOF_STRUCT_SOCKADDR_STORAGE)
 if(HAVE_SIZEOF_STRUCT_SOCKADDR_STORAGE)
--- a/CMake/Platforms/WindowsCache.cmake
+++ b/CMake/Platforms/WindowsCache.cmake
@@ -5,6 +5,7 @@ if(NOT UNIX)
    set(HAVE_LIBSOCKET 0)
    set(NOT_NEED_LIBNSL 0)
    set(HAVE_LIBNSL 0)
    set(HAVE_GETHOSTNAME 1)
    set(HAVE_LIBZ 0)
    set(HAVE_LIBCRYPTO 0)
@@ -14,7 +15,6 @@ if(NOT UNIX)
    set(HAVE_ARPA_INET_H 0)
    set(HAVE_DLFCN_H 0)
    set(HAVE_FCNTL_H 1)
    set(HAVE_FEATURES_H 0)
    set(HAVE_INTTYPES_H 0)
    set(HAVE_IO_H 1)
    set(HAVE_MALLOC_H 1)
@@ -108,7 +108,11 @@ if(NOT UNIX)
    set(HAVE_IN_ADDR_T 0)
    set(HAVE_INET_NTOA_R_DECL 0)
    set(HAVE_INET_NTOA_R_DECL_REENTRANT 0)
    if(ENABLE_IPV6)
      set(HAVE_GETADDRINFO 1)
    else()
      set(HAVE_GETADDRINFO 0)
    endif()
    set(STDC_HEADERS 1)
    set(RETSIGTYPE_TEST 1)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,3 +1,24 @@
 #***************************************************************************
 #                                  _   _ ____  _
 #  Project                     ___| | | |  _ \| |
 #                             / __| | | | |_) | |
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
 # Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
 # are also available at http://curl.haxx.se/docs/copyright.html.
 #
 # You may opt to use, copy, modify, merge, publish, distribute and/or sell
 # copies of the Software, and permit persons to whom the Software is
 # furnished to do so, under the terms of the COPYING file.
 #
 # This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 # KIND, either express or implied.
 #
 ###########################################################################
 # cURL/libcurl CMake script
 # by Tetetest and Sukender (Benoit Neil)
@@ -17,34 +38,27 @@
 # To check:
 # (From Daniel Stenberg) The cmake build selected to run gcc with -fPIC on my box while the plain configure script did not.
 # (From Daniel Stenberg) The gcc command line use neither -g nor any -O options. As a developer, I also treasure our configure scripts's --enable-debug option that sets a long range of "picky" compiler options.
-cmake_minimum_required(VERSION 2.6.2 FATAL_ERROR)
+cmake_minimum_required(VERSION 2.8 FATAL_ERROR)
 set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/CMake;${CMAKE_MODULE_PATH}")
 include(Utilities)
 include(Macros)
 project( CURL C )
 message(WARNING "the curl cmake build system is poorly maintained. Be aware")
 file (READ ${CURL_SOURCE_DIR}/include/curl/curlver.h CURL_VERSION_H_CONTENTS)
-string (REGEX MATCH "LIBCURL_VERSION_MAJOR[ \t]+([0-9]+)"
+string (REGEX MATCH "#define LIBCURL_VERSION \"[^\"]*"
-  LIBCURL_VERSION_MJ ${CURL_VERSION_H_CONTENTS})
+  CURL_VERSION ${CURL_VERSION_H_CONTENTS})
-string (REGEX MATCH "([0-9]+)"
+string (REGEX REPLACE "[^\"]+\"" "" CURL_VERSION ${CURL_VERSION})
-  LIBCURL_VERSION_MJ ${LIBCURL_VERSION_MJ})
+string (REGEX MATCH "#define LIBCURL_VERSION_NUM 0x[0-9a-fA-F]+"
-string (REGEX MATCH
+  CURL_VERSION_NUM ${CURL_VERSION_H_CONTENTS})
-  "LIBCURL_VERSION_MINOR[ \t]+([0-9]+)"
+string (REGEX REPLACE "[^0]+0x" "" CURL_VERSION_NUM ${CURL_VERSION_NUM})
  LIBCURL_VERSION_MI ${CURL_VERSION_H_CONTENTS})
 string (REGEX MATCH "([0-9]+)" LIBCURL_VERSION_MI ${LIBCURL_VERSION_MI})
 string (REGEX MATCH
  "LIBCURL_VERSION_PATCH[ \t]+([0-9]+)"
  LIBCURL_VERSION_PT ${CURL_VERSION_H_CONTENTS})
 string (REGEX MATCH "([0-9]+)" LIBCURL_VERSION_PT ${LIBCURL_VERSION_PT})
 set (CURL_MAJOR_VERSION ${LIBCURL_VERSION_MJ})
 set (CURL_MINOR_VERSION ${LIBCURL_VERSION_MI})
 set (CURL_PATCH_VERSION ${LIBCURL_VERSION_PT})
 include_regular_expression("^.*$")    # Sukender: Is it necessary?
 # Setup package meta-data
 # SET(PACKAGE "curl")
 set(CURL_VERSION ${CURL_MAJOR_VERSION}.${CURL_MINOR_VERSION}.${CURL_PATCH_VERSION})
 message(STATUS "curl version=[${CURL_VERSION}]")
 # SET(PACKAGE_TARNAME "curl")
 # SET(PACKAGE_NAME "curl")
@@ -60,12 +74,17 @@ include_directories( ${CURL_SOURCE_DIR}/include )
 option(BUILD_CURL_EXE "Set to ON to build cURL executable." ON)
 option(BUILD_CURL_TESTS "Set to ON to build cURL tests." ON)
 option(CURL_STATICLIB "Set to ON to build libcurl with static linking." OFF)
-option(CURL_USE_ARES "Set to ON to enable c-ares support" OFF)
+option(ENABLE_ARES "Set to ON to enable c-ares support" OFF)
 option(ENABLE_THREADED_RESOLVER "Set to ON to enable POSIX threaded DNS lookup" OFF)
 # initialize CURL_LIBS
 set(CURL_LIBS "")
-if(CURL_USE_ARES)
+if(ENABLE_THREADED_RESOLVER AND ENABLE_ARES)
-  set(USE_ARES ${CURL_USE_ARES})
+  message(FATAL_ERROR "Options ENABLE_THREADED_RESOLVER and ENABLE_ARES are mutually exclusive")
 endif()
 if(ENABLE_ARES)
  set(USE_ARES 1)
  find_package(CARES REQUIRED)
  list(APPEND CURL_LIBS ${CARES_LIBRARY} )
  set(CURL_LIBS ${CURL_LIBS} ${CARES_LIBRARY})
@@ -110,6 +129,19 @@ mark_as_advanced(CURL_DISABLE_HTTP)
 option(CURL_DISABLE_LDAPS "to disable LDAPS" OFF)
 mark_as_advanced(CURL_DISABLE_LDAPS)
 option(CURL_DISABLE_RTSP "to disable RTSP" OFF)
 mark_as_advanced(CURL_DISABLE_RTSP)
 option(CURL_DISABLE_PROXY "to disable proxy" OFF)
 mark_as_advanced(CURL_DISABLE_PROXY)
 option(CURL_DISABLE_POP3 "to disable POP3" OFF)
 mark_as_advanced(CURL_DISABLE_POP3)
 option(CURL_DISABLE_IMAP "to disable IMAP" OFF)
 mark_as_advanced(CURL_DISABLE_IMAP)
 option(CURL_DISABLE_SMTP "to disable SMTP" OFF)
 mark_as_advanced(CURL_DISABLE_SMTP)
 option(CURL_DISABLE_GOPHER "to disable Gopher" OFF)
 mark_as_advanced(CURL_DISABLE_GOPHER)
 if(HTTP_ONLY)
  set(CURL_DISABLE_FTP ON)
  set(CURL_DISABLE_LDAP ON)
@@ -118,6 +150,11 @@ if(HTTP_ONLY)
  set(CURL_DISABLE_DICT ON)
  set(CURL_DISABLE_FILE ON)
  set(CURL_DISABLE_TFTP ON)
  set(CURL_DISABLE_RTSP ON)
  set(CURL_DISABLE_POP3 ON)
  set(CURL_DISABLE_IMAP ON)
  set(CURL_DISABLE_SMTP ON)
  set(CURL_DISABLE_GOPHER ON)
 endif()
 option(CURL_DISABLE_COOKIES "to disable cookies support" OFF)
@@ -129,9 +166,52 @@ option(CURL_DISABLE_VERBOSE_STRINGS "to disable verbose strings" OFF)
 mark_as_advanced(CURL_DISABLE_VERBOSE_STRINGS)
 option(DISABLED_THREADSAFE "Set to explicitly specify we don't want to use thread-safe functions" OFF)
 mark_as_advanced(DISABLED_THREADSAFE)
-option(ENABLE_IPV6 "Define if you want to enable IPv6 support" OFF)
+option(ENABLE_IPV6 "Define if you want to enable IPv6 support" ON)
 mark_as_advanced(ENABLE_IPV6)
 if(ENABLE_IPV6)
  include(CheckStructHasMember)
  check_struct_has_member("struct sockaddr_in6" sin6_addr "netinet/in.h"
                          HAVE_SOCKADDR_IN6_SIN6_ADDR)
  check_struct_has_member("struct sockaddr_in6" sin6_scope_id "netinet/in.h"
                          HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID)
  if(NOT HAVE_SOCKADDR_IN6_SIN6_ADDR)
    message(WARNING "struct sockaddr_in6 not available, disabling IPv6 support")
    # Force the feature off as this name is used as guard macro...
    set(ENABLE_IPV6 OFF
        CACHE BOOL "Define if you want to enable IPv6 support" FORCE)
  endif()
 endif()
 option(ENABLE_MANUAL "to provide the built-in manual" ON)
 unset(USE_MANUAL CACHE) # TODO: cache NROFF/NROFF_MANOPT/USE_MANUAL vars?
 if(ENABLE_MANUAL)
  find_program(NROFF NAMES gnroff nroff)
  if(NROFF)
    # Need a way to write to stdin, this will do
    file(WRITE "${CMAKE_CURRENT_BINARY_DIR}/nroff-input.txt" "test")
    # Tests for a valid nroff option to generate a manpage
    foreach(_MANOPT "-man" "-mandoc")
      execute_process(COMMAND "${NROFF}" ${_MANOPT}
        OUTPUT_VARIABLE NROFF_MANOPT_OUTPUT
        INPUT_FILE "${CMAKE_CURRENT_BINARY_DIR}/nroff-input.txt"
        ERROR_QUIET)
      # Save the option if it was valid
      if(NROFF_MANOPT_OUTPUT)
        message("Found *nroff option: -- ${_MANOPT}")
        set(NROFF_MANOPT ${_MANOPT})
        set(USE_MANUAL 1)
        break()
      endif()
    endforeach()
    # No need for the temporary file
    file(REMOVE "${CMAKE_CURRENT_BINARY_DIR}/nroff-input.txt")
    if(NOT USE_MANUAL)
      message(WARNING "Found no *nroff option to get plaintext from man pages")
    endif()
  else()
    message(WARNING "Found no *nroff program")
  endif()
 endif()
 # We need ansi c-flags, especially on HP
 set(CMAKE_C_FLAGS "${CMAKE_ANSI_CFLAGS} ${CMAKE_C_FLAGS}")
@@ -154,21 +234,24 @@ include (CheckIncludeFiles)
 include (CheckLibraryExists)
 include (CheckSymbolExists)
 include (CheckTypeSize)
 include (CheckCSourceCompiles)
 # On windows preload settings
 if(WIN32)
  include(${CMAKE_CURRENT_SOURCE_DIR}/CMake/Platforms/WindowsCache.cmake)
 endif(WIN32)
-# This macro checks if the symbol exists in the library and if it
+if(ENABLE_THREADED_RESOLVER)
-# does, it prepends library to the list.
+  check_include_file_concat("pthread.h" HAVE_PTHREAD_H)
-macro(CHECK_LIBRARY_EXISTS_CONCAT LIBRARY SYMBOL VARIABLE)
+  if(HAVE_PTHREAD_H)
-  check_library_exists("${LIBRARY};${CURL_LIBS}" ${SYMBOL} "${CMAKE_LIBRARY_PATH}"
+    set(CMAKE_THREAD_PREFER_PTHREAD 1)
-    ${VARIABLE})
+    find_package(Threads)
-  if(${VARIABLE})
+    if(CMAKE_USE_PTHREADS_INIT)
-    set(CURL_LIBS ${LIBRARY} ${CURL_LIBS})
+      set(CURL_LIBS ${CURL_LIBS} ${CMAKE_THREAD_LIBS_INIT})
-  endif(${VARIABLE})
+      set(USE_THREADS_POSIX 1)
-endmacro(CHECK_LIBRARY_EXISTS_CONCAT)
+    endif()
  endif()
 endif()
 # Check for all needed libraries
 check_library_exists_concat("dl"     dlopen       HAVE_LIBDL)
@@ -186,89 +269,271 @@ if(NOT NOT_NEED_LIBNSL)
  check_library_exists_concat("nsl"    gethostbyname  HAVE_LIBNSL)
 endif(NOT NOT_NEED_LIBNSL)
-check_library_exists_concat("ws2_32" getch        HAVE_LIBWS2_32)
+check_function_exists(gethostname HAVE_GETHOSTNAME)
 check_library_exists_concat("winmm"  getch        HAVE_LIBWINMM)
 check_library_exists("wldap32" cldap_open "" HAVE_WLDAP32)
 if(WIN32)
-  set(CURL_DEFAULT_DISABLE_LDAP OFF)
+  check_library_exists_concat("ws2_32" getch        HAVE_LIBWS2_32)
-  # some windows compilers do not have wldap32
+  check_library_exists_concat("winmm"  getch        HAVE_LIBWINMM)
  if(NOT HAVE_WLDAP32)
    set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE)
    message(STATUS "wldap32 not found CURL_DISABLE_LDAP set ON")
    option(CURL_LDAP_WIN "Use Windows LDAP implementation" OFF)
  else()
    option(CURL_LDAP_WIN "Use Windows LDAP implementation" ON)
  endif()
  mark_as_advanced(CURL_LDAP_WIN)
 endif()
 # IF(NOT CURL_SPECIAL_LIBZ)
 #  CHECK_LIBRARY_EXISTS_CONCAT("z"      inflateEnd   HAVE_LIBZ)
 # ENDIF(NOT CURL_SPECIAL_LIBZ)
 # Check for idn
 check_library_exists_concat("idn" idna_to_ascii_lz HAVE_LIBIDN)
 # Check for LDAP
 check_library_exists_concat("ldap" ldap_init HAVE_LIBLDAP)
 # if(NOT HAVE_LIBLDAP)
 # SET(CURL_DISABLE_LDAP ON)
 # endif(NOT HAVE_LIBLDAP)
 # Check for symbol dlopen (same as HAVE_LIBDL)
 check_library_exists("${CURL_LIBS}" dlopen "" HAVE_DLOPEN)
 # For other tests to use the same libraries
 set(CMAKE_REQUIRED_LIBRARIES ${CURL_LIBS})
 option(CURL_ZLIB "Set to ON to enable building cURL with zlib support." ON)
 set(HAVE_LIBZ OFF)
 set(HAVE_ZLIB_H OFF)
 set(HAVE_ZLIB OFF)
 if(CURL_ZLIB)  # AND CURL_CONFIG_HAS_BEEN_RUN_BEFORE
  find_package(ZLIB QUIET)
  if(ZLIB_FOUND)
    set(HAVE_ZLIB_H ON)
    set(HAVE_ZLIB ON)
    set(HAVE_LIBZ ON)
    list(APPEND CURL_LIBS ${ZLIB_LIBRARIES})
  endif()
 endif()
 option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ON)
 mark_as_advanced(CMAKE_USE_OPENSSL)
 if(CMAKE_USE_OPENSSL)
 set(USE_SSLEAY OFF)
 set(USE_OPENSSL OFF)
 set(HAVE_LIBCRYPTO OFF)
 set(HAVE_LIBSSL OFF)
 if(CMAKE_USE_OPENSSL)
  find_package(OpenSSL)
  if(OPENSSL_FOUND)
    list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES})
    list(APPEND CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
    set(USE_SSLEAY ON)
    set(USE_OPENSSL ON)
    set(HAVE_LIBCRYPTO ON)
    set(HAVE_LIBSSL ON)
-  endif(OPENSSL_FOUND)
+    include_directories(${OPENSSL_INCLUDE_DIR})
-endif(CMAKE_USE_OPENSSL)
+    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
    check_include_file_concat("openssl/crypto.h" HAVE_OPENSSL_CRYPTO_H)
    check_include_file_concat("openssl/engine.h" HAVE_OPENSSL_ENGINE_H)
    check_include_file_concat("openssl/err.h"    HAVE_OPENSSL_ERR_H)
    check_include_file_concat("openssl/pem.h"    HAVE_OPENSSL_PEM_H)
    check_include_file_concat("openssl/pkcs12.h" HAVE_OPENSSL_PKCS12_H)
    check_include_file_concat("openssl/rsa.h"    HAVE_OPENSSL_RSA_H)
    check_include_file_concat("openssl/ssl.h"    HAVE_OPENSSL_SSL_H)
    check_include_file_concat("openssl/x509.h"   HAVE_OPENSSL_X509_H)
    check_include_file_concat("openssl/rand.h"   HAVE_OPENSSL_RAND_H)
  endif()
 endif()
-# If we have features.h, then do the _BSD_SOURCE magic
+if(NOT CURL_DISABLE_LDAP)
 check_include_file("features.h"       HAVE_FEATURES_H)
-# Check if header file exists and add it to the list.
+  if(WIN32)
-macro(CHECK_INCLUDE_FILE_CONCAT FILE VARIABLE)
+    option(CURL_LDAP_WIN "Use Windows LDAP implementation" ON)
-  check_include_files("${CURL_INCLUDES};${FILE}" ${VARIABLE})
+    if(CURL_LDAP_WIN)
-  if(${VARIABLE})
+      check_library_exists("wldap32" cldap_open "" HAVE_WLDAP32)
-    set(CURL_INCLUDES ${CURL_INCLUDES} ${FILE})
+      if(NOT HAVE_WLDAP32)
-    set(CURL_TEST_DEFINES "${CURL_TEST_DEFINES} -D${VARIABLE}")
+        set(CURL_LDAP_WIN OFF)
-  endif(${VARIABLE})
+      endif()
-endmacro(CHECK_INCLUDE_FILE_CONCAT)
+    endif()
  endif()
  option(CMAKE_USE_OPENLDAP "Use OpenLDAP code." OFF)
  mark_as_advanced(CMAKE_USE_OPENLDAP)
  set(CMAKE_LDAP_LIB "ldap" CACHE STRING "Name or full path to ldap library")
  set(CMAKE_LBER_LIB "lber" CACHE STRING "Name or full path to lber library")
  if(CMAKE_USE_OPENLDAP AND CURL_LDAP_WIN)
    message(FATAL_ERROR "Cannot use CURL_LDAP_WIN and CMAKE_USE_OPENLDAP at the same time")
  endif()
  # Now that we know, we're not using windows LDAP...
  if(NOT CURL_LDAP_WIN)
    # Check for LDAP
    set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_LIBRARIES})
    check_library_exists_concat(${CMAKE_LDAP_LIB} ldap_init HAVE_LIBLDAP)
    check_library_exists_concat(${CMAKE_LBER_LIB} ber_init HAVE_LIBLBER)
  else()
    check_include_file_concat("winldap.h" HAVE_WINLDAP_H)
    check_include_file_concat("winber.h"  HAVE_WINBER_H)
  endif()
  set(CMAKE_LDAP_INCLUDE_DIR "" CACHE STRING "Path to LDAP include directory")
  if(CMAKE_LDAP_INCLUDE_DIR)
    set(CMAKE_REQUIRED_INCLUDES ${CMAKE_LDAP_INCLUDE_DIR})
  endif()
  check_include_file_concat("ldap.h"           HAVE_LDAP_H)
  check_include_file_concat("lber.h"           HAVE_LBER_H)
  if(NOT HAVE_LDAP_H)
    message(STATUS "LDAP_H not found CURL_DISABLE_LDAP set ON")
    set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE)
  elseif(NOT HAVE_LIBLDAP)
    message(STATUS "LDAP library '${CMAKE_LDAP_LIB}' not found CURL_DISABLE_LDAP set ON")
    set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE)
  else()
    if(CMAKE_USE_OPENLDAP)
      set(USE_OPENLDAP ON)
    endif()
    if(CMAKE_LDAP_INCLUDE_DIR)
      include_directories(${CMAKE_LDAP_INCLUDE_DIR})
    endif()
    set(NEED_LBER_H ON)
    set(_HEADER_LIST)
    if(HAVE_WINDOWS_H)
      list(APPEND _HEADER_LIST "windows.h")
    endif()
    if(HAVE_SYS_TYPES_H)
      list(APPEND _HEADER_LIST "sys/types.h")
    endif()
    list(APPEND _HEADER_LIST "ldap.h")
    set(_SRC_STRING "")
    foreach(_HEADER ${_HEADER_LIST})
      set(_INCLUDE_STRING "${_INCLUDE_STRING}#include <${_HEADER}>\n")
    endforeach()
    set(_SRC_STRING
      "
      ${_INCLUDE_STRING}
      int main(int argc, char ** argv)
      {
        BerValue *bvp = NULL;
        BerElement *bep = ber_init(bvp);
        ber_free(bep, 1);
        return 0;
      }"
    )
    set(CMAKE_REQUIRED_DEFINITIONS "-DLDAP_DEPRECATED=1" "-DWIN32_LEAN_AND_MEAN")
    list(APPEND CMAKE_REQUIRED_LIBRARIES ${CMAKE_LDAP_LIB})
    if(HAVE_LIBLBER)
      list(APPEND CMAKE_REQUIRED_LIBRARIES ${CMAKE_LBER_LIB})
    endif()
    check_c_source_compiles("${_SRC_STRING}" NOT_NEED_LBER_H)
    if(NOT_NEED_LBER_H)
      set(NEED_LBER_H OFF)
    else()
      set(CURL_TEST_DEFINES "${CURL_TEST_DEFINES} -DNEED_LBER_H")
    endif()
  endif()
 endif()
 # No ldap, no ldaps.
 if(CURL_DISABLE_LDAP)
  if(NOT CURL_DISABLE_LDAPS)
    message(STATUS "LDAP needs to be enabled to support LDAPS")
    set(CURL_DISABLE_LDAPS ON CACHE BOOL "" FORCE)
  endif()
 endif()
 if(NOT CURL_DISABLE_LDAPS)
  check_include_file_concat("ldap_ssl.h" HAVE_LDAP_SSL_H)
  check_include_file_concat("ldapssl.h"  HAVE_LDAPSSL_H)
 endif()
 # Check for idn
 check_library_exists_concat("idn" idna_to_ascii_lz HAVE_LIBIDN)
 # Check for symbol dlopen (same as HAVE_LIBDL)
 check_library_exists("${CURL_LIBS}" dlopen "" HAVE_DLOPEN)
 option(CURL_ZLIB "Set to ON to enable building cURL with zlib support." ON)
 set(HAVE_LIBZ OFF)
 set(HAVE_ZLIB_H OFF)
 set(HAVE_ZLIB OFF)
 if(CURL_ZLIB)
  find_package(ZLIB QUIET)
  if(ZLIB_FOUND)
    set(HAVE_ZLIB_H ON)
    set(HAVE_ZLIB ON)
    set(HAVE_LIBZ ON)
    list(APPEND CURL_LIBS ${ZLIB_LIBRARIES})
    include_directories(${ZLIB_INCLUDE_DIRS})
  endif()
 endif()
 #libSSH2
 option(CMAKE_USE_LIBSSH2 "Use libSSH2" ON)
 mark_as_advanced(CMAKE_USE_LIBSSH2)
 set(USE_LIBSSH2 OFF)
 set(HAVE_LIBSSH2 OFF)
 set(HAVE_LIBSSH2_H OFF)
 if(CMAKE_USE_LIBSSH2)
  find_package(LibSSH2)
  if(LIBSSH2_FOUND)
    list(APPEND CURL_LIBS ${LIBSSH2_LIBRARY})
    set(CMAKE_REQUIRED_LIBRARIES ${LIBSSH2_LIBRARY})
    set(CMAKE_REQUIRED_INCLUDES "${LIBSSH2_INCLUDE_DIR}")
    include_directories("${LIBSSH2_INCLUDE_DIR}")
    set(HAVE_LIBSSH2 ON)
    set(USE_LIBSSH2 ON)
    # find_package has already found the headers
    set(HAVE_LIBSSH2_H ON)
    set(CURL_INCLUDES ${CURL_INCLUDES} "${LIBSSH2_INCLUDE_DIR}/libssh2.h")
    set(CURL_TEST_DEFINES "${CURL_TEST_DEFINES} -DHAVE_LIBSSH2_H")
    # now check for specific libssh2 symbols as they were added in different versions
    set(CMAKE_EXTRA_INCLUDE_FILES "libssh2.h")
    check_function_exists(libssh2_version           HAVE_LIBSSH2_VERSION)
    check_function_exists(libssh2_init              HAVE_LIBSSH2_INIT)
    check_function_exists(libssh2_exit              HAVE_LIBSSH2_EXIT)
    check_function_exists(libssh2_scp_send64        HAVE_LIBSSH2_SCP_SEND64)
    check_function_exists(libssh2_session_handshake HAVE_LIBSSH2_SESSION_HANDSHAKE)
    set(CMAKE_EXTRA_INCLUDE_FILES "")
  endif(LIBSSH2_FOUND)
 endif(CMAKE_USE_LIBSSH2)
 option(CMAKE_USE_GSSAPI "Use GSSAPI implementation (right now only Heimdal is supported with CMake build)" OFF)
 mark_as_advanced(CMAKE_USE_GSSAPI)
 if(CMAKE_USE_GSSAPI)
  find_package(GSS)
  set(HAVE_GSS_API ${GSS_FOUND})
  if(GSS_FOUND)
    message(STATUS "Found ${GSS_FLAVOUR} GSSAPI version: \"${GSS_VERSION}\"")
    set(CMAKE_REQUIRED_INCLUDES ${GSS_INCLUDE_DIR})
    check_include_file_concat("gssapi/gssapi.h"  HAVE_GSSAPI_GSSAPI_H)
    check_include_file_concat("gssapi/gssapi_generic.h" HAVE_GSSAPI_GSSAPI_GENERIC_H)
    check_include_file_concat("gssapi/gssapi_krb5.h" HAVE_GSSAPI_GSSAPI_KRB5_H)
    if(GSS_FLAVOUR STREQUAL "Heimdal")
      set(HAVE_GSSHEIMDAL ON)
    else() # MIT
      set(HAVE_GSSMIT ON)
      set(_INCLUDE_LIST "")
      if(HAVE_GSSAPI_GSSAPI_H)
        list(APPEND _INCLUDE_LIST "gssapi/gssapi.h")
      endif()
      if(HAVE_GSSAPI_GSSAPI_GENERIC_H)
        list(APPEND _INCLUDE_LIST "gssapi/gssapi_generic.h")
      endif()
      if(HAVE_GSSAPI_GSSAPI_KRB5_H)
        list(APPEND _INCLUDE_LIST "gssapi/gssapi_krb5.h")
      endif()
      string(REPLACE ";" " " _COMPILER_FLAGS_STR "${GSS_COMPILER_FLAGS}")
      string(REPLACE ";" " " _LINKER_FLAGS_STR "${GSS_LINKER_FLAGS}")
      foreach(_dir ${GSS_LINK_DIRECTORIES})
        set(_LINKER_FLAGS_STR "${_LINKER_FLAGS_STR} -L\"${_dir}\"")
      endforeach()
      set(CMAKE_REQUIRED_FLAGS "${_COMPILER_FLAGS_STR} ${_LINKER_FLAGS_STR}")
      set(CMAKE_REQUIRED_LIBRARIES ${GSS_LIBRARIES})
      check_symbol_exists("GSS_C_NT_HOSTBASED_SERVICE" ${_INCLUDE_LIST} HAVE_GSS_C_NT_HOSTBASED_SERVICE)
      if(NOT HAVE_GSS_C_NT_HOSTBASED_SERVICE)
        set(HAVE_OLD_GSSMIT ON)
      endif()
    endif()
    include_directories(${GSS_INCLUDE_DIR})
    link_directories(${GSS_LINK_DIRECTORIES})
    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${GSS_COMPILER_FLAGS}")
    set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} ${GSS_LINKER_FLAGS}")
    set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${GSS_LINKER_FLAGS}")
    list(APPEND CURL_LIBS ${GSS_LIBRARIES})
  else()
    message(WARNING "GSSAPI support has been requested but no supporting libraries found. Skipping.")
  endif()
 endif()
 option(ENABLE_UNIX_SOCKETS "Define if you want Unix domain sockets support" ON)
 if(ENABLE_UNIX_SOCKETS)
  include(CheckStructHasMember)
  check_struct_has_member("struct sockaddr_un" sun_path "sys/un.h" USE_UNIX_SOCKETS)
 else()
  unset(USE_UNIX_SOCKETS CACHE)
 endif()
 # Check for header files
 if(NOT UNIX)
@@ -305,32 +570,18 @@ check_include_file_concat("des.h"            HAVE_DES_H)
 check_include_file_concat("err.h"            HAVE_ERR_H)
 check_include_file_concat("errno.h"          HAVE_ERRNO_H)
 check_include_file_concat("fcntl.h"          HAVE_FCNTL_H)
 check_include_file_concat("gssapi/gssapi.h"  HAVE_GSSAPI_GSSAPI_H)
 check_include_file_concat("gssapi/gssapi_generic.h" HAVE_GSSAPI_GSSAPI_GENERIC_H)
 check_include_file_concat("gssapi/gssapi_krb5.h" HAVE_GSSAPI_GSSAPI_KRB5_H)
 check_include_file_concat("idn-free.h"       HAVE_IDN_FREE_H)
 check_include_file_concat("ifaddrs.h"        HAVE_IFADDRS_H)
 check_include_file_concat("io.h"             HAVE_IO_H)
 check_include_file_concat("krb.h"            HAVE_KRB_H)
 check_include_file_concat("libgen.h"         HAVE_LIBGEN_H)
 check_include_file_concat("libssh2.h"        HAVE_LIBSSH2_H)
 check_include_file_concat("limits.h"         HAVE_LIMITS_H)
 check_include_file_concat("locale.h"         HAVE_LOCALE_H)
 check_include_file_concat("net/if.h"         HAVE_NET_IF_H)
 check_include_file_concat("netdb.h"          HAVE_NETDB_H)
 check_include_file_concat("netinet/in.h"     HAVE_NETINET_IN_H)
 check_include_file_concat("netinet/tcp.h"    HAVE_NETINET_TCP_H)
-if(CMAKE_USE_OPENSSL AND OPENSSL_FOUND)
+
  check_include_file_concat("openssl/crypto.h" HAVE_OPENSSL_CRYPTO_H)
  check_include_file_concat("openssl/engine.h" HAVE_OPENSSL_ENGINE_H)
  check_include_file_concat("openssl/err.h"    HAVE_OPENSSL_ERR_H)
  check_include_file_concat("openssl/pem.h"    HAVE_OPENSSL_PEM_H)
  check_include_file_concat("openssl/pkcs12.h" HAVE_OPENSSL_PKCS12_H)
  check_include_file_concat("openssl/rsa.h"    HAVE_OPENSSL_RSA_H)
  check_include_file_concat("openssl/ssl.h"    HAVE_OPENSSL_SSL_H)
  check_include_file_concat("openssl/x509.h"   HAVE_OPENSSL_X509_H)
  check_include_file_concat("openssl/rand.h"   HAVE_OPENSSL_RAND_H)
 endif(CMAKE_USE_OPENSSL AND OPENSSL_FOUND)
 check_include_file_concat("pem.h"            HAVE_PEM_H)
 check_include_file_concat("poll.h"           HAVE_POLL_H)
 check_include_file_concat("pwd.h"            HAVE_PWD_H)
@@ -359,25 +610,13 @@ check_include_file_concat("stddef.h"         HAVE_STDDEF_H)
 check_include_file_concat("dlfcn.h"          HAVE_DLFCN_H)
 check_include_file_concat("malloc.h"         HAVE_MALLOC_H)
 check_include_file_concat("memory.h"         HAVE_MEMORY_H)
 check_include_file_concat("ldap.h"           HAVE_LDAP_H)
 check_include_file_concat("netinet/if_ether.h" HAVE_NETINET_IF_ETHER_H)
 check_include_file_concat("stdint.h"        HAVE_STDINT_H)
 check_include_file_concat("sockio.h"        HAVE_SOCKIO_H)
 check_include_file_concat("sys/utsname.h"   HAVE_SYS_UTSNAME_H)
 check_include_file_concat("idna.h"          HAVE_IDNA_H)
 if(NOT HAVE_LDAP_H)
  message(STATUS "LDAP_H not found CURL_DISABLE_LDAP set ON")
  set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE)
 endif()
 # No ldap, no ldaps.
 if(CURL_DISABLE_LDAP)
  if(NOT CURL_DISABLE_LDAPS)
    message(STATUS "LDAP needs to be enabled to support LDAPS")
    set(CURL_DISABLE_LDAPS ON CACHE BOOL "" FORCE)
  endif()
 endif()
 check_type_size(size_t  SIZEOF_SIZE_T)
 check_type_size(ssize_t  SIZEOF_SSIZE_T)
@@ -450,6 +689,12 @@ find_file(RANDOM_FILE urandom /dev)
 mark_as_advanced(RANDOM_FILE)
 # Check for some functions that are used
 if(HAVE_LIBWS2_32)
  set(CMAKE_REQUIRED_LIBRARIES ws2_32)
 elseif(HAVE_LIBSOCKET)
  set(CMAKE_REQUIRED_LIBRARIES socket)
 endif()
 check_symbol_exists(basename      "${CURL_INCLUDES}" HAVE_BASENAME)
 check_symbol_exists(socket        "${CURL_INCLUDES}" HAVE_SOCKET)
 check_symbol_exists(poll          "${CURL_INCLUDES}" HAVE_POLL)
@@ -513,6 +758,7 @@ check_symbol_exists(strerror_r     "${CURL_INCLUDES}" HAVE_STRERROR_R)
 check_symbol_exists(siginterrupt   "${CURL_INCLUDES}" HAVE_SIGINTERRUPT)
 check_symbol_exists(perror         "${CURL_INCLUDES}" HAVE_PERROR)
 check_symbol_exists(fork           "${CURL_INCLUDES}" HAVE_FORK)
 check_symbol_exists(getaddrinfo    "${CURL_INCLUDES}" HAVE_GETADDRINFO)
 check_symbol_exists(freeaddrinfo   "${CURL_INCLUDES}" HAVE_FREEADDRINFO)
 check_symbol_exists(freeifaddrs    "${CURL_INCLUDES}" HAVE_FREEIFADDRS)
 check_symbol_exists(pipe           "${CURL_INCLUDES}" HAVE_PIPE)
@@ -551,75 +797,6 @@ if(NOT HAVE_STRICMP)
  set(HAVE_LDAP_URL_PARSE 1)
 endif(NOT HAVE_STRICMP)
 # For other curl specific tests, use this macro.
 macro(CURL_INTERNAL_TEST CURL_TEST)
  if("${CURL_TEST}" MATCHES "^${CURL_TEST}$")
    set(MACRO_CHECK_FUNCTION_DEFINITIONS
      "-D${CURL_TEST} ${CURL_TEST_DEFINES} ${CMAKE_REQUIRED_FLAGS}")
    if(CMAKE_REQUIRED_LIBRARIES)
      set(CURL_TEST_ADD_LIBRARIES
        "-DLINK_LIBRARIES:STRING=${CMAKE_REQUIRED_LIBRARIES}")
    endif(CMAKE_REQUIRED_LIBRARIES)
    message(STATUS "Performing Curl Test ${CURL_TEST}")
    try_compile(${CURL_TEST}
      ${CMAKE_BINARY_DIR}
      ${CMAKE_CURRENT_SOURCE_DIR}/CMake/CurlTests.c
      CMAKE_FLAGS -DCOMPILE_DEFINITIONS:STRING=${MACRO_CHECK_FUNCTION_DEFINITIONS}
      "${CURL_TEST_ADD_LIBRARIES}"
      OUTPUT_VARIABLE OUTPUT)
    if(${CURL_TEST})
      set(${CURL_TEST} 1 CACHE INTERNAL "Curl test ${FUNCTION}")
      message(STATUS "Performing Curl Test ${CURL_TEST} - Success")
      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeOutput.log
        "Performing Curl Test ${CURL_TEST} passed with the following output:\n"
        "${OUTPUT}\n")
    else(${CURL_TEST})
      message(STATUS "Performing Curl Test ${CURL_TEST} - Failed")
      set(${CURL_TEST} "" CACHE INTERNAL "Curl test ${FUNCTION}")
      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log
        "Performing Curl Test ${CURL_TEST} failed with the following output:\n"
        "${OUTPUT}\n")
    endif(${CURL_TEST})
  endif("${CURL_TEST}" MATCHES "^${CURL_TEST}$")
 endmacro(CURL_INTERNAL_TEST)
 macro(CURL_INTERNAL_TEST_RUN CURL_TEST)
  if("${CURL_TEST}_COMPILE" MATCHES "^${CURL_TEST}_COMPILE$")
    set(MACRO_CHECK_FUNCTION_DEFINITIONS
      "-D${CURL_TEST} ${CMAKE_REQUIRED_FLAGS}")
    if(CMAKE_REQUIRED_LIBRARIES)
      set(CURL_TEST_ADD_LIBRARIES
        "-DLINK_LIBRARIES:STRING=${CMAKE_REQUIRED_LIBRARIES}")
    endif(CMAKE_REQUIRED_LIBRARIES)
    message(STATUS "Performing Curl Test ${CURL_TEST}")
    try_run(${CURL_TEST} ${CURL_TEST}_COMPILE
      ${CMAKE_BINARY_DIR}
      ${CMAKE_CURRENT_SOURCE_DIR}/CMake/CurlTests.c
      CMAKE_FLAGS -DCOMPILE_DEFINITIONS:STRING=${MACRO_CHECK_FUNCTION_DEFINITIONS}
      "${CURL_TEST_ADD_LIBRARIES}"
      OUTPUT_VARIABLE OUTPUT)
    if(${CURL_TEST}_COMPILE AND NOT ${CURL_TEST})
      set(${CURL_TEST} 1 CACHE INTERNAL "Curl test ${FUNCTION}")
      message(STATUS "Performing Curl Test ${CURL_TEST} - Success")
    else(${CURL_TEST}_COMPILE AND NOT ${CURL_TEST})
      message(STATUS "Performing Curl Test ${CURL_TEST} - Failed")
      set(${CURL_TEST} "" CACHE INTERNAL "Curl test ${FUNCTION}")
      file(APPEND "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log"
        "Performing Curl Test ${CURL_TEST} failed with the following output:\n"
        "${OUTPUT}")
      if(${CURL_TEST}_COMPILE)
        file(APPEND
          "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log"
          "There was a problem running this test\n")
      endif(${CURL_TEST}_COMPILE)
      file(APPEND "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log"
        "\n\n")
    endif(${CURL_TEST}_COMPILE AND NOT ${CURL_TEST})
  endif("${CURL_TEST}_COMPILE" MATCHES "^${CURL_TEST}_COMPILE$")
 endmacro(CURL_INTERNAL_TEST_RUN)
 # Do curl specific tests
 foreach(CURL_TEST
    HAVE_FCNTL_O_NONBLOCK
@@ -783,6 +960,17 @@ else()
  set(CURL_SIZEOF_CURL_SOCKLEN_T ${SIZEOF_INT})
 endif()
 # TODO test which of these headers are required for the typedefs used in curlbuild.h
 if(WIN32)
  set(CURL_PULL_WS2TCPIP_H ${HAVE_WS2TCPIP_H})
 else()
  set(CURL_PULL_SYS_TYPES_H ${HAVE_SYS_TYPES_H})
  set(CURL_PULL_SYS_SOCKET_H ${HAVE_SYS_SOCKET_H})
  set(CURL_PULL_SYS_POLL_H ${HAVE_SYS_POLL_H})
 endif()
 set(CURL_PULL_STDINT_H ${HAVE_STDINT_H})
 set(CURL_PULL_INTTYPES_H ${HAVE_INTTYPES_H})
 include(CMake/OtherTests.cmake)
 add_definitions(-DHAVE_CONFIG_H)
@@ -796,24 +984,6 @@ if(MSVC)
  add_definitions(-D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE)
 endif(MSVC)
 # Sets up the dependencies (zlib, OpenSSL, etc.) of a cURL subproject according to options.
 # TODO This is far to be complete!
 function(SETUP_CURL_DEPENDENCIES TARGET_NAME)
  if(CURL_ZLIB AND ZLIB_FOUND)
    include_directories(${ZLIB_INCLUDE_DIR})
    #ADD_DEFINITIONS( -DHAVE_ZLIB_H -DHAVE_ZLIB -DHAVE_LIBZ )
  endif()
  if(CMAKE_USE_OPENSSL AND OPENSSL_FOUND)
    include_directories(${OPENSSL_INCLUDE_DIR})
  endif()
  if(CMAKE_USE_OPENSSL AND CURL_CONFIG_HAS_BEEN_RUN_BEFORE)
    #ADD_DEFINITIONS( -DUSE_SSLEAY )
  endif()
  target_link_libraries(${TARGET_NAME} ${CURL_LIBS})
 endfunction()
 # Ugly (but functional) way to include "Makefile.inc" by transforming it (= regenerate it).
 function(TRANSFORM_MAKEFILE_INC INPUT_FILE OUTPUT_FILE)
  file(READ ${INPUT_FILE} MAKEFILE_INC_TEXT)
@@ -838,6 +1008,133 @@ if(BUILD_CURL_TESTS)
  add_subdirectory(tests)
 endif()
 # TODO support GNUTLS, NSS, POLARSSL, AXTLS, CYASSL, WINSSL, DARWINSSL
 if(USE_OPENSSL)
  set(SSL_ENABLED 1)
 endif()
 # Helper to populate a list (_items) with a label when conditions (the remaining
 # args) are satisfied
 function(_add_if label)
  # TODO need to disable policy CMP0054 (CMake 3.1) to allow this indirection
  if(${ARGN})
    set(_items ${_items} "${label}" PARENT_SCOPE)
  endif()
 endfunction()
 # Clear list and try to detect available features
 set(_items)
 _add_if("SSL"           SSL_ENABLED)
 _add_if("IPv6"          ENABLE_IPV6)
 _add_if("unix-sockets"  USE_UNIX_SOCKETS)
 _add_if("libz"          HAVE_LIBZ)
 _add_if("AsynchDNS"     USE_ARES OR USE_THREADS_POSIX)
 _add_if("IDN"           HAVE_LIBIDN)
 # TODO SSP1 (WinSSL) check is missing
 _add_if("SSPI"          USE_WINDOWS_SSPI)
 _add_if("GSS-API"       HAVE_GSS_API)
 # TODO SSP1 missing for SPNEGO
 _add_if("SPNEGO"        NOT CURL_DISABLE_CRYPTO_AUTH AND
                        (HAVE_GSS_API OR USE_WINDOWS_SSPI))
 _add_if("Kerberos"      NOT CURL_DISABLE_CRYPTO_AUTH AND
                        (HAVE_GSS_API OR USE_WINDOWS_SSPI))
 # NTLM support requires crypto function adaptions from various SSL libs
 # TODO alternative SSL libs tests for SSP1, GNUTLS, NSS, DARWINSSL
 if(NOT CURL_DISABLE_CRYPTO_AUTH AND (USE_OPENSSL OR
   USE_WINDOWS_SSPI OR GNUTLS_ENABLED OR NSS_ENABLED OR DARWINSSL_ENABLED))
  _add_if("NTLM"        1)
  # TODO missing option (autoconf: --enable-ntlm-wb)
  _add_if("NTLM_WB"     NOT CURL_DISABLE_HTTP AND NTLM_WB_ENABLED)
 endif()
 # TODO missing option (--enable-tls-srp), depends on GNUTLS_SRP/OPENSSL_SRP
 _add_if("TLS-SRP"       USE_TLS_SRP)
 # TODO option --with-nghttp2 tests for nghttp2 lib and nghttp2/nghttp2.h header
 _add_if("HTTP2"         USE_NGHTTP2)
 string(REPLACE ";" " " SUPPORT_FEATURES "${_items}")
 message(STATUS "Enabled features: ${SUPPORT_FEATURES}")
 # Clear list and try to detect available protocols
 set(_items)
 _add_if("HTTP"          NOT CURL_DISABLE_HTTP)
 _add_if("HTTPS"         NOT CURL_DISABLE_HTTP AND SSL_ENABLED)
 _add_if("FTP"           NOT CURL_DISABLE_FTP)
 _add_if("FTPS"          NOT CURL_DISABLE_FTP AND SSL_ENABLED)
 _add_if("FILE"          NOT CURL_DISABLE_FILE)
 _add_if("TELNET"        NOT CURL_DISABLE_TELNET)
 _add_if("LDAP"          NOT CURL_DISABLE_LDAP)
 # CURL_DISABLE_LDAP implies CURL_DISABLE_LDAPS
 # TODO check HAVE_LDAP_SSL (in autoconf this is enabled with --enable-ldaps)
 _add_if("LDAPS"         NOT CURL_DISABLE_LDAPS AND
                        ((USE_OPENLDAP AND SSL_ENABLED) OR
                        (NOT USE_OPENLDAP AND HAVE_LDAP_SSL)))
 _add_if("DICT"          NOT CURL_DISABLE_DICT)
 _add_if("TFTP"          NOT CURL_DISABLE_TFTP)
 _add_if("GOPHER"        NOT CURL_DISABLE_GOPHER)
 _add_if("POP3"          NOT CURL_DISABLE_POP3)
 _add_if("POP3S"         NOT CURL_DISABLE_POP3 AND SSL_ENABLED)
 _add_if("IMAP"          NOT CURL_DISABLE_IMAP)
 _add_if("IMAPS"         NOT CURL_DISABLE_IMAP AND SSL_ENABLED)
 _add_if("SMTP"          NOT CURL_DISABLE_SMTP)
 _add_if("SMTPS"         NOT CURL_DISABLE_SMTP AND SSL_ENABLED)
 _add_if("SCP"           USE_LIBSSH2)
 _add_if("SFTP"          USE_LIBSSH2)
 _add_if("RTSP"          NOT CURL_DISABLE_RTSP)
 _add_if("RTMP"          USE_LIBRTMP)
 list(SORT _items)
 string(REPLACE ";" " " SUPPORT_PROTOCOLS "${_items}")
 message(STATUS "Enabled protocols: ${SUPPORT_PROTOCOLS}")
 # curl-config needs the following options to be set.
 set(CC                      "${CMAKE_C_COMPILER}")
 # TODO probably put a -D... options here?
 set(CONFIGURE_OPTIONS       "")
 # TODO when to set "-DCURL_STATICLIB" for CPPFLAG_CURL_STATICLIB?
 set(CPPFLAG_CURL_STATICLIB  "")
 # TODO need to set this (see CURL_CHECK_CA_BUNDLE in acinclude.m4)
 set(CURL_CA_BUNDLE          "")
 set(CURLVERSION             "${CURL_VERSION}")
 set(ENABLE_SHARED           "yes")
 if(CURL_STATICLIB)
  # Broken: LIBCURL_LIBS below; .a lib is not built
  message(WARNING "Static linking is broken!")
  set(ENABLE_STATIC         "no")
 else()
  set(ENABLE_STATIC         "no")
 endif()
 set(exec_prefix             "\${prefix}")
 set(includedir              "\${prefix}/include")
 set(LDFLAGS                 "${CMAKE_SHARED_LINKER_FLAGS}")
 set(LIBCURL_LIBS            "")
 set(libdir                  "${CMAKE_INSTALL_PREFIX}/lib")
 # TODO CURL_LIBS also contains absolute paths which don't work with static -l...
 foreach(_lib ${CMAKE_C_IMPLICIT_LINK_LIBRARIES} ${CURL_LIBS})
  set(LIBCURL_LIBS          "${LIBCURL_LIBS} -l${_lib}")
 endforeach()
 # "a" (Linux) or "lib" (Windows)
 string(REPLACE "." "" libext "${CMAKE_STATIC_LIBRARY_SUFFIX}")
 set(prefix                  "${CMAKE_INSTALL_PREFIX}")
 # Set this to "yes" to append all libraries on which -lcurl is dependent
 set(REQUIRE_LIB_DEPS        "no")
 # SUPPORT_FEATURES
 # SUPPORT_PROTOCOLS
 set(VERSIONNUM              "${CURL_VERSION_NUM}")
 # Finally generate a "curl-config" matching this config
 configure_file("${CURL_SOURCE_DIR}/curl-config.in"
               "${CURL_BINARY_DIR}/curl-config" @ONLY)
 install(FILES "${CMAKE_BINARY_DIR}/curl-config"
        DESTINATION bin
        PERMISSIONS
          OWNER_READ OWNER_WRITE OWNER_EXECUTE
          GROUP_READ GROUP_EXECUTE
          WORLD_READ WORLD_EXECUTE)
 # Finally generate a pkg-config file matching this config
 configure_file("${CURL_SOURCE_DIR}/libcurl.pc.in"
               "${CURL_BINARY_DIR}/libcurl.pc" @ONLY)
 install(FILES "${CMAKE_BINARY_DIR}/libcurl.pc"
        DESTINATION lib/pkgconfig)
 # This needs to be run very last so other parts of the scripts can take advantage of this.
 if(NOT CURL_CONFIG_HAS_BEEN_RUN_BEFORE)
  set(CURL_CONFIG_HAS_BEEN_RUN_BEFORE 1 CACHE INTERNAL "Flag to track whether this is the first time running CMake or if CMake has been configured before")
--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 COPYRIGHT AND PERMISSION NOTICE
-Copyright (c) 1996 - 2013, Daniel Stenberg, <daniel@haxx.se>.
+Copyright (c) 1996 - 2015, Daniel Stenberg, <daniel@haxx.se>.
 All rights reserved.
--- a/Makefile.am
+++ b/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -25,33 +25,93 @@ AUTOMAKE_OPTIONS = foreign
 ACLOCAL_AMFLAGS = -I m4
 CMAKE_DIST = CMakeLists.txt CMake/CMakeConfigurableFile.in	\
-CMake/CurlCheckCSourceCompiles.cmake CMake/CurlCheckCSourceRuns.cmake	\
+ CMake/CurlTests.c CMake/FindGSS.cmake CMake/OtherTests.cmake	\
-CMake/CurlTests.c CMake/FindOpenSSL.cmake CMake/FindZLIB.cmake		\
+ CMake/Platforms/WindowsCache.cmake CMake/Utilities.cmake	\
-CMake/OtherTests.cmake CMake/Platforms/WindowsCache.cmake		\
+ include/curl/curlbuild.h.cmake CMake/Macros.cmake
 CMake/Utilities.cmake include/curl/curlbuild.h.cmake
-VC6LIBDSP = vs/vc6/lib/vc6libcurl.dsp
+VC6_LIBTMPL = projects/Windows/VC6/lib/libcurl.tmpl
-VC6LIBDSPHEAD = vs/t/lib/vc6_libcurl_dsp.head
+VC6_LIBDSP = projects/Windows/VC6/lib/libcurl.dsp
-VC6LIBDSPFOOT = vs/t/lib/vc6_libcurl_dsp.foot
+VC6_LIBDSP_DEPS = $(VC6_LIBTMPL) Makefile.am lib/Makefile.inc
 VC6_SRCTMPL = projects/Windows/VC6/src/curlsrc.tmpl
 VC6_SRCDSP = projects/Windows/VC6/src/curlsrc.dsp
 VC6_SRCDSP_DEPS = $(VC6_SRCTMPL) Makefile.am src/Makefile.inc
-VC8LIBPRJ = vs/vc8/lib/vc8libcurl.vcproj
+VC7_LIBTMPL = projects/Windows/VC7/lib/libcurl.tmpl
-VC8LIBPRJHEAD = vs/t/lib/vc8_libcurl_prj.head
+VC7_LIBVCPROJ = projects/Windows/VC7/lib/libcurl.vcproj
-VC8LIBPRJFOOT = vs/t/lib/vc8_libcurl_prj.foot
+VC7_LIBVCPROJ_DEPS = $(VC7_LIBTMPL) Makefile.am lib/Makefile.inc
 VC7_SRCTMPL = projects/Windows/VC7/src/curlsrc.tmpl
 VC7_SRCVCPROJ = projects/Windows/VC7/src/curlsrc.vcproj
 VC7_SRCVCPROJ_DEPS = $(VC7_SRCTMPL) Makefile.am src/Makefile.inc
-VC_DIST = \
+VC71_LIBTMPL = projects/Windows/VC7.1/lib/libcurl.tmpl
- vs/t/README \
+VC71_LIBVCPROJ = projects/Windows/VC7.1/lib/libcurl.vcproj
- $(VC6LIBDSP) $(VC6LIBDSPHEAD) $(VC6LIBDSPFOOT) \
+VC71_LIBVCPROJ_DEPS = $(VC71_LIBTMPL) Makefile.am lib/Makefile.inc
- $(VC8LIBPRJ) $(VC8LIBPRJHEAD) $(VC8LIBPRJFOOT) \
+VC71_SRCTMPL = projects/Windows/VC7.1/src/curlsrc.tmpl
- vs/vc6/vc6curl.dsw \
+VC71_SRCVCPROJ = projects/Windows/VC7.1/src/curlsrc.vcproj
- vs/vc6/lib/vc6libcurl.dsw \
+VC71_SRCVCPROJ_DEPS = $(VC71_SRCTMPL) Makefile.am src/Makefile.inc
 vs/vc6/src/vc6curltool.dsw \
 vs/vc6/src/vc6curltool.dsp
-VC6LIBDSP_DEPS = $(VC6LIBDSPHEAD) $(VC6LIBDSPFOOT) \
+VC8_LIBTMPL = projects/Windows/VC8/lib/libcurl.tmpl
- Makefile.am lib/Makefile.inc
+VC8_LIBVCPROJ = projects/Windows/VC8/lib/libcurl.vcproj
 VC8_LIBVCPROJ_DEPS = $(VC8_LIBTMPL) Makefile.am lib/Makefile.inc
 VC8_SRCTMPL = projects/Windows/VC8/src/curlsrc.tmpl
 VC8_SRCVCPROJ = projects/Windows/VC8/src/curlsrc.vcproj
 VC8_SRCVCPROJ_DEPS = $(VC8_SRCTMPL) Makefile.am src/Makefile.inc
-VC8LIBPRJ_DEPS = $(VC8LIBPRJHEAD) $(VC8LIBPRJFOOT) \
+VC9_LIBTMPL = projects/Windows/VC9/lib/libcurl.tmpl
- Makefile.am lib/Makefile.inc
+VC9_LIBVCPROJ = projects/Windows/VC9/lib/libcurl.vcproj
 VC9_LIBVCPROJ_DEPS = $(VC9_LIBTMPL) Makefile.am lib/Makefile.inc
 VC9_SRCTMPL = projects/Windows/VC9/src/curlsrc.tmpl
 VC9_SRCVCPROJ = projects/Windows/VC9/src/curlsrc.vcproj
 VC9_SRCVCPROJ_DEPS = $(VC9_SRCTMPL) Makefile.am src/Makefile.inc
 VC10_LIBTMPL = projects/Windows/VC10/lib/libcurl.tmpl
 VC10_LIBVCXPROJ = projects/Windows/VC10/lib/libcurl.vcxproj
 VC10_LIBVCXPROJ_DEPS = $(VC10_LIBTMPL) Makefile.am lib/Makefile.inc
 VC10_SRCTMPL = projects/Windows/VC10/src/curlsrc.tmpl
 VC10_SRCVCXPROJ = projects/Windows/VC10/src/curlsrc.vcxproj
 VC10_SRCVCXPROJ_DEPS = $(VC10_SRCTMPL) Makefile.am src/Makefile.inc
 VC11_LIBTMPL = projects/Windows/VC11/lib/libcurl.tmpl
 VC11_LIBVCXPROJ = projects/Windows/VC11/lib/libcurl.vcxproj
 VC11_LIBVCXPROJ_DEPS = $(VC11_LIBTMPL) Makefile.am lib/Makefile.inc
 VC11_SRCTMPL = projects/Windows/VC11/src/curlsrc.tmpl
 VC11_SRCVCXPROJ = projects/Windows/VC11/src/curlsrc.vcxproj
 VC11_SRCVCXPROJ_DEPS = $(VC11_SRCTMPL) Makefile.am src/Makefile.inc
 VC12_LIBTMPL = projects/Windows/VC12/lib/libcurl.tmpl
 VC12_LIBVCXPROJ = projects/Windows/VC12/lib/libcurl.vcxproj
 VC12_LIBVCXPROJ_DEPS = $(VC12_LIBTMPL) Makefile.am lib/Makefile.inc
 VC12_SRCTMPL = projects/Windows/VC12/src/curlsrc.tmpl
 VC12_SRCVCXPROJ = projects/Windows/VC12/src/curlsrc.vcxproj
 VC12_SRCVCXPROJ_DEPS = $(VC12_SRCTMPL) Makefile.am src/Makefile.inc
 VC_DIST = projects/README	\
 projects/build-openssl.bat	\
 projects/checksrc.bat	\
 projects/Windows/VC6/curl.dsw	\
 projects/Windows/VC6/lib/libcurl.dsw $(VC6_LIBDSP)	\
 projects/Windows/VC6/src/curlsrc.dsw $(VC6_SRCDSP)	\
 projects/Windows/VC7/curl.sln	\
 projects/Windows/VC7/lib/libcurl.sln $(VC7_LIBVCPROJ)	\
 projects/Windows/VC7/src/curlsrc.sln $(VC7_SRCVCPROJ)	\
 projects/Windows/VC7.1/curl.sln	\
 projects/Windows/VC7.1/lib/libcurl.sln $(VC71_LIBVCPROJ)	\
 projects/Windows/VC7.1/src/curlsrc.sln $(VC71_SRCVCPROJ)	\
 projects/Windows/VC8/curl.sln	\
 projects/Windows/VC8/lib/libcurl.sln $(VC8_LIBVCPROJ)	\
 projects/Windows/VC8/src/curlsrc.sln $(VC8_SRCVCPROJ)	\
 projects/Windows/VC9/curl.sln	\
 projects/Windows/VC9/lib/libcurl.sln $(VC9_LIBVCPROJ)	\
 projects/Windows/VC9/src/curlsrc.sln $(VC9_SRCVCPROJ)	\
 projects/Windows/VC10/curl.sln	\
 projects/Windows/VC10/lib/libcurl.sln $(VC10_LIBVCXPROJ)	\
 projects/Windows/VC10/src/curlsrc.sln $(VC10_SRCVCXPROJ)	\
 projects/Windows/VC11/curl.sln	\
 projects/Windows/VC11/lib/libcurl.sln $(VC11_LIBVCXPROJ)	\
 projects/Windows/VC11/src/curlsrc.sln $(VC11_SRCVCXPROJ)	\
 projects/Windows/VC12/curl.sln	\
 projects/Windows/VC12/lib/libcurl.sln $(VC12_LIBVCXPROJ)	\
 projects/Windows/VC12/src/curlsrc.sln $(VC12_SRCVCXPROJ)
 WINBUILD_DIST = winbuild/BUILD.WINDOWS.txt winbuild/gen_resp_file.bat	\
 winbuild/MakefileBuild.vc winbuild/Makefile.vc				\
@@ -61,7 +121,10 @@ EXTRA_DIST = CHANGES COPYING maketgz Makefile.dist curl-config.in	\
 RELEASE-NOTES buildconf libcurl.pc.in MacOSX-Framework	\
 $(CMAKE_DIST) $(VC_DIST) $(WINBUILD_DIST) lib/libcurl.vers.in
-CLEANFILES = $(VC6LIBDSP) $(VC8LIBPRJ)
+CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ)	\
 $(VC71_LIBVCPROJ) $(VC71_SRCVCPROJ) $(VC8_LIBVCPROJ) $(VC8_SRCVCPROJ)	\
 $(VC9_LIBVCPROJ) $(VC9_SRCVCPROJ) $(VC10_LIBVCXPROJ) $(VC10_SRCVCXPROJ)	\
 $(VC11_LIBVCXPROJ) $(VC11_SRCVCXPROJ) $(VC12_LIBVCXPROJ) $(VC12_SRCVCXPROJ)
 bin_SCRIPTS = curl-config
@@ -71,11 +134,9 @@ DIST_SUBDIRS = $(SUBDIRS) tests packages docs
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libcurl.pc
-# List of libcurl source files required to generate VC IDE dsp and prj files
+# List of files required to generate VC IDE .dsp, .vcproj and .vcxproj files
 include lib/Makefile.inc
-
+include src/Makefile.inc
 WIN32SOURCES = $(CSOURCES)
 WIN32HEADERS = $(HHEADERS) config-win32.h
 dist-hook:
 	rm -rf $(top_builddir)/tests/log
@@ -187,96 +248,283 @@ uninstall-hook:
 	cd docs && $(MAKE) uninstall
 ca-bundle: lib/mk-ca-bundle.pl
-	@echo "generate a fresh ca-bundle.crt"
+	@echo "generating a fresh ca-bundle.crt"
 	@perl $< -b -l -u lib/ca-bundle.crt
 ca-firefox: lib/firefox-db2pem.sh
-	@echo "generate a fresh ca-bundle.crt"
+	@echo "generating a fresh ca-bundle.crt"
 	./lib/firefox-db2pem.sh lib/ca-bundle.crt
 checksrc:
 	cd lib && $(MAKE) checksrc
 	cd src && $(MAKE) checksrc
-.PHONY: vc6-ide
+.PHONY: vc-ide
-vc6-ide:
+vc-ide: $(VC6_LIBDSP_DEPS) $(VC6_SRCDSP_DEPS) $(VC7_LIBVCPROJ_DEPS)	\
-	$(MAKE) $(VC6LIBDSP)
+ $(VC7_SRCVCPROJ_DEPS) $(VC71_LIBVCPROJ_DEPS) $(VC71_SRCVCPROJ_DEPS)	\
-
+ $(VC8_LIBVCPROJ_DEPS) $(VC8_SRCVCPROJ_DEPS) $(VC9_LIBVCPROJ_DEPS)	\
-$(VC6LIBDSP): $(VC6LIBDSP_DEPS)
+ $(VC9_SRCVCPROJ_DEPS) $(VC10_LIBVCXPROJ_DEPS) $(VC10_SRCVCXPROJ_DEPS)	\
-	@(echo "generating '$(VC6LIBDSP)'"; \
+ $(VC11_LIBVCXPROJ_DEPS) $(VC11_SRCVCXPROJ_DEPS) $(VC12_LIBVCXPROJ_DEPS)	\
 $(VC12_SRCVCXPROJ_DEPS)
 	@(win32_lib_srcs='$(LIB_CFILES)'; \
 	win32_lib_hdrs='$(LIB_HFILES) config-win32.h'; \
 	win32_lib_rc='$(LIB_RCFILES)'; \
 	win32_lib_vtls_srcs='$(LIB_VTLS_CFILES)'; \
 	win32_lib_vtls_hdrs='$(LIB_VTLS_HFILES)'; \
 	win32_src_srcs='$(CURL_CFILES)'; \
 	win32_src_hdrs='$(CURL_HFILES)'; \
 	win32_src_rc='$(CURL_RCFILES)'; \
 	win32_src_x_srcs='$(CURLX_CFILES)'; \
 	win32_src_x_hdrs='$(CURLX_HFILES) ../lib/config-win32.h'; \
 	\
-	for dir in 'vs' 'vs/vc6' 'vs/vc6/lib'; do \
+	sorted_lib_srcs=`for file in $$win32_lib_srcs; do echo $$file; done | sort`; \
-	  test -d "$$dir" || mkdir "$$dir" || exit 1; \
+	sorted_lib_hdrs=`for file in $$win32_lib_hdrs; do echo $$file; done | sort`; \
-	done; \
+	sorted_lib_vtls_srcs=`for file in $$win32_lib_vtls_srcs; do echo $$file; done | sort`; \
 	sorted_lib_vtls_hdrs=`for file in $$win32_lib_vtls_hdrs; do echo $$file; done | sort`; \
 	sorted_src_srcs=`for file in $$win32_src_srcs; do echo $$file; done | sort`; \
 	sorted_src_hdrs=`for file in $$win32_src_hdrs; do echo $$file; done | sort`; \
 	sorted_src_x_srcs=`for file in $$win32_src_x_srcs; do echo $$file; done | sort`; \
 	sorted_src_x_hdrs=`for file in $$win32_src_x_hdrs; do echo $$file; done | sort`; \
 	\
-	dir='..\..\..\lib\'; \
+	awk_code='\
-	body='$(VC6LIBDSP)'.body; \
+function gen_element(type, dir, file)\
-	win32_srcs='$(WIN32SOURCES)'; \
+{\
-	win32_hdrs='$(WIN32HEADERS)'; \
+  sub(/vtls\//, "", file);\
 	sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
 	sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
 \
-	echo "# Begin Group \"Source Files\""  > $$body; \
+  spaces="    ";\
-	echo ""                               >> $$body; \
+  if(dir == "lib\\vtls")\
-	echo "# PROP Default_Filter \"\""     >> $$body; \
+    tabs="				";\
-	for file in $$sorted_srcs; do \
+  else\
-	  echo "# Begin Source File"          >> $$body; \
+    tabs="			";\
 	  echo ""                             >> $$body; \
 	  echo "SOURCE="$$dir$$file           >> $$body; \
 	  echo "# End Source File"            >> $$body; \
 	done; \
 	echo "# End Group"                    >> $$body; \
 	echo "# Begin Group \"Header Files\"" >> $$body; \
 	echo ""                               >> $$body; \
 	echo "# PROP Default_Filter \"\""     >> $$body; \
 	for file in $$sorted_hdrs; do \
 	  echo "# Begin Source File"          >> $$body; \
 	  echo ""                             >> $$body; \
 	  echo "SOURCE="$$dir$$file           >> $$body; \
 	  echo "# End Source File"            >> $$body; \
 	done; \
 	echo "# End Group"                    >> $$body; \
 \
-	awk '{ printf("%s\r\n", $$0); }' \
+  if(type == "dsp") {\
-	  $(srcdir)/$(VC6LIBDSPHEAD) $$body $(srcdir)/$(VC6LIBDSPFOOT) \
+    printf("# Begin Source File\r\n");\
-	  > $(VC6LIBDSP) || { rm -f $$body; exit 1; }; \
+    printf("\r\n");\
    printf("SOURCE=..\\..\\..\\..\\%s\\%s\r\n", dir, file);\
    printf("# End Source File\r\n");\
  }\
  else if(type == "vcproj1") {\
    printf("%s<File\r\n", tabs);\
    printf("%s	RelativePath=\"..\\..\\..\\..\\%s\\%s\">\r\n",\
           tabs, dir, file);\
    printf("%s</File>\r\n", tabs);\
  }\
  else if(type == "vcproj2") {\
    printf("%s<File\r\n", tabs);\
    printf("%s	RelativePath=\"..\\..\\..\\..\\%s\\%s\"\r\n",\
           tabs, dir, file);\
    printf("%s>\r\n", tabs);\
    printf("%s</File>\r\n", tabs);\
  }\
  else if(type == "vcxproj") {\
    i = index(file, ".");\
    ext = substr(file, i == 0 ? 0 : i + 1);\
 \
-	rm -f $$body)
+    if(ext == "c")\
-
+      printf("%s<ClCompile Include=\"..\\..\\..\\..\\%s\\%s\" />\r\n",\
-.PHONY: vc8-ide
+             spaces, dir, file);\
-
+    else if(ext == "h")\
-vc8-ide:
+      printf("%s<ClInclude Include=\"..\\..\\..\\..\\%s\\%s\" />\r\n",\
-	$(MAKE) $(VC8LIBPRJ)
+             spaces, dir, file);\
-
+    else if(ext == "rc")\
-$(VC8LIBPRJ): $(VC8LIBPRJ_DEPS)
+      printf("%s<ResourceCompile Include=\"..\\..\\..\\..\\%s\\%s\" />\r\n",\
-	@(echo "generating '$(VC8LIBPRJ)'"; \
+      spaces, dir, file);\
  }\
 }\
 \
-	for dir in 'vs' 'vs/vc8' 'vs/vc8/lib'; do \
+{\
 	  test -d "$$dir" || mkdir "$$dir" || exit 1; \
 	done; \
 \
-	dir='..\..\..\lib\'; \
+  if($$0 == "CURL_LIB_C_FILES") {\
-	body='$(VC8LIBPRJ)'.body; \
+    split(lib_srcs, arr);\
-	win32_srcs='$(WIN32SOURCES)'; \
+    for(val in arr) gen_element(proj_type, "lib", arr[val]);\
-	win32_hdrs='$(WIN32HEADERS)'; \
+  }\
-	sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
+  else if($$0 == "CURL_LIB_H_FILES") {\
-	sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
+    split(lib_hdrs, arr);\
    for(val in arr) gen_element(proj_type, "lib", arr[val]);\
  }\
  else if($$0 == "CURL_LIB_RC_FILES") {\
    split(lib_rc, arr);\
    for(val in arr) gen_element(proj_type, "lib", arr[val]);\
  }\
  else if($$0 == "CURL_LIB_VTLS_C_FILES") {\
    split(lib_vtls_srcs, arr);\
    for(val in arr) gen_element(proj_type, "lib\\vtls", arr[val]);\
  }\
  else if($$0 == "CURL_LIB_VTLS_H_FILES") {\
    split(lib_vtls_hdrs, arr);\
    for(val in arr) gen_element(proj_type, "lib\\vtls", arr[val]);\
  }\
  else if($$0 == "CURL_SRC_C_FILES") {\
    split(src_srcs, arr);\
    for(val in arr) gen_element(proj_type, "src", arr[val]);\
  }\
  else if($$0 == "CURL_SRC_H_FILES") {\
    split(src_hdrs, arr);\
    for(val in arr) gen_element(proj_type, "src", arr[val]);\
  }\
  else if($$0 == "CURL_SRC_RC_FILES") {\
    split(src_rc, arr);\
    for(val in arr) gen_element(proj_type, "src", arr[val]);\
  }\
  else if($$0 == "CURL_SRC_X_C_FILES") {\
    split(src_x_srcs, arr);\
    for(val in arr) {\
      sub(/..\/lib\//, "", arr[val]);\
      gen_element(proj_type, "lib", arr[val]);\
    }\
  }\
  else if($$0 == "CURL_SRC_X_H_FILES") {\
    split(src_x_hdrs, arr);\
    for(val in arr) {\
      sub(/..\/lib\//, "", arr[val]);\
      gen_element(proj_type, "lib", arr[val]);\
    }\
  }\
  else\
    printf("%s\r\n", $$0);\
 }';\
 	\
-	echo "%tab%%tab%<Filter Name=\"Source Files\">"  > $$body; \
+	echo "generating '$(VC6_LIBDSP)'"; \
-	for file in $$sorted_srcs; do \
+	awk -v proj_type=dsp \
-	  echo "%tab%%tab%%tab%<File RelativePath=\""$$dir$$file"\"></File>" >> $$body; \
+		-v lib_srcs="$$sorted_lib_srcs" \
-	done; \
+		-v lib_hdrs="$$sorted_lib_hdrs" \
-	echo "%tab%%tab%</Filter>"                      >> $$body; \
+		-v lib_rc="$$win32_lib_rc" \
-	echo "%tab%%tab%<Filter Name=\"Header Files\">" >> $$body; \
+		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
-	for file in $$sorted_hdrs; do \
+		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
-	  echo "%tab%%tab%%tab%<File RelativePath=\""$$dir$$file"\"></File>" >> $$body; \
+		"$$awk_code" $(srcdir)/$(VC6_LIBTMPL) > $(VC6_LIBDSP) || { exit 1; }; \
 	done; \
 	echo "%tab%%tab%</Filter>"                      >> $$body; \
 	\
-	awk '{ gsub(/%tab%/, "\t"); printf("%s\r\n", $$0); }' \
+	echo "generating '$(VC6_SRCDSP)'"; \
-	  $(srcdir)/$(VC8LIBPRJHEAD) $$body $(srcdir)/$(VC8LIBPRJFOOT) \
+	awk -v proj_type=dsp \
-	  > $(VC8LIBPRJ) || { rm -f $$body; exit 1; }; \
+		-v src_srcs="$$sorted_src_srcs" \
 		-v src_hdrs="$$sorted_src_hdrs" \
 		-v src_rc="$$win32_src_rc" \
 		-v src_x_srcs="$$sorted_src_x_srcs" \
 		-v src_x_hdrs="$$sorted_src_x_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC6_SRCTMPL) > $(VC6_SRCDSP) || { exit 1; }; \
 	\
-	rm -f $$body)
+	echo "generating '$(VC7_LIBVCPROJ)'"; \
-
+	awk -v proj_type=vcproj1 \
 		-v lib_srcs="$$sorted_lib_srcs" \
 		-v lib_hdrs="$$sorted_lib_hdrs" \
 		-v lib_rc="$$win32_lib_rc" \
 		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
 		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC7_LIBTMPL) > $(VC7_LIBVCPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC7_SRCVCPROJ)'"; \
 	awk -v proj_type=vcproj1 \
 		-v src_srcs="$$sorted_src_srcs" \
 		-v src_hdrs="$$sorted_src_hdrs" \
 		-v src_rc="$$win32_src_rc" \
 		-v src_x_srcs="$$sorted_src_x_srcs" \
 		-v src_x_hdrs="$$sorted_src_x_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC7_SRCTMPL) > $(VC7_SRCVCPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC71_LIBVCPROJ)'"; \
 	awk -v proj_type=vcproj1 \
 		-v lib_srcs="$$sorted_lib_srcs" \
 		-v lib_hdrs="$$sorted_lib_hdrs" \
 		-v lib_rc="$$win32_lib_rc" \
 		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
 		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC71_LIBTMPL) > $(VC71_LIBVCPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC71_SRCVCPROJ)'"; \
 	awk -v proj_type=vcproj1 \
 		-v src_srcs="$$sorted_src_srcs" \
 		-v src_hdrs="$$sorted_src_hdrs" \
 		-v src_rc="$$win32_src_rc" \
 		-v src_x_srcs="$$sorted_src_x_srcs" \
 		-v src_x_hdrs="$$sorted_src_x_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC71_SRCTMPL) > $(VC71_SRCVCPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC8_LIBVCPROJ)'"; \
 	awk -v proj_type=vcproj2 \
 		-v lib_srcs="$$sorted_lib_srcs" \
 		-v lib_hdrs="$$sorted_lib_hdrs" \
 		-v lib_rc="$$win32_lib_rc" \
 		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
 		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC8_LIBTMPL) > $(VC8_LIBVCPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC8_SRCVCPROJ)'"; \
 	awk -v proj_type=vcproj2 \
 		-v src_srcs="$$sorted_src_srcs" \
 		-v src_hdrs="$$sorted_src_hdrs" \
 		-v src_rc="$$win32_src_rc" \
 		-v src_x_srcs="$$sorted_src_x_srcs" \
 		-v src_x_hdrs="$$sorted_src_x_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC8_SRCTMPL) > $(VC8_SRCVCPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC9_LIBVCPROJ)'"; \
 	awk -v proj_type=vcproj2 \
 		-v lib_srcs="$$sorted_lib_srcs" \
 		-v lib_hdrs="$$sorted_lib_hdrs" \
 		-v lib_rc="$$win32_lib_rc" \
 		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
 		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC9_LIBTMPL) > $(VC9_LIBVCPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC9_SRCVCPROJ)'"; \
 	awk -v proj_type=vcproj2 \
 		-v src_srcs="$$sorted_src_srcs" \
 		-v src_hdrs="$$sorted_src_hdrs" \
 		-v src_rc="$$win32_src_rc" \
 		-v src_x_srcs="$$sorted_src_x_srcs" \
 		-v src_x_hdrs="$$sorted_src_x_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC9_SRCTMPL) > $(VC9_SRCVCPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC10_LIBVCXPROJ)'"; \
 	awk -v proj_type=vcxproj \
 		-v lib_srcs="$$sorted_lib_srcs" \
 		-v lib_hdrs="$$sorted_lib_hdrs" \
 		-v lib_rc="$$win32_lib_rc" \
 		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
 		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC10_LIBTMPL) > $(VC10_LIBVCXPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC10_SRCVCXPROJ)'"; \
 	awk -v proj_type=vcxproj \
 		-v src_srcs="$$sorted_src_srcs" \
 		-v src_hdrs="$$sorted_src_hdrs" \
 		-v src_rc="$$win32_src_rc" \
 		-v src_x_srcs="$$sorted_src_x_srcs" \
 		-v src_x_hdrs="$$sorted_src_x_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC10_SRCTMPL) > $(VC10_SRCVCXPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC11_LIBVCXPROJ)'"; \
 	awk -v proj_type=vcxproj \
 		-v lib_srcs="$$sorted_lib_srcs" \
 		-v lib_hdrs="$$sorted_lib_hdrs" \
 		-v lib_rc="$$win32_lib_rc" \
 		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
 		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC11_LIBTMPL) > $(VC11_LIBVCXPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC11_SRCVCXPROJ)'"; \
 	awk -v proj_type=vcxproj \
 		-v src_srcs="$$sorted_src_srcs" \
 		-v src_hdrs="$$sorted_src_hdrs" \
 		-v src_rc="$$win32_src_rc" \
 		-v src_x_srcs="$$sorted_src_x_srcs" \
 		-v src_x_hdrs="$$sorted_src_x_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC11_SRCTMPL) > $(VC11_SRCVCXPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC12_LIBVCXPROJ)'"; \
 	awk -v proj_type=vcxproj \
 		-v lib_srcs="$$sorted_lib_srcs" \
 		-v lib_hdrs="$$sorted_lib_hdrs" \
 		-v lib_rc="$$win32_lib_rc" \
 		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
 		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC12_LIBTMPL) > $(VC12_LIBVCXPROJ) || { exit 1; }; \
 	\
 	echo "generating '$(VC12_SRCVCXPROJ)'"; \
 	awk -v proj_type=vcxproj \
 		-v src_srcs="$$sorted_src_srcs" \
 		-v src_hdrs="$$sorted_src_hdrs" \
 		-v src_rc="$$win32_src_rc" \
 		-v src_x_srcs="$$sorted_src_x_srcs" \
 		-v src_x_hdrs="$$sorted_src_x_hdrs" \
 		"$$awk_code" $(srcdir)/$(VC12_SRCTMPL) > $(VC12_SRCVCXPROJ) || { exit 1; };)
--- a/Makefile.dist
+++ b/Makefile.dist
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -130,41 +130,281 @@ vc-x64: $(VC)
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release
 vc-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release WINDOWS_SSPI=1
 vc-x64-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release WINDOWS_SSPI=1
 vc-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release USE_IDN=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release USE_IDN=1
 vc-x64-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1
 vc-idn-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release USE_IDN=1 WINDOWS_SSPI=1
 vc-x64-idn-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1 WINDOWS_SSPI=1
 vc-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-zlib
 vc-x64-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib
 vc-zlib-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-zlib WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-zlib WINDOWS_SSPI=1
 vc-x64-zlib-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib WINDOWS_SSPI=1
 vc-zlib-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1
 vc-x64-zlib-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1
 vc-zlib-idn-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1 WINDOWS_SSPI=1
 vc-x64-zlib-idn-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1 WINDOWS_SSPI=1
 vc-ssl: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl
 vc-x64-ssl: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl
 vc-ssl-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl WINDOWS_SSPI=1
 vc-x64-ssl-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl WINDOWS_SSPI=1
 vc-ssl-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1
 vc-x64-ssl-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1
 vc-ssl-idn-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1 WINDOWS_SSPI=1
 vc-x64-ssl-idn-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1 WINDOWS_SSPI=1
 vc-ssl-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib
 vc-winssl-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-winssl-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-winssl-zlib
 vc-x64-ssl-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib
 vc-ssl-zlib-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib WINDOWS_SSPI=1
 vc-x64-ssl-zlib-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib WINDOWS_SSPI=1
 vc-ssl-zlib-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1
 vc-x64-ssl-zlib-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1
 vc-ssl-zlib-idn-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1 WINDOWS_SSPI=1
 vc-x64-ssl-zlib-idn-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1 WINDOWS_SSPI=1
 vc-ssl-ssh2-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib
 vc-x64-ssl-ssh2-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib
 vc-ssl-ssh2-zlib-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib WINDOWS_SSPI=1
 vc-x64-ssl-ssh2-zlib-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib WINDOWS_SSPI=1
 vc-ssl-ssh2-zlib-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1
 vc-x64-ssl-ssh2-zlib-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1
 vc-ssl-ssh2-zlib-idn-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1 WINDOWS_SSPI=1
 vc-x64-ssl-ssh2-zlib-idn-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1 WINDOWS_SSPI=1
 vc-winssl: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-winssl WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-winssl WINDOWS_SSPI=1
 vc-x64-winssl: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl WINDOWS_SSPI=1
 vc-winssl-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-winssl USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-winssl USE_IDN=1 WINDOWS_SSPI=1
 vc-x64-winssl-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl USE_IDN=1 WINDOWS_SSPI=1
 vc-winssl-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-winssl-zlib WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-winssl-zlib WINDOWS_SSPI=1
 vc-x64-winssl-zlib: $(VC)
 	cd lib
-	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib WINDOWS_SSPI=1
 	cd ..\src
-	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib WINDOWS_SSPI=1
 vc-winssl-zlib-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-winssl-zlib USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-winssl-zlib USE_IDN=1 WINDOWS_SSPI=1
 vc-x64-winssl-zlib-idn: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib USE_IDN=1 WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib USE_IDN=1 WINDOWS_SSPI=1
 vc-ssl-dll: $(VC)
 	cd lib
@@ -208,12 +448,6 @@ vc-zlib-dll: $(VC)
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-zlib-dll
 vc-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release WINDOWS_SSPI=1
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release WINDOWS_SSPI=1
 djgpp:
 	$(MAKE) -C lib -f Makefile.dj
 	$(MAKE) -C src -f Makefile.dj
@@ -266,6 +500,18 @@ linux-ssl: ssl
 # We don't need to do anything for vc6.
 vc6:
 # VC7 makefiles are for use with VS.NET and VS.NET 2003
 vc7: lib/Makefile.vc7 src/Makefile.vc7
 lib/Makefile.vc7: lib/Makefile.vc6
 	@echo "generate $@"
 	@sed -e "s/VC6/VC7/g" lib/Makefile.vc6 > lib/Makefile.vc7
 src/Makefile.vc7: src/Makefile.vc6
 	@echo "generate $@"
 	@sed -e "s/VC6/VC7/g" src/Makefile.vc6 > src/Makefile.vc7
 # VC8 makefiles are for use with VS2005
 vc8: lib/Makefile.vc8 src/Makefile.vc8
 lib/Makefile.vc8: lib/Makefile.vc6
@@ -298,6 +544,28 @@ src/Makefile.vc10: src/Makefile.vc6
 	@echo "generate $@"
 	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc10/g" -e "s/VC6/VC10/g" src/Makefile.vc6 > src/Makefile.vc10
 # VC11 makefiles are for use with VS2012
 vc11: lib/Makefile.vc11 src/Makefile.vc11
 lib/Makefile.vc11: lib/Makefile.vc6
 	@echo "generate $@"
 	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc11/g" -e "s/VC6/VC11/g" lib/Makefile.vc6 > lib/Makefile.vc11
 src/Makefile.vc11: src/Makefile.vc6
 	@echo "generate $@"
 	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc11/g" -e "s/VC6/VC11/g" src/Makefile.vc6 > src/Makefile.vc11
 # VC12 makefiles are for use with VS2013
 vc12: lib/Makefile.vc12 src/Makefile.vc12
 lib/Makefile.vc12: lib/Makefile.vc6
 	@echo "generate $@"
 	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc12/g" -e "s/VC6/VC12/g" lib/Makefile.vc6 > lib/Makefile.vc12
 src/Makefile.vc12: src/Makefile.vc6
 	@echo "generate $@"
 	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc12/g" -e "s/VC6/VC12/g" src/Makefile.vc6 > src/Makefile.vc12
 ca-bundle: lib/mk-ca-bundle.pl
 	@echo "generate a fresh ca-bundle.crt"
 	@perl $< -b -l -u lib/ca-bundle.crt
--- a/246
+++ b/246
@@ -1,69 +1,146 @@
-Curl and libcurl 7.32.0
+Curl and libcurl 7.40.0
- Public curl releases:         134
+ Public curl releases:         143
- Command line options:         152
+ Command line options:         162
- curl_easy_setopt() options:   199
+ curl_easy_setopt() options:   208
 Public functions in libcurl:  58
- Known libcurl bindings:       42
+ Contributors:                 1219
 Contributors:                 1049
 ***
  krb4 support is up for removal. If you care about it at all, speak up
  on the curl-library list asap!
 ***
 This release includes the following changes:
- o curl: allow timeouts to accept decimal values
+ o http_digest: Added support for Windows SSPI based authentication
- o OS400: add slist and certinfo EBCDIC support
+ o version info: Added Kerberos V5 to the supported features
- o OS400: new SSL backend GSKit
+ o Makefile: Added VC targets for WinIDN
- o CURLOPT_XFERINFOFUNCTION: introducing a new progress callback
+ o config-win32: Introduce build targets for VS2012+
- o LIBCURL-STRUCTS: new document
+ o SSL: Add PEM format support for public key pinning
 o smtp: Added support for the conversion of Unix newlines during mail send [8]
 o smb: Added initial support for the SMB/CIFS protocol
 o Added support for HTTP over unix domain sockets, via
   CURLOPT_UNIX_SOCKET_PATH and --unix-socket
 o sasl: Added support for GSS-API based Kerberos V5 authentication
 This release includes the following bugfixes:
- o dotdot: introducing dot file path cleanup [1]
+ o darwinssl: fix session ID keys to only reuse identical sessions [18]
- o docs: fix typo in curl_easy_getinfo manpage
+ o url-parsing: reject CRLFs within URLs [19]
- o test1230: avoid using hard-wired port number
+ o OS400: Adjust specific support to last release
- o test1396: invoke the correct test tool
+ o THANKS: Remove duplicate names
- o SIGPIPE: ignored while inside the library [2]
+ o url.c: Fixed compilation warning
- o darwinssl: fix crash that started happening in Lion
+ o ssh: Fixed build on platforms where R_OK is not defined [1]
- o OpenSSL: check for read errors, don't assume [3]
+ o tool_strdup.c: include the tool strdup.h
- o c-ares: improve error message on failed resolve [4]
+ o build: Fixed Visual Studio project file generation of strdup.[c|h]
- o printf: make sure %x are treated unsigned
+ o curl_easy_setopt.3: add CURLOPT_PINNEDPUBLICKEY [2]
- o formpost: better random boundaries [5]
+ o curl.1: show zone index use in a URL
- o url: restore the functionality of 'curl -u :' [6]
+ o mk-ca-bundle.vbs: switch to new certdata.txt url
- o curl.1: fix typo in --xattr description [7]
+ o Makefile.dist: Added some missing SSPI configurations
- o digest: improve nonce generation
+ o build: Fixed no NTLM support for email when CURL_DISABLE_HTTP is defined
- o configure: automake 1.14 compatibility tweak
+ o SSH: use the port number as well for known_known checks [3]
- o curl.1: document the --post303 option in the man page
+ o libssh2: detect features based on version, not configure checks
- o curl.1: document the --sasl-ir option in the man page
+ o http2: Deal with HTTP/2 data inside Upgrade response header buffer [4]
- o setup-vms.h: sk_pop symbol tweak
+ o multi: removed Curl_multi_set_easy_connection
- o tool_paramhlp: try harder to catch negatives
+ o symbol-scan.pl: do not require autotools
- o cmake: Fix for MSVC2010 project generation [8]
+ o cmake: add ENABLE_THREADED_RESOLVER, rename ARES
- o asyn-ares: Don't blank ares servers if none configured
+ o cmake: build libhostname for test suite
- o curl_multi_wait: set revents for extra fds
+ o cmake: fix HAVE_GETHOSTNAME definition
- o Reinstate "WIN32 MemoryTracking: track wcsdup() _wcsdup() and _tcsdup()
+ o tests: fix libhostname visibility
- o ftp_do_more: consider DO_MORE complete when server connects back [9]
+ o tests: fix memleak in server/resolve.c
- o curl_easy_perform: gradually increase the delay time [10]
+ o vtls.h: Fixed compiler warning when compiled without SSL
- o curl: fix symbolic names for CURLUSESSL_* enum in --libcurl output
+ o CMake: Restore order-dependent header checks
- o curl: fix upload of a zip file in OpenVMS [11]
+ o CMake: Restore order-dependent library checks
- o build: fix linking on Solaris 10 [12]
+ o tool: Removed krb4 from the supported features
- o curl_formadd: CURLFORM_FILECONTENT wrongly rejected some option combos [13]
+ o http2: Don't send Upgrade headers when we already do HTTP/2
- o curl_formadd: fix file upload on VMS [14]
+ o examples: Don't call select() to sleep on windows [6]
- o curl_easy_pause: on unpause, trigger mulit-socket handling [15]
+ o win32: Updated some legacy APIs to use the newer extended versions [5]
- o md5 & metalink: use better build macros on Apple operating systems [16]
+ o easy.c: Fixed compilation warning when no verbose string support
- o darwinssl: fix build error in crypto authentication under Snow Leopard [16]
+ o connect.c: Fixed compilation warning when no verbose string support
- o curl: make --progress-bar update the line less frequently [17]
+ o build: in Makefile.m32 pass -F flag to windres
- o configure: don't error out on variable confusions (CFLAGS, LDFLAGS etc)
+ o build: in Makefile.m32 add -m32 flag for 32bit
- o mk-ca-bundle: skip more untrusted certificates
+ o multi: when leaving for timeout, close accordingly
- o formadd: wrong pointer for file name when CURLFORM_BUFFERPTR used [18]
+ o CMake: Simplify if() conditions on check result variables
- o FTP: when EPSV gets a 229 but fails to connect, retry with PASV
+ o build: in Makefile.m32 try to detect 64bit target
- o mk-ca-bundle.1: don't install on make install [19]
+ o multi: inform about closed sockets before they are closed
- o VMS: lots of updates and fixes of the build procedure
+ o multi-uv.c: close the file handle after download
- o global dns cache: didn't work (regression)
+ o examples: Wait recommended 100ms when no file descriptors are ready
- o global dns cache: fix memory leak
+ o ntlm: Split the SSPI based messaging code from the native messaging code
- o 
+ o cmake: fix NTLM detection when CURL_DISABLE_HTTP defined
 o cmake: add Kerberos to the supported feature
 o CURLOPT_POSTFIELDS.3: mention the COPYPOSTFIELDS option
 o http: Disable pipelining for HTTP/2 and upgraded connections
 o ntlm: Fixed static'ness of local decode function
 o sasl: Reduced the need for two sets of NTLM messaging functions
 o multi.c: Fixed compilation warnings when no verbose string support
 o select.c: fix compilation for VxWorks [7]
 o multi-single.c: switch to use curl_multi_wait
 o curl_multi_wait.3: clarify numfds being used if not NULL
 o http.c: Fixed compilation warnings from features being disabled
 o NSS: enable the CAPATH option [9]
 o docs: Fix FAILONERROR typos
 o HTTP: don't abort connections with pending Negotiate authentication
 o HTTP: Free (proxy)userpwd for NTLM/Negotiate after sending a request
 o http_perhapsrewind: don't abort CONNECT requests
 o build: updated dependencies in makefiles
 o multi.c: Fixed compilation warning
 o ftp.c: Fixed compilation warnings when proxy support disabled
 o get_url_file_name: Fixed crash on OOM on debug build
 o cookie.c: Refactored cleanup code to simplify
 o OS400: enable NTLM authentication
 o ntlm: Use Windows Crypt API
 o http2: avoid logging neg "failure" if h2 was not requested
 o schannel_recv: return the correct code [10]
 o VC build: added sspi define for winssl-zlib builds
 o Curl_client_write(): chop long data, convert data only once
 o openldap: do not ignore Curl_client_write() return code
 o ldap: check Curl_client_write() return codes
 o parsedate.c: Fixed compilation warning
 o url.c: Fixed compilation warning when USE_NTLM is not defined
 o ntlm_wb_response: fix "statement not reached" [11]
 o telnet: fix "cast increases required alignment of target type"
 o smtp: Fixed dot stuffing when EOL characters at end of input buffers [12]
 o ntlm: Allow NTLM2Session messages when USE_NTRESPONSES manually defined
 o ntlm: Disable NTLM v2 when 64-bit integers are not supported
 o ntlm: Use short integer when decoding 16-bit values
 o ftp.c: Fixed compilation warning when no verbose string support
 o synctime.c: fixed timeserver URLs
 o mk-ca-bundle.pl: restored forced run again
 o ntlm: Fixed return code for bad type-2 Target Info
 o curl_schannel.c: Data may be available before connection shutdown
 o curl_schannel: Improvements to memory re-allocation strategy [13]
 o darwinssl: aprintf() to allocate the session key
 o tool_util.c: Use GetTickCount64 if it is available
 o lib: Fixed multiple code analysis warnings if SAL are available
 o tool_binmode.c: Explicitly ignore the return code of setmode
 o tool_urlglob.c: Silence warning C6293: Ill-defined for-loop
 o opts: Warn CURLOPT_TIMEOUT overrides when set after CURLOPT_TIMEOUT_MS
 o SFTP: work-around servers that return zero size on STAT [14]
 o connect: singleipconnect(): properly try other address families after failure
 o IPV6: address scope != scope id [15]
 o parseurlandfillconn(): fix improper non-numeric scope_id stripping [16]
 o secureserver.pl: make OpenSSL CApath and cert absolute path values
 o secureserver.pl: update Windows detection and fix path conversion
 o secureserver.pl: clean up formatting of config and fix verbose output
 o tests: Added Windows support using Cygwin-based OpenSSH
 o sockfilt.c: use non-Ex functions that are available before WinXP
 o VMS: Updates for 0740-0D1220
 o openssl: warn for SRP set if SSLv3 is used, not for TLS version
 o openssl: make it compile against openssl 1.1.0-DEV master branch
 o openssl: fix SSL/TLS versions in verbose output
 o curl: show size of inhibited data when using -v
 o build: Removed WIN32 definition from the Visual Studio projects
 o build: Removed WIN64 definition from the libcurl Visual Studio projects
 o vtls: Use bool for Curl_ssl_getsessionid() return type
 o sockfilt.c: Replace 100ms sleep with thread throttle
 o sockfilt.c: Reduce the number of individual memory allocations
 o vtls: Don't set cert info count until memory allocation is successful
 o nss: Don't ignore Curl_ssl_init_certinfo() OOM failure
 o nss: Don't ignore Curl_extract_certinfo() OOM failure
 o vtls: Fixed compilation warning and an ignored return code
 o sockfilt.c: Fixed compilation warnings
 o darwinssl: Fixed compilation warning
 o vtls: Use '(void) arg' for unused parameters
 o sepheaders.c: Fixed resource leak on failure
 o lib1900.c: Fixed cppcheck error [17]
 o ldap: Fixed Unicode connection details in Win32 initialsation / bind calls
 o ldap: Fixed Unicode DN, attributes and filter in Win32 search calls
 This release includes the following known bugs:
@@ -72,34 +149,35 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
- Alex Vinnik, Alessandro Ghedini, Nick Zitzmann, Kamil Dudka,
+  Andrey Labunets, Anthon Pang, Bill Nagel, Brad Harder, Brad King, Carlo Wood,
- Lluis Batlle i Rossell, Nach M. S., Kim Vandry, Ben Greear, Dan Fandrich,
+  Christian Hägele, Dan Fandrich, Daniel Stenberg, Dave Reisner, Frank Gevaerts,
- Dave Reisner, Evgeny Turnaev, Guenter Knauf, John E. Malmberg, Marc Hoersken,
+  Gisle Vanem, Guenter Knauf, Jan Ehrhardt, Johan Lantz, John E. Malmberg,
- Patrick Monnerat, Sergei Nikulov, Yang Tse, Andreas Malzahn, Clemens Gruber,
+  Jon Spencer, Julien Nabet, Kamil Dudka, Kyle J. McKay, Lucas Pardue,
- Jean-Noel Rouvignac, Markus Moeller, Fabian Keil, Dagobert Michelsen,
+  Marc Hesse, Marc Hoersken, Marc Renault, Michael Osipov, Nick Zitzmann,
- Byrial Jensen, Justin Karneges, Edward Rudd, Marc Doughty, Konstantin Isakov,
+  Nobuhiro Ban, Patrick Monnerat, Peter Wu, Ray Satiro, Sam Hurst,
- 
+  Stefan Bühler, Stefan Neis, Steve Holme, Tae Hyoung Ahn, Tatsuhiro Tsujikawa,
  Tomasz Kojm, Tor Arntsen, Waldek Kozba, Warren Menzer
        Thanks! (and sorry if I forgot to mention someone)
 References to bug reports and discussions on issues:
- [1] = http://curl.haxx.se/bug/view.cgi?id=1200
+ [1] = http://curl.haxx.se/mail/lib-2014-11/0035.html
- [2] = http://curl.haxx.se/bug/view.cgi?id=1180
+ [2] = http://curl.haxx.se/mail/lib-2014-11/0078.html
- [3] = http://curl.haxx.se/bug/view.cgi?id=1249
+ [3] = http://curl.haxx.se/bug/view.cgi?id=1448
- [4] = http://curl.haxx.se/bug/view.cgi?id=1191
+ [4] = https://github.com/tatsuhiro-t/nghttp2/issues/103
- [5] = http://curl.haxx.se/bug/view.cgi?id=1251
+ [5] = http://sourceforge.net/p/curl/feature-requests/82/
- [6] = http://curl.haxx.se/mail/archive-2013-06/0052.html
+ [6] = http://curl.haxx.se/mail/lib-2014-11/0221.html
- [7] = http://curl.haxx.se/bug/view.cgi?id=1252
+ [7] = http://curl.haxx.se/bug/view.cgi?id=1455
- [8] = http://curl.haxx.se/mail/lib-2013-07/0046.html
+ [8] = http://curl.haxx.se/bug/view.cgi?id=1456
- [9] = http://curl.haxx.se/mail/lib-2013-07/0115.html
+ [9] = http://curl.haxx.se/bug/view.cgi?id=1457
- [10] = http://curl.haxx.se/mail/lib-2013-07/0103.html
+ [10] = http://curl.haxx.se/bug/view.cgi?id=1462
- [11] = http://curl.haxx.se/bug/view.cgi?id=496
+ [11] = http://curl.haxx.se/mail/lib-2014-12/0089.html
- [12] = http://curl.haxx.se/bug/view.cgi?id=1217
+ [12] = http://curl.haxx.se/bug/view.cgi?id=1456
- [13] = http://curl.haxx.se/mail/lib-2013-07/0258.html
+ [13] = http://curl.haxx.se/bug/view.cgi?id=1450
- [14] = http://curl.haxx.se/bug/view.cgi?id=758
+ [14] = http://curl.haxx.se/mail/lib-2014-12/0103.html
- [15] = http://curl.haxx.se/mail/lib-2013-07/0239.html
+ [15] = http://curl.haxx.se/bug/view.cgi?id=1451
- [16] = http://curl.haxx.se/bug/view.cgi?id=1255
+ [16] = http://curl.haxx.se/bug/view.cgi?id=1449
- [17] = http://curl.haxx.se/mail/archive-2013-07/0031.html
+ [17] = https://github.com/bagder/curl/pull/133
- [18] = http://curl.haxx.se/bug/view.cgi?id=1262
+ [18] = http://curl.haxx.se/docs/adv_20150108A.html
- [19] = http://curl.haxx.se/mail/lib-2013-08/0057.html
+ [19] = http://curl.haxx.se/docs/adv_20150108B.html
--- a/4
+++ b/4
@@ -1,4 +0,0 @@
 To be addressed in ...
 =======================
 327 - 
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -2614,23 +2614,23 @@ AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
    capath="no"
  elif test "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
    dnl --with-ca-path given
-    if test "x$OPENSSL_ENABLED" != "x1"; then
+    if test "x$OPENSSL_ENABLED" != "x1" -a "x$POLARSSL_ENABLED" != "x1"; then
-      AC_MSG_ERROR([--with-ca-path only works with openSSL])
+      AC_MSG_ERROR([--with-ca-path only works with openSSL or PolarSSL])
    fi
    capath="$want_capath"
    ca="no"
-  elif test "x$cross_compiling" != "xyes"; then
+  else
    dnl NOT cross-compiling and...
    dnl neither of the --with-ca-* options are provided
    dnl first try autodetecting a CA bundle , then a CA path
    dnl both autodetections can be skipped by --without-ca-*
    ca="no"
    capath="no"
    if test "x$cross_compiling" != "xyes"; then
      dnl NOT cross-compiling and...
      dnl neither of the --with-ca-* options are provided
      if test "x$want_ca" = "xunset"; then
        dnl the path we previously would have installed the curl ca bundle
-      dnl to, and thus we now check for an already existing cert in that place
+        dnl to, and thus we now check for an already existing cert in that
-      dnl in case we find no other
+        dnl place in case we find no other
        if test "x$prefix" != xNONE; then
          cac="${prefix}/share/curl/curl-ca-bundle.crt"
        else
@@ -2662,6 +2662,7 @@ AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
      dnl no option given and cross-compiling
      AC_MSG_WARN([skipped the ca-cert path detection when cross-compiling])
    fi
  fi
  if test "x$ca" != "xno"; then
    CURL_CA_BUNDLE='"'$ca'"'
--- a/50
+++ b/50
@@ -6,7 +6,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -32,6 +32,7 @@ die(){
 #--------------------------------------------------------------------------
 # findtool works as 'which' but we use a different name to make it more
 # obvious we aren't using 'which'! ;-)
 # Unlike 'which' does, the current directory is ignored.
 #
 findtool(){
  file="$1"
@@ -49,7 +50,7 @@ findtool(){
  do
    IFS=$old_IFS
    # echo "checks for $file in $path" >&2
-    if test -f "$path/$file"; then
+    if test "$path" -a "$path" != '.' -a -f "$path/$file"; then
      echo "$path/$file"
      return
    fi
@@ -189,32 +190,32 @@ else
 fi
 #--------------------------------------------------------------------------
-# GNU libtool preliminary check
+# GNU libtoolize preliminary check
 #
 want_lt_major=1
 want_lt_minor=4
 want_lt_patch=2
 want_lt_version=1.4.2
-# This approach that tries 'glibtool' first is intended for systems that
+# This approach that tries 'glibtoolize' first is intended for systems that
-# have GNU libtool named as 'glibtool' and libtool not being GNU's.
+# have GNU libtool named as 'glibtoolize' and libtoolize not being GNU's.
-libtool=`findtool glibtool 2>/dev/null`
+libtoolize=`findtool glibtoolize 2>/dev/null`
-if test ! -x "$libtool"; then
+if test ! -x "$libtoolize"; then
-  libtool=`findtool ${LIBTOOL:-libtool}`
+  libtoolize=`findtool ${LIBTOOLIZE:-libtoolize}`
 fi
-if test -z "$libtool"; then
+if test -z "$libtoolize"; then
-  echo "buildconf: libtool not found."
+  echo "buildconf: libtoolize not found."
-  echo "            You need GNU libtool $want_lt_version or newer installed."
+  echo "  You need GNU libtoolize $want_lt_version or newer installed."
  exit 1
 fi
-lt_pver=`$libtool --version 2>/dev/null|head -n 1`
+lt_pver=`$libtoolize --version 2>/dev/null|head -n 1`
 lt_qver=`echo $lt_pver|sed -e "s/([^)]*)//g" -e "s/^[^0-9]*//g"`
 lt_version=`echo $lt_qver|sed -e "s/[- ].*//" -e "s/\([a-z]*\)$//"`
 if test -z "$lt_version"; then
-  echo "buildconf: libtool not found."
+  echo "buildconf: libtoolize not found."
-  echo "            You need GNU libtool $want_lt_version or newer installed."
+  echo "  You need GNU libtoolize $want_lt_version or newer installed."
  exit 1
 fi
 old_IFS=$IFS; IFS='.'; set $lt_version; IFS=$old_IFS
@@ -244,28 +245,13 @@ else
  lt_status="good"
 fi
 if test "$lt_status" != "good"; then
-  echo "buildconf: libtool version $lt_version found."
+  echo "buildconf: libtoolize version $lt_version found."
  echo "            You need GNU libtool $want_lt_version or newer installed."
  exit 1
 fi
 echo "buildconf: libtool version $lt_version (ok)"
 #--------------------------------------------------------------------------
 # GNU libtoolize check
 #
 if test -z "$LIBTOOLIZE"; then
  # use (g)libtoolize from same location as (g)libtool
  libtoolize="${libtool}ize"
 else
  libtoolize=`findtool $LIBTOOLIZE`
 fi
 if test ! -f "$libtoolize"; then
  echo "buildconf: libtoolize not found."
  echo "  You need GNU libtoolize $want_lt_version or newer installed."
  exit 1
 fi
 echo "buildconf: libtoolize version $lt_version (ok)"
 #--------------------------------------------------------------------------
 # m4 check
 #
--- a/configure.ac
+++ b/configure.ac
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -31,7 +31,7 @@ XC_OVR_ZZ60
 CURL_OVERRIDE_AUTOCONF
 dnl configure script copyright
-AC_COPYRIGHT([Copyright (c) 1998 - 2013 Daniel Stenberg, <daniel@haxx.se>
+AC_COPYRIGHT([Copyright (c) 1998 - 2014 Daniel Stenberg, <daniel@haxx.se>
 This configure script may be copied, distributed and modified under the
 terms of the curl license; see COPYING for more details])
@@ -150,12 +150,11 @@ dnl initialize all the info variables
    curl_ssl_msg="no      (--with-{ssl,gnutls,nss,polarssl,cyassl,axtls,winssl,darwinssl} )"
    curl_ssh_msg="no      (--with-libssh2)"
   curl_zlib_msg="no      (--with-zlib)"
   curl_krb4_msg="no      (--with-krb4*)"
    curl_gss_msg="no      (--with-gssapi)"
 curl_spnego_msg="no      (--with-spnego)"
 curl_tls_srp_msg="no      (--enable-tls-srp)"
    curl_res_msg="default (--enable-ares / --enable-threaded-resolver)"
   curl_ipv6_msg="no      (--enable-ipv6)"
 curl_unix_sockets_msg="no      (--enable-unix-sockets)"
    curl_idn_msg="no      (--with-{libidn,winidn})"
 curl_manual_msg="no      (--enable-manual)"
 curl_libcurl_msg="enabled (--disable-libcurl-option)"
@@ -576,6 +575,22 @@ AC_HELP_STRING([--disable-imap],[Disable IMAP support]),
 )
 AC_MSG_CHECKING([whether to support smb])
 AC_ARG_ENABLE(smb,
 AC_HELP_STRING([--enable-smb],[Enable SMB/CIFS support])
 AC_HELP_STRING([--disable-smb],[Disable SMB/CIFS support]),
 [ case "$enableval" in
  no)
       AC_MSG_RESULT(no)
       AC_DEFINE(CURL_DISABLE_SMB, 1, [to disable SMB/CIFS])
       AC_SUBST(CURL_DISABLE_SMB, [1])
       ;;
  *)   AC_MSG_RESULT(yes)
       ;;
  esac ],
       AC_MSG_RESULT(yes)
 )
 AC_MSG_CHECKING([whether to support smtp])
 AC_ARG_ENABLE(smtp,
 AC_HELP_STRING([--enable-smtp],[Enable SMTP support])
@@ -1049,10 +1064,10 @@ dnl **********************************************************************
 dnl Checks for IPv6
 dnl **********************************************************************
-AC_MSG_CHECKING([whether to enable ipv6])
+AC_MSG_CHECKING([whether to enable IPv6])
 AC_ARG_ENABLE(ipv6,
-AC_HELP_STRING([--enable-ipv6],[Enable ipv6 (with ipv4) support])
+AC_HELP_STRING([--enable-ipv6],[Enable IPv6 (with IPv4) support])
-AC_HELP_STRING([--disable-ipv6],[Disable ipv6 support]),
+AC_HELP_STRING([--disable-ipv6],[Disable IPv6 support]),
 [ case "$enableval" in
  no)
       AC_MSG_RESULT(no)
@@ -1066,6 +1081,7 @@ AC_HELP_STRING([--disable-ipv6],[Disable ipv6 support]),
  AC_TRY_RUN([ /* is AF_INET6 available? */
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <stdlib.h> /* for exit() */
 main()
 {
 if (socket(AF_INET6, SOCK_STREAM, 0) < 0)
@@ -1134,160 +1150,30 @@ no)
        ;;
 esac
 dnl **********************************************************************
 dnl Check for the presence of Kerberos4 libraries and headers
 dnl **********************************************************************
 AC_ARG_WITH(krb4-includes,
 AC_HELP_STRING([--with-krb4-includes=DIR],
               [Specify location of kerberos4 headers]),[
 CPPFLAGS="$CPPFLAGS -I$withval"
 KRB4INC="$withval"
 want_krb4=yes
 ])
 AC_ARG_WITH(krb4-libs,
 AC_HELP_STRING([--with-krb4-libs=DIR],[Specify location of kerberos4 libs]),[
 LDFLAGS="$LDFLAGS -L$withval"
 KRB4LIB="$withval"
 want_krb4=yes
 ])
 OPT_KRB4=off
 AC_ARG_WITH(krb4,dnl
 AC_HELP_STRING([--with-krb4=DIR],[where to look for Kerberos4]),[
  OPT_KRB4="$withval"
  if test X"$OPT_KRB4" != Xno; then
    want_krb4="yes"
    if test X"$OPT_KRB4" != Xyes; then
      LDFLAGS="$LDFLAGS -L$OPT_KRB4/lib$libsuff"
      KRB4LIB="$OPT_KRB4/lib$libsuff"
      CPPFLAGS="$CPPFLAGS -I$OPT_KRB4/include"
      KRB4INC="$OPT_KRB4/include"
    fi
  fi
 ])
 AC_MSG_CHECKING([if Kerberos4 support is requested])
 if test "$want_krb4" = yes
 then
  if test "$ipv6" = "yes"; then
    echo krb4 is not compatible with IPv6
    exit 1
  fi
  AC_MSG_RESULT(yes)
  dnl Check for & handle argument to --with-krb4
  AC_MSG_CHECKING(where to look for Kerberos4)
  if test X"$OPT_KRB4" = Xyes
  then
    AC_MSG_RESULT([defaults])
  else
    AC_MSG_RESULT([libs in $KRB4LIB, headers in $KRB4INC])
  fi
  dnl Check for DES library
  AC_CHECK_LIB(des, des_pcbc_encrypt,
  [
    AC_CHECK_HEADERS(des.h)
    dnl resolv lib?
    AC_CHECK_FUNC(res_search, , [AC_CHECK_LIB(resolv, res_search)])
    dnl Check for the Kerberos4 library
    AC_CHECK_LIB(krb, krb_net_read,
    [
      dnl Check for header files
      AC_CHECK_HEADERS(krb.h)
      dnl we found the required libraries, add to LIBS
      LIBS="-lkrb -lcom_err -ldes $LIBS"
      dnl Check for function krb_get_our_ip_for_realm
      dnl this is needed for NAT networks
      AC_CHECK_FUNCS(krb_get_our_ip_for_realm)
      dnl add define KRB4
      AC_DEFINE(HAVE_KRB4, 1,
      [if you have the Kerberos4 libraries (including -ldes)])
      dnl substitute it too!
      KRB4_ENABLED=1
      AC_SUBST(KRB4_ENABLED)
      curl_krb4_msg="enabled"
      dnl the krb4 stuff needs a strlcpy()
      AC_CHECK_FUNCS(strlcpy)
    ])
  ])
 else
  AC_MSG_RESULT(no)
 fi
 dnl **********************************************************************
 dnl Check for FBopenssl(SPNEGO) libraries
 dnl **********************************************************************
 AC_ARG_WITH(spnego,
  AC_HELP_STRING([--with-spnego=DIR],
                 [Specify location of SPNEGO library fbopenssl]), [
  SPNEGO_ROOT="$withval"
  if test x"$SPNEGO_ROOT" != xno; then
    want_spnego="yes"
  fi
 ])
 AC_MSG_CHECKING([if SPNEGO support is requested])
 if test x"$want_spnego" = xyes; then
  if test X"$SPNEGO_ROOT" = Xyes; then
     AC_MSG_ERROR([FBOpenSSL libs and/or directories were not found where specified!])
     AC_MSG_RESULT(no)
  else
     if test -z "$SPNEGO_LIB_DIR"; then
        LDFLAGS="$LDFLAGS -L$SPNEGO_ROOT -lfbopenssl"
     else
        LDFLAGS="$LDFLAGS $SPNEGO_LIB_DIR"
     fi
     AC_MSG_RESULT(yes)
     AC_DEFINE(HAVE_SPNEGO, 1,
               [Define this if you have the SPNEGO library fbopenssl])
     curl_spnego_msg="enabled"
  fi
 else
  AC_MSG_RESULT(no)
 fi
 dnl **********************************************************************
 dnl Check for GSS-API libraries
 dnl **********************************************************************
-dnl check for gss stuff in the /usr as default
+dnl check for GSS-API stuff in the /usr as default
 GSSAPI_ROOT="/usr"
 AC_ARG_WITH(gssapi-includes,
  AC_HELP_STRING([--with-gssapi-includes=DIR],
-                 [Specify location of GSSAPI header]),
+                 [Specify location of GSS-API headers]),
  [ GSSAPI_INCS="-I$withval"
    want_gss="yes" ]
 )
 AC_ARG_WITH(gssapi-libs,
  AC_HELP_STRING([--with-gssapi-libs=DIR],
-                 [Specify location of GSSAPI libs]),
+                 [Specify location of GSS-API libs]),
  [ GSSAPI_LIB_DIR="-L$withval"
    want_gss="yes" ]
 )
 AC_ARG_WITH(gssapi,
  AC_HELP_STRING([--with-gssapi=DIR],
-                 [Where to look for GSSAPI]), [
+                 [Where to look for GSS-API]), [
  GSSAPI_ROOT="$withval"
  if test x"$GSSAPI_ROOT" != xno; then
    want_gss="yes"
@@ -1299,12 +1185,14 @@ AC_ARG_WITH(gssapi,
 ])
 save_CPPFLAGS="$CPPFLAGS"
-AC_MSG_CHECKING([if GSSAPI support is requested])
+AC_MSG_CHECKING([if GSS-API support is requested])
 if test x"$want_gss" = xyes; then
  AC_MSG_RESULT(yes)
  if test -z "$GSSAPI_INCS"; then
-     if test -f "$GSSAPI_ROOT/bin/krb5-config"; then
+     if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
        GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi`
     elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
        GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
     elif test "$GSSAPI_ROOT" != "yes"; then
        GSSAPI_INCS="-I$GSSAPI_ROOT/include"
@@ -1316,7 +1204,7 @@ if test x"$want_gss" = xyes; then
  AC_CHECK_HEADER(gss.h,
    [
      dnl found in the given dirs
-      AC_DEFINE(HAVE_GSSGNU, 1, [if you have the GNU gssapi libraries])
+      AC_DEFINE(HAVE_GSSGNU, 1, [if you have GNU GSS])
      gnu_gss=yes
    ],
    [
@@ -1337,19 +1225,19 @@ AC_INCLUDES_DEFAULT
        AC_CHECK_HEADER(gssapi.h,
            [
              dnl found
-              AC_DEFINE(HAVE_GSSHEIMDAL, 1, [if you have the Heimdal gssapi libraries])
+              AC_DEFINE(HAVE_GSSHEIMDAL, 1, [if you have Heimdal])
            ],
            [
              dnl no header found, disabling GSS
              want_gss=no
-              AC_MSG_WARN(disabling GSSAPI since no header files was found)
+              AC_MSG_WARN(disabling GSS-API support since no header files were found)
            ]
          )
      else
        dnl MIT found
-        AC_DEFINE(HAVE_GSSMIT, 1, [if you have the MIT gssapi libraries])
+        AC_DEFINE(HAVE_GSSMIT, 1, [if you have MIT Kerberos])
-        dnl check if we have a really old MIT kerberos (<= 1.2)
+        dnl check if we have a really old MIT Kerberos version (<= 1.2)
-        AC_MSG_CHECKING([if gssapi headers declare GSS_C_NT_HOSTBASED_SERVICE])
+        AC_MSG_CHECKING([if GSS-API headers declare GSS_C_NT_HOSTBASED_SERVICE])
        AC_COMPILE_IFELSE([
          AC_LANG_PROGRAM([[
 #include <gssapi/gssapi.h>
@@ -1367,7 +1255,7 @@ AC_INCLUDES_DEFAULT
        ],[
          AC_MSG_RESULT([no])
          AC_DEFINE(HAVE_OLD_GSSMIT, 1,
-            [if you have an old MIT gssapi library, lacking GSS_C_NT_HOSTBASED_SERVICE])
+            [if you have an old MIT Kerberos version, lacking GSS_C_NT_HOSTBASED_SERVICE])
        ])
      fi
    ]
@@ -1376,9 +1264,9 @@ else
  AC_MSG_RESULT(no)
 fi
 if test x"$want_gss" = xyes; then
-  AC_DEFINE(HAVE_GSSAPI, 1, [if you have the gssapi libraries])
+  AC_DEFINE(HAVE_GSSAPI, 1, [if you have GSS-API libraries])
-
+  HAVE_GSSAPI=1
-  curl_gss_msg="enabled (MIT/Heimdal)"
+  curl_gss_msg="enabled (MIT Kerberos/Heimdal)"
  if test -n "$gnu_gss"; then
    curl_gss_msg="enabled (GNU GSS)"
@@ -1390,22 +1278,45 @@ if test x"$want_gss" = xyes; then
        LIBS="-lgssapi_krb5 -lresolv $LIBS"
        ;;
     *)
-        if test -f "$GSSAPI_ROOT/bin/krb5-config"; then
+        if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
           dnl krb5-config doesn't have --libs-only-L or similar, put everything
           dnl into LIBS
           gss_libs=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --libs gssapi`
           LIBS="$gss_libs $LIBS"
        elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
           dnl krb5-config doesn't have --libs-only-L or similar, put everything
           dnl into LIBS
           gss_libs=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
           LIBS="$gss_libs $LIBS"
        elif test "$GSSAPI_ROOT" != "yes"; then
           LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff"
           LIBS="-lgssapi $LIBS"
        else
-           LIBS="-lgssapi $LIBS"
+           case $host in
           *-hp-hpux*)
              gss_libname="gss"
              ;;
           *)
              gss_libname="gssapi"
              ;;
           esac
           if test "$GSSAPI_ROOT" != "yes"; then
              LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff"
              LIBS="-l$gss_libname $LIBS"
           else
              LIBS="-l$gss_libname $LIBS"
           fi
        fi
        ;;
     esac
  else
     LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
     case $host in
     *-hp-hpux*)
        LIBS="-lgss $LIBS"
        ;;
     *)
        LIBS="-lgssapi $LIBS"
        ;;
     esac
  fi
 else
  CPPFLAGS="$save_CPPFLAGS"
@@ -2079,6 +1990,12 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
    if test "x$USE_CYASSL" = "xyes"; then
      AC_MSG_NOTICE([detected CyaSSL])
      dnl cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined!
      AC_CHECK_SIZEOF(long long)
      dnl Versions since at least 2.9.4 renamed error.h to error-ssl.h
      AC_CHECK_HEADERS(cyassl/error-ssl.h)
      LIBS="-lcyassl -lm $LIBS"
      if test -n "$cyassllib"; then
@@ -2163,8 +2080,8 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
         CPPFLAGS="$CPPFLAGS $addcflags"
      fi
-      dnl The function PK11_CreateGenericObject is needed to load libnsspem.so
+      dnl The function SSL_VersionRangeSet() is needed to enable TLS > 1.0
-      AC_CHECK_LIB(nss3, PK11_CreateGenericObject,
+      AC_CHECK_LIB(nss3, SSL_VersionRangeSet,
       [
       AC_DEFINE(USE_NSS, 1, [if NSS is enabled])
       AC_SUBST(USE_NSS, [1])
@@ -2180,13 +2097,9 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
      if test "x$USE_NSS" = "xyes"; then
        AC_MSG_NOTICE([detected NSS version $version])
-        dnl NSS_InitContext() was introduced in NSS 3.12.5 and helps to prevent
+        dnl needed when linking the curl tool without USE_EXPLICIT_LIB_DEPS
-        dnl collisions on NSS initialization/shutdown with other libraries
+        NSS_LIBS=$addlib
-        AC_CHECK_FUNC(NSS_InitContext,
+        AC_SUBST([NSS_LIBS])
        [
          AC_DEFINE(HAVE_NSS_INITCONTEXT, 1, [if you have the NSS_InitContext function])
          AC_SUBST(HAVE_NSS_INITCONTEXT, [1])
        ])
        dnl when shared libs were found in a path that the run-time
        dnl linker doesn't search through, we need to add it to
@@ -2248,10 +2161,11 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
      USE_AXTLS="yes"
      curl_ssl_msg="enabled (axTLS)"
-
+      if test "x$cross_compiling" != "xyes"; then
        LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$LIB_AXTLS"
        export LD_LIBRARY_PATH
        AC_MSG_NOTICE([Added $LIB_AXTLS to LD_LIBRARY_PATH])
      fi
      ],[
      LDFLAGS="$CLEANLDFLAGS"
      CPPFLAGS="$CLEANCPPFLAGS"
@@ -2435,12 +2349,6 @@ if test X"$OPT_LIBSSH2" != Xno; then
       dnl linker doesn't search through, we need to add it to LD_LIBRARY_PATH
       dnl to prevent further configure tests to fail due to this
       dnl libssh2_version is a post 1.0 addition
       dnl libssh2_init and libssh2_exit were added in 1.2.5
       dnl libssh2_scp_send64 was added in 1.2.6
       dnl libssh2_session_handshake was added in 1.2.8
       AC_CHECK_FUNCS( libssh2_version libssh2_init libssh2_exit \
                       libssh2_scp_send64 libssh2_session_handshake)
       if test "x$cross_compiling" != "xyes"; then
         LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$DIR_SSH2"
         export LD_LIBRARY_PATH
@@ -2553,19 +2461,19 @@ AC_HELP_STRING([--disable-versioned-symbols], [Disable versioned symbols in shar
        AC_MSG_RESULT(yes)
        if test "x$OPENSSL_ENABLED" = "x1"; then
          versioned_symbols_flavour="OPENSSL_"
-        elif test "x$GNUTLS_ENABLED" == "x1"; then
+        elif test "x$GNUTLS_ENABLED" = "x1"; then
          versioned_symbols_flavour="GNUTLS_"
-        elif test "x$NSS_ENABLED" == "x1"; then
+        elif test "x$NSS_ENABLED" = "x1"; then
          versioned_symbols_flavour="NSS_"
-        elif test "x$POLARSSL_ENABLED" == "x1"; then
+        elif test "x$POLARSSL_ENABLED" = "x1"; then
          versioned_symbols_flavour="POLARSSL_"
-        elif test "x$CYASSL_ENABLED" == "x1"; then
+        elif test "x$CYASSL_ENABLED" = "x1"; then
          versioned_symbols_flavour="CYASSL_"
-        elif test "x$AXTLS_ENABLED" == "x1"; then
+        elif test "x$AXTLS_ENABLED" = "x1"; then
          versioned_symbols_flavour="AXTLS_"
-        elif test "x$WINSSL_ENABLED" == "x1"; then
+        elif test "x$WINSSL_ENABLED" = "x1"; then
          versioned_symbols_flavour="WINSSL_"
-        elif test "x$DARWINSSL_ENABLED" == "x1"; then
+        elif test "x$DARWINSSL_ENABLED" = "x1"; then
          versioned_symbols_flavour="DARWINSSL_"
        else
          versioned_symbols_flavour=""
@@ -2783,7 +2691,7 @@ if test "$want_idn" = "yes"; then
    if test "x$ac_cv_header_tld_h" = "xyes"; then
      AC_SUBST([IDN_ENABLED], [1])
      curl_idn_msg="enabled"
-      if test -n "$IDN_DIR"; then
+      if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
        LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
        export LD_LIBRARY_PATH
        AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
@@ -2808,6 +2716,84 @@ dnl http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/aixprggd/ \
 dnl genprogc/thread_quick_ref.htm
 dnl **********************************************************************
 dnl Check for nghttp2
 dnl **********************************************************************
 OPT_H2="yes"
 AC_ARG_WITH(nghttp2,
 AC_HELP_STRING([--with-nghttp2=PATH],[Enable nghttp2 usage])
 AC_HELP_STRING([--without-nghttp2],[Disable nghttp2 usage]),
  [OPT_H2=$withval])
 case "$OPT_H2" in
  no)
    dnl --without-nghttp2 option used
    want_h2="no"
    ;;
  yes)
    dnl --with-nghttp2 option used without path
    want_h2="default"
    want_h2_path=""
    ;;
  *)
    dnl --with-nghttp2 option used with path
    want_h2="yes"
    want_h2_path="$withval/lib/pkgconfig"
    ;;
 esac
 curl_h2_msg="disabled (--with-nghttp2)"
 if test X"$want_h2" != Xno; then
  dnl backup the pre-nghttp2 variables
  CLEANLDFLAGS="$LDFLAGS"
  CLEANCPPFLAGS="$CPPFLAGS"
  CLEANLIBS="$LIBS"
  CURL_CHECK_PKGCONFIG(libnghttp2, $want_h2_path)
  if test "$PKGCONFIG" != "no" ; then
    LIB_H2=`CURL_EXPORT_PCDIR([$want_h2_path])
      $PKGCONFIG --libs-only-l libnghttp2`
    AC_MSG_NOTICE([-l is $LIB_H2])
    CPP_H2=`CURL_EXPORT_PCDIR([$want_h2_path]) dnl
      $PKGCONFIG --cflags-only-I libnghttp2`
    AC_MSG_NOTICE([-I is $CPP_H2])
    LD_H2=`CURL_EXPORT_PCDIR([$want_h2_path])
      $PKGCONFIG --libs-only-L libnghttp2`
    AC_MSG_NOTICE([-L is $LD_H2])
    LDFLAGS="$LDFLAGS $LD_H2"
    CPPFLAGS="$CPPFLAGS $CPP_H2"
    LIBS="$LIB_H2 $LIBS"
    AC_CHECK_LIB(nghttp2, nghttp2_session_callbacks_set_send_callback,
      [
       AC_CHECK_HEADERS(nghttp2/nghttp2.h,
          curl_h2_msg="enabled (nghttp2)"
          NGHTTP2_ENABLED=1
          AC_DEFINE(USE_NGHTTP2, 1, [if nghttp2 is in use])
          AC_SUBST(USE_NGHTTP2, [1])
       )
      ],
        dnl not found, revert back to clean variables
        LDFLAGS=$CLEANLDFLAGS
        CPPFLAGS=$CLEANCPPFLAGS
        LIBS=$CLEANLIBS
    )
  else
    dnl no nghttp2 pkg-config found, deal with it
    if test X"$want_h2" != Xdefault; then
      dnl To avoid link errors, we do not allow --with-nghttp2 without
      dnl a pkgconfig file
      AC_MSG_ERROR([--with-nghttp2 was specified but could not find libnghttp2 pkg-config file.])
    fi
  fi
 fi
 dnl **********************************************************************
 dnl Back to "normal" configuring
 dnl **********************************************************************
@@ -3035,8 +3021,10 @@ AC_CHECK_FUNCS([fork \
  getppid \
  getprotobyname \
  getpwuid \
  getpwuid_r \
  getrlimit \
  gettimeofday \
  if_nametoindex \
  inet_addr \
  perror \
  pipe \
@@ -3247,6 +3235,7 @@ AC_HELP_STRING([--disable-crypto-auth],[Disable cryptographic authentication]),
  no)
       AC_MSG_RESULT(no)
       AC_DEFINE(CURL_DISABLE_CRYPTO_AUTH, 1, [to disable cryptographic authentication])
       CURL_DISABLE_CRYPTO_AUTH=1
       ;;
  *)   AC_MSG_RESULT(yes)
       ;;
@@ -3285,6 +3274,39 @@ if test "$want_tls_srp" = "yes" && ( test "x$HAVE_GNUTLS_SRP" = "x1" || test "x$
   curl_tls_srp_msg="enabled"
 fi
 dnl ************************************************************
 dnl disable Unix domain sockets support
 dnl
 AC_MSG_CHECKING([whether to enable Unix domain sockets])
 AC_ARG_ENABLE(unix-sockets,
 AC_HELP_STRING([--enable-unix-sockets],[Enable Unix domain sockets])
 AC_HELP_STRING([--disable-unix-sockets],[Disable Unix domain sockets]),
 [ case "$enableval" in
  no)  AC_MSG_RESULT(no)
       want_unix_sockets=no
       ;;
  *)   AC_MSG_RESULT(yes)
       want_unix_sockets=yes
       ;;
  esac ], [
       AC_MSG_RESULT(auto)
       want_unix_sockets=auto
       ]
 )
 if test "x$want_unix_sockets" != "xno"; then
  AC_CHECK_MEMBER([struct sockaddr_un.sun_path], [
    AC_DEFINE(USE_UNIX_SOCKETS, 1, [Use Unix domain sockets])
    AC_SUBST(USE_UNIX_SOCKETS, [1])
    curl_unix_sockets_msg="enabled"
  ], [
    if test "x$want_unix_sockets" = "xyes"; then
      AC_MSG_ERROR([--enable-unix-sockets is not available on this platform!])
    fi
  ], [
    #include <sys/un.h>
  ])
 fi
 dnl ************************************************************
 dnl disable cookies support
 dnl
@@ -3365,12 +3387,12 @@ if test "x$USE_SSLEAY" = "x1"; then
 elif test -n "$SSL_ENABLED"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES SSL"
 fi
 if test "@KRB4_ENABLED@" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES KRB4"
 fi
 if test "x$IPV6_ENABLED" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES IPv6"
 fi
 if test "x$USE_UNIX_SOCKETS" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES UnixSockets"
 fi
 if test "x$HAVE_LIBZ" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES libz"
 fi
@@ -3383,20 +3405,42 @@ fi
 if test "x$USE_WINDOWS_SSPI" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES SSPI"
 fi
-if test "x$CURL_DISABLE_HTTP" != "x1"; then
+
 if test "x$HAVE_GSSAPI" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES GSS-API"
 fi
 if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" -a \
    \( "x$HAVE_GSSAPI" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \); then
  SUPPORT_FEATURES="$SUPPORT_FEATURES SPNEGO"
 fi
 if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" -a \
    \( "x$HAVE_GSSAPI" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \); then
  SUPPORT_FEATURES="$SUPPORT_FEATURES Kerberos"
 fi
 if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1"; then
  if test "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
      -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \
      -o "x$DARWINSSL_ENABLED" = "x1"; then
    SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
-    if test "x$NTLM_WB_ENABLED" = "x1"; then
+
    if test "x$CURL_DISABLE_HTTP" != "x1" -a \
        "x$NTLM_WB_ENABLED" = "x1"; then
      SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM_WB"
    fi
  fi
 fi
 if test "x$USE_TLS_SRP" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES TLS-SRP"
 fi
 if test "x$USE_NGHTTP2" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES HTTP2"
 fi
 AC_SUBST(SUPPORT_FEATURES)
 dnl For supported protocols in pkg-config file
@@ -3448,6 +3492,16 @@ if test "x$CURL_DISABLE_IMAP" != "x1"; then
    SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS IMAPS"
  fi
 fi
 if test "x$CURL_DISABLE_SMB" != "x1" \
    -a "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" \
    -a \( "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
      -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \
      -o "x$DARWINSSL_ENABLED" = "x1" \); then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMB"
  if test "x$SSL_ENABLED" = "x1"; then
    SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMBS"
  fi
 fi
 if test "x$CURL_DISABLE_SMTP" != "x1"; then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMTP"
  if test "x$SSL_ENABLED" = "x1"; then
@@ -3498,6 +3552,7 @@ AC_CONFIG_FILES([Makefile \
           docs/Makefile \
           docs/examples/Makefile \
           docs/libcurl/Makefile \
           docs/libcurl/opts/Makefile \
           include/Makefile \
           include/curl/Makefile \
           src/Makefile \
@@ -3542,12 +3597,11 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
  SSL support:      ${curl_ssl_msg}
  SSH support:      ${curl_ssh_msg}
  zlib support:     ${curl_zlib_msg}
-  krb4 support:     ${curl_krb4_msg}
+  GSS-API support:  ${curl_gss_msg}
  GSSAPI support:   ${curl_gss_msg}
  SPNEGO support:   ${curl_spnego_msg}
  TLS-SRP support:  ${curl_tls_srp_msg}
  resolver:         ${curl_res_msg}
-  ipv6 support:     ${curl_ipv6_msg}
+  IPv6 support:     ${curl_ipv6_msg}
  Unix sockets support: ${curl_unix_sockets_msg}
  IDN support:      ${curl_idn_msg}
  Build libcurl:    Shared=${enable_shared}, Static=${enable_static}
  Built-in manual:  ${curl_manual_msg}
@@ -3561,6 +3615,7 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
  RTSP support:     ${curl_rtsp_msg}
  RTMP support:     ${curl_rtmp_msg}
  metalink support: ${curl_mtlnk_msg}
  HTTP2 support:    ${curl_h2_msg}
  Protocols:        ${SUPPORT_PROTOCOLS}
 ])
--- a/contributors.sh
+++ b/contributors.sh
@@ -0,0 +1,87 @@
 #!/bin/sh
 #***************************************************************************
 #                                  _   _ ____  _
 #  Project                     ___| | | |  _ \| |
 #                             / __| | | | |_) | |
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
 # Copyright (C) 2013-2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
 # are also available at http://curl.haxx.se/docs/copyright.html.
 #
 # You may opt to use, copy, modify, merge, publish, distribute and/or sell
 # copies of the Software, and permit persons to whom the Software is
 # furnished to do so, under the terms of the COPYING file.
 #
 # This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 # KIND, either express or implied.
 #
 ###########################################################################
 #
 # This script shows all mentioned contributors from <hash> until HEAD. To aid
 # when writing RELEASE-NOTES and THANKS.
 #
 # Use --releasenotes to also include the names from the existing RELEASE-NOTES
 # file, which is handy when we've added names manually in there that should be
 # included in an updated list.
 #
 start=$1
 if test -z "$start"; then
  echo "Usage: $0 <since this tag/hash>"
 fi
 # filter out Author:, Commit: and *by: lines
 # cut off the email parts
 # split list of names at comma
 # split list of names at " and "
 # cut off spaces first and last on the line
 # filter alternatives through THANKS-filter
 # only count names with a space (ie more than one word)
 # sort all unique names
 # awk them into RELEASE-NOTES format
 (
 git log $start..HEAD | \
 egrep -i '(Author|Commit|by):' | \
 cut -d: -f2- | \
 cut '-d<' -f1 | \
 tr , '\012' | \
 sed 's/ and /\n/' | \
 sed -e 's/^ //' -e 's/ $//g'
 if echo "$*" | grep -qw -- '--releasenotes';then
    # if --releasenotes was used
    # grep out the list of names from RELEASE-NOTES
    # split on ", "
    # remove leading white spaces
 grep "^  [^ ]" RELEASE-NOTES| \
 sed 's/, */\n/g'| \
 sed 's/^ *//'
 fi
 )| \
 sed -f ./docs/THANKS-filter | \
 grep ' ' | \
 sort -fu | \
 awk '{
 num++;
 n = sprintf("%s%s%s,", n, length(n)?" ":"", $0);
 #print n;
 if(length(n) > 78) {
   printf("  %s\n", p);
   n=sprintf("%s,", $0);
 }
 p=n;
 }
 END {
   printf("  %s\n", p);
   printf("  (%d contributors)\n", num);
 }
 '
--- a/docs/BINDINGS
+++ b/docs/BINDINGS
@@ -128,6 +128,11 @@ Mono
  libcurl-net by Jeffrey Phillips
  http://sourceforge.net/projects/libcurl-net/
 node.js
  node-libcurl by Jonathan Cardoso Machado
  https://github.com/JCMais/node-libcurl
 Object-Pascal
  Free Pascal, Delphi and Kylix binding written by Christophe Espern.
--- a/docs/CONTRIBUTE
+++ b/docs/CONTRIBUTE
@@ -278,6 +278,10 @@
      [full description, no wider than 72 columns that describe as much as
      possible as to why this change is made, and possibly what things
      it fixes and everything else that is related]
      [Bug: link to source of the report or more related discussion]
      [Reported-by: John Doe - credit the reporter]
      [whatever-else-by: credit all helpers, finders, doers]
      ---- stop ----
 Don't forget to use commit --author="" if you commit someone else's work,
--- a/docs/DISTRO-DILEMMA
+++ b/docs/DISTRO-DILEMMA
@@ -59,7 +59,7 @@ GnuTLS
 OpenSSL does. Now, you can build and distribute an TLS/SSL capable libcurl
 without including any Original BSD licensed code.
- I believe Debian is the first (only?) distro that provides libcurl/GnutTLS
+ I believe Debian is the first (only?) distro that provides libcurl/GnuTLS
 packages.
 yassl
@@ -72,20 +72,20 @@ GnuTLS vs OpenSSL vs yassl
 While these three libraries offer similar features, they are not equal.
 libcurl does not (yet) offer a standardized stable ABI if you decide to
- switch from using libcurl-openssl to libcurl-gnutls or vice versa. The GnuTLS
+ switch from using libcurl-openssl to libcurl-gnutls or vice-versa. The GnuTLS
 and yassl support is very recent in libcurl and it has not been tested nor
 used very extensively, while the OpenSSL equivalent code has been used and
 thus matured since 1999.
 GnuTLS
-   - LGPL licensened
+   - LGPL licensed
   - supports SRP
   - lacks SSLv2 support
   - lacks MD2 support (used by at least some CA certs)
   - lacks the crypto functions libcurl uses for NTLM
 OpenSSL
-   - Original BSD licensened
+   - Original BSD licensed
   - lacks SRP
   - supports SSLv2
   - older and more widely used
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -80,6 +80,7 @@ FAQ
  4.17 Non-functional connect timeouts on Windows
  4.18 file:// URLs containing drive letters (Windows, NetWare)
  4.19 Why doesn't cURL return an error when the network cable is unplugged?
  4.20 curl doesn't return error for HTTP non-200 responses!
 5. libcurl Issues
  5.1 Is libcurl thread-safe?
@@ -99,6 +100,7 @@ FAQ
  5.15 How do I get an FTP directory listing?
  5.16 I want a different time-out!
  5.17 Can I write a server with libcurl?
  5.18 Does libcurl use threads?
 6. License Issues
  6.1 I have a GPL program, can I use the libcurl library?
@@ -132,14 +134,14 @@ FAQ
    A free and easy-to-use client-side URL transfer library, supporting DICT,
    FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3,
-    POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
+    POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP.
    libcurl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading,
-    kerberos, HTTP form based upload, proxies, cookies, user+password
+    Kerberos, SPNEGO, HTTP form based upload, proxies, cookies, user+password
    authentication, file transfer resume, http proxy tunneling and more!
    libcurl is highly portable, it builds and works identically on numerous
-    platforms, including Solaris, NetBSD, FreeBSD, OpenBSD, Darwin, HPUX,
+    platforms, including Solaris, NetBSD, FreeBSD, OpenBSD, Darwin, HP-UX,
    IRIX, AIX, Tru64, Linux, UnixWare, HURD, Windows, Amiga, OS/2, BeOS, Mac
    OS X, Ultrix, QNX, OpenVMS, RISC OS, Novell NetWare, DOS, Symbian, OSF,
    Android, Minix, IBM TPF and more...
@@ -154,7 +156,10 @@ FAQ
    Since curl uses libcurl, curl supports the same wide range of common
    Internet protocols that libcurl does.
-  We pronounce curl and cURL with an initial k sound: [kurl].
+  We pronounce curl with an initial k sound. It rhymes with words like girl
  and earl. This is a short WAV file to help you:
     http://media.merriam-webster.com/soundc11/c/curl0001.wav
  There are numerous sub-projects and related projects that also use the word
  curl in the project names in various combinations, but you should take
@@ -202,27 +207,25 @@ FAQ
  better. We do however believe in a few rules when it comes to the future of
  curl:
-  * Curl -- the command line tool -- is to remain a non-graphical command line
+  Curl -- the command line tool -- is to remain a non-graphical command line
-    tool. If you want GUIs or fancy scripting capabilities, you should look
+  tool. If you want GUIs or fancy scripting capabilities, you should look for
-    for another tool that uses libcurl.
+  another tool that uses libcurl.
-  * We do not add things to curl that other small and available tools already
+  We do not add things to curl that other small and available tools already do
-    do very fine at the side. Curl's output is fine to pipe into another
+  very fine at the side. Curl's output is fine to pipe into another program or
-    program or redirect to another file for the next program to interpret.
+  redirect to another file for the next program to interpret.
-  * We focus on protocol related issues and improvements. If you wanna do more
+  We focus on protocol related issues and improvements. If you wanna do more
-    magic with the supported protocols than curl currently does, chances are
+  magic with the supported protocols than curl currently does, chances are big
-    big we will agree. If you wanna add more protocols, we may very well
+  we will agree. If you wanna add more protocols, we may very well agree.
    agree.
-  * If you want someone else to make all the work while you wait for us to
+  If you want someone else to make all the work while you wait for us to
  implement it for you, that is not a very friendly attitude. We spend a
  considerable time already on maintaining and developing curl. In order to
  get more out of us, you should consider trading in some of your time and
  efforts in return.
-  * If you write the code, chances are bigger that it will get into curl
+  If you write the code, chances are bigger that it will get into curl faster.
    faster.
  1.5 Who makes curl?
@@ -239,10 +242,10 @@ FAQ
  1.6 What do you get for making curl?
  Project cURL is entirely free and open. No person gets paid for developing
-  (lib)curl on full or even part time. We do this voluntarily on our spare
+  curl on full time. We do this voluntarily, mostly on spare time.
-  time. Occasionally companies pay individual developers to work on curl, but
+  Occasionally companies pay individual developers to work on curl, but that's
-  that's up to each company and developer. It is not controlled by nor
+  up to each company and developer. It is not controlled by nor supervised in
-  supervised in any way by the project.
+  any way by the project.
  We still get help from companies. Haxx provides web site, bandwidth, mailing
  lists etc, sourceforge.net hosts project services we take advantage from,
@@ -263,7 +266,7 @@ FAQ
  Our project name curl has been in effective use since 1998. We were not the
  first computer related project to use the name "curl" and do not claim any
-  first-hand rights to the name.
+  rights to the name.
  We recognize that we will be living in parallel with curl.com and wish them
  every success.
@@ -424,7 +427,7 @@ FAQ
  curl can be built to use one of the following SSL alternatives: OpenSSL,
  GnuTLS, yassl, NSS, PolarSSL, axTLS, Secure Transport (native iOS/OS X),
-  schannel (native Windows) or qssl (native IBM i). They all have their pros
+  WinSSL (native Windows) or GSKit (native IBM i). They all have their pros
  and cons, and we try to maintain a comparison of them here:
  http://curl.haxx.se/docs/ssl-compared.html
@@ -620,15 +623,15 @@ FAQ
  Some workarounds usually suggested to overcome this Javascript dependency:
-  - Depending on the Javascript complexity, write up a script that
+  Depending on the Javascript complexity, write up a script that translates it
-    translates it to another language and execute that.
+  to another language and execute that.
-  - Read the Javascript code and rewrite the same logic in another language.
+  Read the Javascript code and rewrite the same logic in another language.
-  - Implement a Javascript interpreter, people have successfully used the
+  Implement a Javascript interpreter, people have successfully used the
  Mozilla Javascript engine in the past.
-  - Ask your admins to stop this, for a static proxy setup or similar.
+  Ask your admins to stop this, for a static proxy setup or similar.
  3.15 Can I do recursive fetches with curl?
@@ -644,23 +647,27 @@ FAQ
  There are three different kinds of "certificates" to keep track of when we
  talk about using SSL-based protocols (HTTPS or FTPS) using curl or libcurl.
-  - Client certificate. The server you communicate may require that you can
+  CLIENT CERTIFICATE
-    provide this in order to prove that you actually are who you claim to be.
+
-    If the server doesn't require this, you don't need a client certificate.
+  The server you communicate may require that you can provide this in order to
  prove that you actually are who you claim to be.  If the server doesn't
  require this, you don't need a client certificate.
  A client certificate is always used together with a private key, and the
  private key has a pass phrase that protects it.
-  - Server certificate. The server you communicate with has a server
+  SERVER CERTIFICATE
    certificate. You can and should verify this certificate to make sure that
    you are truly talking to the real server and not a server impersonating
    it.
-  - Certificate Authority certificate ("CA cert"). You often have several CA
+  The server you communicate with has a server certificate. You can and should
-    certs in a CA cert bundle that can be used to verify a server certificate
+  verify this certificate to make sure that you are truly talking to the real
-    that was signed by one of the authorities in the bundle. curl does not
+  server and not a server impersonating it.
-    come with a CA cert bundle but most curl installs provide one. You can
+
-    also override the default.
+  CERTIFICATE AUTHORITY CERTIFICATE ("CA cert")
  You often have several CA certs in a CA cert bundle that can be used to
  verify a server certificate that was signed by one of the authorities in the
  bundle. curl does not come with a CA cert bundle but most curl installs
  provide one. You can also override the default.
  The server certificate verification process is made by using a Certificate
  Authority certificate ("CA cert") that was used to sign the server
@@ -669,9 +676,9 @@ FAQ
  4.12 and the SSLCERTS document
  (http://curl.haxx.se/docs/sslcerts.html). Server certificates that are
  "self-signed" or otherwise signed by a CA that you do not have a CA cert
-    for, cannot be verified. If the verification during a connect fails, you
+  for, cannot be verified. If the verification during a connect fails, you are
-    are refused access. You then need to explicitly disable the verification
+  refused access. You then need to explicitly disable the verification to
-    to connect to the server.
+  connect to the server.
  3.17 How do I list the root dir of an FTP server?
@@ -794,12 +801,13 @@ FAQ
     curl 'http://www.altavista.com/cgi-bin/query?text=yes&q=curl'
-  In Windows, the standard DOS shell treats the %-symbol specially and you
+  In Windows, the standard DOS shell treats the percent sign specially and you
-  need to use TWO %-symbols for each single one you want to use in the URL.
+  need to use TWO percent signs for each single one you want to use in the
  URL.
-  Also note that if you want the literal %-symbol to be part of the data you
+  If you want a literal percent sign to be part of the data you pass in a POST
-  pass in a POST using -d/--data you must encode it as '%25' (which then also
+  using -d/--data you must encode it as '%25' (which then also needs the
-  needs the %-symbol doubled on Windows machines).
+  percent sign doubled on Windows machines).
  4.3 How can I use {, }, [ or ] to specify multiple URLs?
@@ -968,13 +976,13 @@ FAQ
  4.14 Redirects work in browser but not with curl!
  curl supports HTTP redirects fine (see item 3.8). Browsers generally support
-  at least two other ways to perform directs that curl does not:
+  at least two other ways to perform redirects that curl does not:
-  - Meta tags. You can write a HTML tag that will cause the browser to
+  Meta tags. You can write a HTML tag that will cause the browser to redirect
-    redirect to another given URL after a certain time.
+  to another given URL after a certain time.
-  - Javascript. You can write a Javascript program embedded in a HTML page
+  Javascript. You can write a Javascript program embedded in a HTML page that
-    that redirects the browser to another given URL.
+  redirects the browser to another given URL.
  There is no way to make curl follow these redirects. You must either
  manually figure out what the page is set to do, or you write a script that
@@ -1083,6 +1091,30 @@ FAQ
  by having the application monitor the network connection on its own using an
  OS-specific mechanism, then signalling libcurl to abort (see also item 5.13).
  4.20 curl doesn't return error for HTTP non-200 responses!
  Correct. Unless you use -f (--fail).
  When doing HTTP transfers, curl will perform exactly what you're asking it
  to do and if successful it will not return an error. You can use curl to
  test your web server's "file not found" page (that gets 404 back), you can
  use it to check your authentication protected web pages (that get a 401
  back) and so on.
  The specific HTTP response code does not constitute a problem or error for
  curl. It simply sends and delivers HTTP as you asked and if that worked,
  everything is fine and dandy. The response code is generally providing more
  higher level error information that curl doesn't care about. The error was
  not in the HTTP transfer.
  If you want your command line to treat error codes in the 400 and up range
  as errors and thus return a non-zero value and possibly show an error
  message, curl has a dedicated option for that: -f (CURLOPT_FAILONERROR in
  libcurl speak).
  You can also use the -w option and the variable %{response_code} to extract
  the exact response code that was return in the response.
 5. libcurl Issues
@@ -1095,6 +1127,12 @@ FAQ
  your system has such.  Note that you must never share the same handle in
  multiple threads.
  libcurl's implementation of timeouts might use signals (depending on what it
  was built to use for name resolving), and signal handling is generally not
  thread-safe.  Multi-threaded Applicationss that call libcurl from different
  threads (on different handles) might want to use CURLOPT_NOSIGNAL, e.g.:
    curl_easy_setopt(handle, CURLOPT_NOSIGNAL, true);
  If you use a OpenSSL-powered libcurl in a multi-threaded environment, you
  need to provide one or two locking functions:
@@ -1236,7 +1274,7 @@ FAQ
  you want to change name resolver function you must rebuild libcurl and tell
  it to use a different function.
-  - The non-ipv6 resolver that can use one out of four host name resolve calls
+  - The non-IPv6 resolver that can use one out of four host name resolve calls
    (depending on what your system supports):
      A - gethostbyname()
@@ -1244,15 +1282,15 @@ FAQ
      C - gethostbyname_r() with 5 arguments
      D - gethostbyname_r() with 6 arguments
-  - The ipv6-resolver that uses getaddrinfo()
+  - The IPv6-resolver that uses getaddrinfo()
  - The c-ares based name resolver that uses the c-ares library for resolves.
    Using this offers asynchronous name resolves.
  - The threaded resolver (default option on Windows). It uses:
-      A - gethostbyname() on plain ipv4 hosts
+      A - gethostbyname() on plain IPv4 hosts
-      B - getaddrinfo() on ipv6-enabled hosts
+      B - getaddrinfo() on IPv6 enabled hosts
  Also note that libcurl never resolves or reverse-lookups addresses given as
  pure numbers, such as 127.0.0.1 or ::1.
@@ -1270,17 +1308,18 @@ FAQ
  5.12 Can I make libcurl fake or hide my real IP address?
-  No. libcurl operates on a higher level than so. Besides, faking IP address
+  No. libcurl operates on a higher level. Besides, faking IP address would
-  would imply sending IP packages with a made-up source address, and then you
+  imply sending IP packet with a made-up source address, and then you normally
-  normally get a problem with intercepting the packages sent back as they
+  get a problem with receiving the packet sent back as they would then not be
-  would then not be routed to you!
+  routed to you!
  If you use a proxy to access remote sites, the sites will not see your local
  IP address but instead the address of the proxy.
  Also note that on many networks NATs or other IP-munging techniques are used
  that makes you see and use a different IP address locally than what the
-  remote server will see you coming from.
+  remote server will see you coming from. You may also consider using
  http://www.torproject.org .
  5.13 How do I stop an ongoing transfer?
@@ -1361,6 +1400,19 @@ FAQ
  server for. And there are really good stand-alone ones that have been tested
  and proven for many years. There's no need for you to reinvent them!
  5.18 Does libcurl use threads?
  Put simply: no, libcurl will execute in the same thread you call it in. All
  callbacks will be called in the same thread as the one you call libcurl in.
  If you want to avoid your thread to be blocked by the libcurl call, you make
  sure you use the non-blocking API which will do transfers asynchronously -
  but still in the same single thread.
  libcurl will potentially internally use threads for name resolving, if it
  was built to work like that, but in those cases it'll create the child
  threads by itself and they will only be used and then killed internally by
  libcurl and never exposed to the outside.
 6. License Issues
--- a/docs/FEATURES
+++ b/docs/FEATURES
@@ -28,7 +28,7 @@ libcurl
 - selectable network interface for outgoing traffic
 - IPv6 support on unix and Windows
 - persistent connections
- - socks5 support
+ - socks 4 + 5 support, with or without local name resolving
 - supports user name and password in proxy environment variables
 - operations through proxy "tunnel" (using CONNECT)
 - support for large files (>2GB and >4GB) during upload and download
@@ -45,8 +45,8 @@ HTTP
 - POST
 - Pipelining
 - multipart formpost (RFC1867-style)
- - authentication: Basic, Digest, NTLM (*9), GSS-Negotiate/Negotiate (*3) and
+ - authentication: Basic, Digest, NTLM (*9) and Negotiate (SPNEGO) (*3)
-   SPNEGO (*4) to server and proxy
+   to server and proxy
 - resume (both GET and PUT)
 - follow redirects
 - maximum amount of redirects to follow
@@ -55,7 +55,7 @@ HTTP
 - reads/writes the netscape cookie file format
 - custom headers (replace/remove internally generated headers)
 - custom user-agent string
- - custom referer string
+ - custom referrer string
 - range
 - proxy authentication
 - time conditions
@@ -64,6 +64,7 @@ HTTP
 - Content-Encoding support for deflate and gzip
 - "Transfer-Encoding: chunked" support in uploads
 - data compression (*12)
 - HTTP/2 (*5)
 HTTPS (*1)
 - (all the HTTP features)
@@ -76,8 +77,7 @@ HTTPS (*1)
 FTP
 - download
 - authentication
- - kerberos4 (*5)
+ - Kerberos 5 (*14)
 - kerberos5 (*3)
 - active/passive using PORT, EPRT, PASV or EPSV
 - single file size information (compare to HTTP HEAD)
 - 'type=' URL support
@@ -127,8 +127,15 @@ FILE
 - upload
 - resume
 SMB
 - SMBv1 over TCP and SSL
 - download
 - upload
 - authentication with NTLMv1
 SMTP
- - authentication: Plain, Login, CRAM-MD5, Digest-MD5 and NTLM (*9)
+ - authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9) and Kerberos 5
   (*4)
 - send e-mails
 - mail from support
 - mail size support
@@ -143,8 +150,8 @@ SMTPS (*1)
 POP3
 - authentication: Clear Text, APOP and SASL
- - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5 and
+ - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9) and
-   NTLM (*9)
+   Kerberos 5 (*4)
 - list e-mails
 - retrieve e-mails
 - enhanced command support for: CAPA, DELE, TOP, STAT, UIDL and NOOP via
@@ -158,11 +165,11 @@ POP3S (*1)
 IMAP
 - authentication: Clear Text and SASL
- - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5 and
+ - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9) and
-   NTLM (*9)
+   Kerberos 5 (*4)
 - list the folders of a mailbox
- - select a mailbox with support for verifing the UIDVALIDITY
+ - select a mailbox with support for verifying the UIDVALIDITY
- - fetch e-mails with support for specifing the UID and SECTION
+ - fetch e-mails with support for specifying the UID and SECTION
 - upload e-mails via the append command
 - enhanced command support for: EXAMINE, CREATE, DELETE, RENAME, STATUS,
   STORE, COPY and UID via custom requests
@@ -176,14 +183,16 @@ IMAPS (*1)
 FOOTNOTES
 =========
-  *1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL, schannel (native
+  *1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL, WinSSL (native
-       Windows), Secure Transport (native iOS/OS X) or qssl (native IBM i)
+       Windows), Secure Transport (native iOS/OS X) or GSKit (native IBM i)
  *2 = requires OpenLDAP
-  *3 = requires a GSSAPI-compliant library, such as Heimdal or similar
+  *3 = requires a GSS-API implementation (such as Heimdal or MIT Kerberos) or
-  *4 = requires FBopenssl
+       SSPI (native Windows)
-  *5 = requires a krb4 library, such as the MIT one or similar
+  *4 = requires a GSS-API implementation, however, only Windows SSPI is
       currently supported
  *5 = requires nghttp2 and possibly a recent TLS library
  *6 = requires c-ares
-  *7 = requires OpenSSL, NSS, qssl, schannel or Secure Transport; GnuTLS, for
+  *7 = requires OpenSSL, NSS, GSKit, WinSSL or Secure Transport; GnuTLS, for
       example, only supports SSLv3 and TLSv1
  *8 = requires libssh2
  *9 = requires OpenSSL, GnuTLS, NSS, yassl, Secure Transport or SSPI (native
@@ -194,3 +203,4 @@ FOOTNOTES
  *12 = requires libz
  *13 = requires libmetalink, and either an Apple or Microsoft operating
        system, or OpenSSL, or GnuTLS, or NSS
  *14 = requires a GSS-API implementation (such as Heimdal or MIT Kerberos)
--- a/docs/HISTORY
+++ b/docs/HISTORY
@@ -5,22 +5,30 @@
                             \___|\___/|_| \_\_____|
 How cURL Became Like This
 =========================
-
+Towards the end of 1996, Daniel Stenberg was spending time writing an IRC bot
-Towards the end of 1996, Daniel Stenberg came up with the idea to make
+for an Amiga related channel on EFnet. He then came up with the idea to make
 currency-exchange calculations available to Internet Relay Chat (IRC)
 users. All the necessary data are published on the Web; he just needed to
 automate their retrieval.
 Daniel simply adopted an existing command-line open-source tool, httpget, that
 Brazilian Rafael Sagula had written and recently release version 0.1 of. After
-a few minor adjustments, it did just what he needed. HttpGet 1.0 was released
+a few minor adjustments, it did just what he needed.
-on April 8th 1997 with brand new HTTP proxy support.
+
 1997
 ----
 HttpGet 1.0 was released on April 8th 1997 with brand new HTTP proxy support.
 We soon found and fixed support for getting currencies over GOPHER.  Once FTP
 download support was added, the name of the project was changed and urlget 2.0
 was released in August 1997. The http-only days were already passed.
 1998
 ----
 The project slowly grew bigger. When upload capabilities were added and the
 name once again was misleading, a second name change was made and on March 20,
 1998 curl 4 was released. (The version numbering from the previous names was
@@ -33,33 +41,39 @@ was revealed to us much later.)
 SSL support was added, powered by the SSLeay library.
-August 1998, first announcement of curl on freshmeat.net.
+August, first announcement of curl on freshmeat.net.
-October 1998, with the curl 4.9 release and the introduction of cookie
+October, with the curl 4.9 release and the introduction of cookie support,
-support, curl was no longer released under the GPL license. Now we're at 4000
+curl was no longer released under the GPL license. Now we're at 4000 lines of
-lines of code, we switched over to the MPL license to restrict the effects of
+code, we switched over to the MPL license to restrict the effects of
 "copyleft".
-November 1998, configure script and reported successful compiles on several
+November, configure script and reported successful compiles on several
 major operating systems. The never-quite-understood -F option was added and
 curl could now simulate quite a lot of a browser. TELNET support was added.
 Curl 5 was released in December 1998 and introduced the first ever curl man
 page. People started making Linux RPM packages out of it.
-January 1999, DICT support added.
+1999
 ----
 January, DICT support added.
 OpenSSL took over where SSLeay was abandoned.
-May 1999, first Debian package.
+May, first Debian package.
-August 1999, LDAP:// and FILE:// support added. The curl web site gets 1300
+August, LDAP:// and FILE:// support added. The curl web site gets 1300 visits
-visits weekly.
+weekly.
 Released curl 6.0 in September. 15000 lines of code.
-December 28 1999, added the project on Sourceforge and started using its
+December 28, added the project on Sourceforge and started using its services
-services for managing the project.
+for managing the project.
 2000
 ----
 Spring 2000, major internal overhaul to provide a suitable library interface.
 The first non-beta release was named 7.1 and arrived in August. This offered
@@ -67,19 +81,22 @@ the easy interface and turned out to be the beginning of actually getting
 other software and programs to get based on and powered by libcurl. Almost
 20000 lines of code.
-August 2000, the curl web site gets 4000 visits weekly.
+August, the curl web site gets 4000 visits weekly.
 The PHP guys adopted libcurl already the same month, when the first ever third
 party libcurl binding showed up. CURL has been a supported module in PHP since
 the release of PHP 4.0.2. This would soon get followers. More than 16
 different bindings exist at the time of this writing.
-September 2000, kerberos4 support was added.
+September, kerberos4 support was added.
-In November 2000 started the work on a test suite for curl. It was later
+In November started the work on a test suite for curl. It was later re-written
-re-written from scratch again. The libcurl major SONAME number was set to 1.
+from scratch again. The libcurl major SONAME number was set to 1.
-January 2001, Daniel released curl 7.5.2 under a new license again: MIT (or
+2001
 ----
 January, Daniel released curl 7.5.2 under a new license again: MIT (or
 MPL). The MIT license is extremely liberal and can be used combined with GPL
 in other projects. This would finally put an end to the "complaints" from
 people involved in GPLed projects that previously were prohibited from using
@@ -92,17 +109,20 @@ code. The libcurl major SONAME number was bumped to 2 due to this overhaul.
 The first experimental ftps:// support was added in March 2001.
-August 2001. curl is bundled in Mac OS X, 10.1. It was already becoming more
+August. curl is bundled in Mac OS X, 10.1. It was already becoming more and
-and more of a standard utility of Linux distributions and a regular in the BSD
+more of a standard utility of Linux distributions and a regular in the BSD
 ports collections. The curl web site gets 8000 visits weekly. Curl Corporation
 contacted Daniel to discuss "the name issue". After Daniel's reply, they have
 never since got in touch again.
-September 2001, libcurl 7.9 introduces cookie jar and curl_formadd(). During
+September, libcurl 7.9 introduces cookie jar and curl_formadd(). During the
-the forthcoming 7.9.x releases, we introduced the multi interface slowly and
+forthcoming 7.9.x releases, we introduced the multi interface slowly and
 without much whistles.
-June 2002, the curl web site gets 13000 visits weekly. curl and libcurl is
+2002
 ----
 June, the curl web site gets 13000 visits weekly. curl and libcurl is
 35000 lines of code. Reported successful compiles on more than 40 combinations
 of CPUs and operating systems.
@@ -111,33 +131,36 @@ impossible. Around 5000 downloaded packages each week from the main site gives
 a hint, but the packages are mirrored extensively, bundled with numerous OS
 distributions and otherwise retrieved as part of other software.
-September 2002, with the release of curl 7.10 it is released under the MIT
+September, with the release of curl 7.10 it is released under the MIT license
-license only.
+only.
-January 2003. Started working on the distributed curl tests. The autobuilds.
+2003
 ----
-February 2003, the curl site averages at 20000 visits weekly. At any given
+January. Started working on the distributed curl tests. The autobuilds.
-moment, there's an average of 3 people browsing the curl.haxx.se site.
+
 February, the curl site averages at 20000 visits weekly. At any given moment,
 there's an average of 3 people browsing the curl.haxx.se site.
 Multiple new authentication schemes are supported: Digest (May), NTLM (June)
 and Negotiate (June).
-November 2003: curl 7.10.8 is released. 45000 lines of code. ~55000 unique
+November: curl 7.10.8 is released. 45000 lines of code. ~55000 unique visitors
-visitors to the curl.haxx.se site. Five official web mirrors.
+to the curl.haxx.se site. Five official web mirrors.
-December 2003, full-fledged SSL for FTP is supported.
+December, full-fledged SSL for FTP is supported.
-January 2004: curl 7.11.0 introduced large file support.
+2004
 ----
-June 2004:
+January: curl 7.11.0 introduced large file support.
-  curl 7.12.0 introduced IDN support. 10 official web mirrors.
+June: curl 7.12.0 introduced IDN support. 10 official web mirrors.
 This release bumped the major SONAME to 3 due to the removal of the
 curl_formparse() function
-August 2004:
+August: Curl and libcurl 7.12.1
 Curl and libcurl 7.12.1
    Public curl release number:               82
    Releases counted from the very beginning: 109
@@ -147,52 +170,45 @@ August 2004:
    Amount of public web site mirrors:        12
    Number of known libcurl bindings:         26
-April 2005:
+2005
 ----
- GnuTLS can now optionally be used for the secure layer when curl is built.
+April. GnuTLS can now optionally be used for the secure layer when curl is
 built.
-September 2005:
+September: TFTP support was added.
 TFTP support was added.
 More than 100,000 unique visitors of the curl web site. 25 mirrors.
-December 2005:
+December: security vulnerability: libcurl URL Buffer Overflow
- security vulnerability: libcurl URL Buffer Overflow
+2006
 ----
-January 2006:
+January. We dropped support for Gopher. We found bugs in the implementation
-
+that turned out having been introduced years ago, so with the conclusion that
 We dropped support for Gopher. We found bugs in the implementation that
 turned out having been introduced years ago, so with the conclusion that
 nobody had found out in all this time we removed it instead of fixing it.
-March 2006:
+March: security vulnerability: libcurl TFTP Packet Buffer Overflow
- security vulnerability: libcurl TFTP Packet Buffer Overflow
+April: Added the multi_socket() API
-April 2006:
+September: The major SONAME number for libcurl was bumped to 4 due to the
 removal of ftp third party transfer support.
- Added the multi_socket() API
+November: Added SCP and SFTP support
-September 2006:
+2007
 ----
- The major SONAME number for libcurl was bumped to 4 due to the removal of
+February: Added support for the Mozilla NSS library to do the SSL/TLS stuff
 ftp third party transfer support.
-November 2006:
+July: security vulnerability: libcurl GnuTLS insufficient cert verification
- Added SCP and SFTP support
+2008
 ----
-February 2007:
+November:
 Added support for the Mozilla NSS library to do the SSL/TLS stuff
 July 2007:
 security vulnerability: libcurl GnuTLS insufficient cert verification
 November 2008:
    Command line options:         128
    curl_easy_setopt() options:   158
@@ -202,37 +218,30 @@ November 2008:
 145,000 unique visitors. >100 GB downloaded.
-March 2009:
+2009
 ----
- security vulnerability: libcurl Arbitrary File Access
+March: security vulnerability: libcurl Arbitrary File Access
-August 2009:
+August: security vulnerability: libcurl embedded zero in cert name
- security vulnerability: libcurl embedded zero in cert name
+December: Added support for IMAP, POP3 and SMTP
-December 2009:
+2010
 ----
- Added support for IMAP, POP3 and SMTP
+January: Added support for RTSP
-January 2010:
+February: security vulnerability: libcurl data callback excessive length
- Added support for RTSP
+March: The project switched over to use git (hosted by github) instead of CVS
 for source code control
-February 2010:
+May: Added support for RTMP
 security vulnerability: libcurl data callback excessive length
 March 2010:
 The project switched over to use git instead of CVS for source code control
 May 2010:
 Added support for RTMP
 Added support for PolarSSL to do the SSL/TLS stuff
-August 2010:
+August:
    Public curl releases:         117
    Command line options:         138
@@ -242,3 +251,32 @@ August 2010:
    Contributors:                 808
 Gopher support added (re-added actually)
 2012
 ----
 July: Added support for Schannel (native Windows TLS backend) and Darwin SSL
 (Native Mac OS X and iOS TLS backend).
 Supports metalink
 October: SSH-agent support.
 2013
 ----
 February: Cleaned up internals to always uses the "multi" non-blocking
 approach internally and only expose the blocking API with a wrapper.
 September: First small steps on supporting HTTP/2 with nghttp2.
 October: Removed krb4 support.
 December: Happy eyeballs.
 2014
 ----
 March: first real release supporting HTTP/2
 September: Web site had 245,000 unique visitors and served 236GB data
--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -20,9 +20,10 @@ Building from git
   If you get your code off a git repository, see the GIT-INFO file in the
   root directory for specific instructions on how to proceed.
-UNIX
+Unix
 ====
-   A normal unix installation is made in three or four steps (after you've
+
   A normal Unix installation is made in three or four steps (after you've
   unpacked the source archive):
        ./configure
@@ -115,18 +116,6 @@ UNIX
       ./configure --disable-thread
     To build curl with kerberos4 support enabled, curl requires the krb4 libs
     and headers installed. You can then use a set of options to tell
     configure where those are:
          --with-krb4-includes[=DIR]   Specify location of kerberos4 headers
          --with-krb4-libs[=DIR]       Specify location of kerberos4 libs
          --with-krb4[=DIR]            where to look for Kerberos4
     In most cases, /usr/athena is the install prefix and then it works with
       ./configure --with-krb4=/usr/athena
     If you're a curl developer and use gcc, you might want to enable more
     debug options with the --enable-debug option.
@@ -148,8 +137,8 @@ UNIX
     To build with axTLS for SSL/TLS, use both --without-ssl and --with-axtls.
-     To get GSSAPI support, build with --with-gssapi and have the MIT or
+     To build with GSS-API support, use --with-gssapi and have the MIT Kerberos
-     Heimdal Kerberos 5 packages installed.
+     or Heimdal packages installed.
     To get support for SCP and SFTP, build with --with-libssh2 and have
     libssh2 0.16 or later installed.
@@ -159,6 +148,7 @@ UNIX
   SPECIAL CASES
   -------------
   Some versions of uClibc require configuring with CPPFLAGS=-D_GNU_SOURCE=1
   to get correct large file support.
@@ -167,7 +157,6 @@ UNIX
       ./configure CC=owcc AR="$WATCOM/binl/wlib" AR_FLAGS=-q \
           RANLIB=/bin/true STRIP="$WATCOM/binl/wstrip" CFLAGS=-Wextra
 Win32
 =====
@@ -199,7 +188,6 @@ Win32
   If you get linkage errors read section 5.7 of the FAQ document.
   MingW32
   -------
@@ -221,7 +209,7 @@ Win32
   environment variables, for example:
     set ZLIB_PATH=c:\zlib-1.2.8
-     set OPENSSL_PATH=c:\openssl-0.9.8y
+     set OPENSSL_PATH=c:\openssl-0.9.8zc
     set LIBSSH2_PATH=c:\libssh2-1.4.3
   ATTENTION: if you want to build with libssh2 support you have to use latest
@@ -246,7 +234,6 @@ Win32
   - optional recent Novell CLDAP SDK available from:
     http://developer.novell.com/ndk/cldap.htm
   Cygwin
   ------
@@ -264,8 +251,10 @@ Win32
   MSVC 6 caveats
   --------------
-   If you use MSVC 6 it is required that you use the February 2003 edition PSDK:
+   If you use MSVC 6 it is required that you use the February 2003 edition of
-   http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm
+   the 'Platform SDK' which can be downloaded from:
   http://www.microsoft.com/en-us/download/details.aspx?id=12261
   Building any software with MSVC 6 without having PSDK installed is just
   asking for trouble down the road once you have released it, you might notice
@@ -273,8 +262,6 @@ Win32
   choice of static vs dynamic runtime and third party libraries. Anyone using
   software built in such way will at some point regret having done so.
   When someone uses MSVC 6 without PSDK he is using a compiler back from 1998.
   If the compiler has been updated with the installation of a service pack as
   those mentioned in http://support.microsoft.com/kb/194022 the compiler can be
   safely used to read source code, translate and make it object code.
@@ -284,13 +271,6 @@ Win32
   header files and libraries with bugs and security issues which have already
   been addressed and fixed long time ago.
   In order to make use of the updated system headers and fixed libraries
   for MSVC 6, it is required that 'Platform SDK', PSDK from now onwards,
   is installed. The specific PSDK that must be installed for MSVC 6 is the
   February 2003 edition, which is the latest one supporting the MSVC 6 compiler,
   this PSDK is also known as 'Windows Server 2003 PSDK' and can be downloaded
   from http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm
   So, building curl and libcurl with MSVC 6 without PSDK is absolutely
   discouraged for the benefit of anyone using software built in such
   environment. And it will not be supported in any way, as we could just
@@ -337,7 +317,7 @@ Win32
   Before running nmake define the OPENSSL_PATH environment variable with
   the root/base directory of OpenSSL, for example:
-     set OPENSSL_PATH=c:\openssl-0.9.8y
+     set OPENSSL_PATH=c:\openssl-0.9.8zc
   Then run 'nmake vc-ssl' or 'nmake vc-ssl-dll' in curl's root
   directory.  'nmake vc-ssl' will create a libcurl static and dynamic
@@ -352,39 +332,18 @@ Win32
   at runtime.
   Run 'nmake vc-ssl-zlib' to build with both ssl and zlib support.
-   MSVC 6 IDE
+   MSVC IDE
-   ----------
+   --------
-   A minimal VC++ 6.0 reference workspace (vc6curl.dsw) is available with the
+   A fairly comprehensive set of Visual Studio project files are available for
-   source distribution archive to allow proper building of the two included
+   v6.0 through v12.0 and are located in the projects folder to allow proper
-   projects, the libcurl library and the curl tool.
+   building of both the libcurl library as well as the curl tool.
-   1) Open the vs/vc6/vc6curl.dsw workspace with MSVC6's IDE.
+   For more information about these projects and building via Visual Studio
-   2) Select 'Build' from top menu.
+   please see the README file located in the projects folder.
   3) Select 'Batch Build' from dropdown menu.
   4) Make sure that the eight project configurations are 'checked'.
   5) Click on the 'Build' button.
   6) Once the eight project configurations are built you are done.
   Dynamic and static libcurl libraries are built in debug and release flavours,
   and can be located each one in its own subdirectory, dll-debug, dll-release,
   lib-debug and lib-release, all of them below the 'vs/vc6/lib' subdirectory.
   In the same way four curl executables are created, each using its respective
   library. The resulting curl executables are located in its own subdirectory,
   dll-debug, dll-release, lib-debug and lib-release, below 'vs/vc6/src' subdir.
   These reference VC++ 6.0 configurations are generated using the dynamic CRT.
   Intentionally, these reference VC++ 6.0 projects and configurations don't use
   third party libraries, such as OpenSSL or Zlib, to allow proper compilation
   and configuration for all new users without further requirements.
   If you need something more 'involved' you might adjust them for your own use,
   or explore the world of makefiles described above 'MSVC from command line'.
   Borland C++ compiler
-   ---------------------
+   --------------------
   Ensure that your build environment is properly set up to use the compiler
   and associated tools. PATH environment variable must include the path to
@@ -429,7 +388,6 @@ Win32
   is required, as well as the OpenSSL libeay32.lib and ssleay32.lib
   libraries.
   OTHER MSVC IDEs
   ---------------
@@ -440,7 +398,6 @@ Win32
   Make the sources in the src/ drawer be a "win32 console application"
   project. Name it curl.
   Disabling Specific Protocols in Win32 builds
   --------------------------------------------
@@ -459,16 +416,21 @@ Win32
   CURL_DISABLE_FILE     disables FILE
   CURL_DISABLE_TFTP     disables TFTP
   CURL_DISABLE_HTTP     disables HTTP
   CURL_DISABLE_IMAP     disables IMAP
   CURL_DISABLE_POP3     disables POP3
   CURL_DISABLE_SMTP     disables SMTP
-   If you want to set any of these defines you have the following
+   If you want to set any of these defines you have the following options:
   possibilities:
   - Modify lib/config-win32.h
   - Modify lib/curl_setup.h
   - Modify lib/Makefile.vc6
-   - Add defines to Project/Settings/C/C++/General/Preprocessor Definitions
+   - Modify the "Preprocessor Definitions" in the libcurl project
     in the vc6libcurl.dsw/vc6libcurl.dsp Visual C++ 6 IDE project.
   Note: The pre-processor settings can be found using the Visual Studio IDE
   under "Project -> Settings -> C/C++ -> General" in VC6 and "Project ->
   Properties -> Configuration Properties -> C/C++ -> Preprocessor" in later
   versions.
   Using BSD-style lwIP instead of Winsock TCP/IP stack in Win32 builds
   --------------------------------------------------------------------
@@ -480,8 +442,12 @@ Win32
   - Modify lib/config-win32.h and src/config-win32.h
   - Modify lib/Makefile.vc6
-   - Add definition to Project/Settings/C/C++/General/Preprocessor Definitions
+   - Modify the "Preprocessor Definitions" in the libcurl project
-     in the vc6libcurl.dsw/vc6libcurl.dsp Visual C++ 6 IDE project.
+
   Note: The pre-processor settings can be found using the Visual Studio IDE
   under "Project -> Settings -> C/C++ -> General" in VC6 and "Project ->
   Properties -> Configuration Properties -> C/C++ -> Preprocessor" in later
   versions.
   Once that libcurl has been built with BSD-style lwIP TCP/IP stack support,
   in order to use it with your program it is mandatory that your program
@@ -505,9 +471,9 @@ Win32
   add '-DCURL_STATICLIB' to your CFLAGS.  Otherwise the linker will look for
   dynamic import symbols.
 Apple iOS and Mac OS X
 ======================
   On recent Apple operating systems, curl can be built to use Apple's
   SSL/TLS implementation, Secure Transport, instead of OpenSSL. To build with
   Secure Transport for SSL/TLS, use the configure option --with-darwinssl. (It
@@ -537,9 +503,9 @@ Apple iOS and Mac OS X
      ./configure --with-darwinssl
      make
 IBM OS/2
 ========
   Building under OS/2 is not much different from building under unix.
   You need:
@@ -567,9 +533,9 @@ IBM OS/2
   If you're getting huge binaries, probably your makefiles have the -g in
   CFLAGS.
 VMS
 ===
   (The VMS section is in whole contributed by the friendly Nico Baggus)
   Curl seems to work with FTP & HTTP other protocols are not tested.  (the
@@ -614,6 +580,7 @@ VMS
   the name can be fetched from external or internal message libraries
   Error code - the err codes assigned by the application
   Sev. - severity: Even = error, off = non error
      0 = Warning
      1 = Success
      2 = Error
@@ -635,12 +602,13 @@ VMS
      Compaq C V6.2-003 on OpenVMS Alpha V7.1-1H2
   So far for porting notes as of:
   13-jul-2001
   N. Baggus
 QNX
 ===
   (This section was graciously brought to us by David Bentham)
   As QNX is targeted for resource constrained environments, the QNX headers
@@ -651,11 +619,12 @@ QNX
   A good all-round solution to this is to override the default when building
   libcurl, by overriding CFLAGS during configure, example
   #  configure CFLAGS='-DFD_SETSIZE=64 -g -O2'
   #  configure CFLAGS='-DFD_SETSIZE=64 -g -O2'
 RISC OS
 =======
   The library can be cross-compiled using gccsdk as follows:
        CC=riscos-gcc AR=riscos-ar RANLIB='riscos-ar -s' ./configure \
@@ -665,9 +634,9 @@ RISC OS
   where riscos-gcc and riscos-ar are links to the gccsdk tools.
   You can then link your program with curl/lib/.libs/libcurl.a
 AmigaOS
 =======
   (This section was graciously brought to us by Diego Casorran)
   To build cURL/libcurl on AmigaOS just type 'make amiga' ...
@@ -687,10 +656,11 @@ AmigaOS
   To enable SSL support, you need a OpenSSL native version (without ixemul),
   you can find a precompiled package at http://amiga.sourceforge.net/OpenSSL/
 NetWare
 =======
   To compile curl.nlm / libcurl.nlm you need:
   - either any gcc / nlmconv, or CodeWarrior 7 PDK 4 or later.
   - gnu make and awk running on the platform you compile on;
     native Win32 versions can be downloaded from:
@@ -731,9 +701,9 @@ NetWare
   the status of these builds can be viewed at the autobuild table:
   http://curl.haxx.se/dev/builds.html
 eCos
 ====
   curl does not use the eCos build system, so you must first build eCos
   separately, then link curl to the resulting eCos library.  Here's a sample
   configure line to do so on an x86 Linux box targeting x86:
@@ -801,9 +771,9 @@ eCos
   config.errors = stderr; /* default errors to stderr */
 Minix
 =====
   curl can be compiled on Minix 3 using gcc or ACK (starting with
   ver. 3.1.3).  Ensure that GNU gawk and bash are both installed and
   available in the PATH.
@@ -833,9 +803,9 @@ Minix
     make
     chmem =256000 src/curl
 Symbian OS
 ==========
   The Symbian OS port uses the Symbian build system to compile.  From the
   packages/Symbian/group/ directory, run:
@@ -846,9 +816,9 @@ Symbian OS
   SDK doesn't include support for P.I.P.S., you will need to contact
   your SDK vendor to obtain that first.
 VxWorks
 ========
   Build for VxWorks is performed using cross compilation.
   That means you build on Windows machine using VxWorks tools and
   run the built image on the VxWorks device.
@@ -872,13 +842,15 @@ VxWorks
   As a result the libcurl.a library should be created in the 'lib' folder.
   To clean the build results type 'make -f ./Makefile.vxworks clean'.
 Android
 =======
   Method using the static makefile:
      - see the build notes in the packages/Android/Android.mk file.
   Method using a configure cross-compile (tested with Android NDK r7c, r8):
      - prepare the toolchain of the Android NDK for standalone use; this can
        be done by invoking the script:
        ./build/tools/make-standalone-toolchain.sh
@@ -900,7 +872,8 @@ Android
        found in your automake folder:
        find /usr -name config.sub
-   Wrapper for pkg-config
+   Wrapper for pkg-config:
      - In order to make proper use of pkg-config so that configure is able to
        find all dependencies you should create a wrapper script for pkg-config;
        file /opt/arm-linux-androideabi-4.4.3/bin/arm-linux-androideabi-pkg-config:
@@ -914,9 +887,9 @@ Android
        also create a copy or symlink with name arm-unknown-linux-androideabi-pkg-config.
 CROSS COMPILE
 =============
   (This section was graciously brought to us by Jim Duey, with additions by
   Dan Fandrich)
@@ -962,9 +935,9 @@ CROSS COMPILE
       ./configure --host=ARCH-OS
 REDUCING SIZE
 =============
   There are a number of configure options that can be used to reduce the
   size of libcurl for embedded applications where binary size is an
   important factor.  First, be sure to set the CFLAGS variable when
@@ -993,6 +966,7 @@ REDUCING SIZE
     --disable-verbose (eliminates debugging strings and error code strings)
     --enable-hidden-symbols (eliminates unneeded symbols in the shared library)
     --without-libidn (disables support for the libidn DNS library)
     --without-librtmp (disables support for RTMP)
     --without-ssl (disables support for SSL/TLS)
     --without-zlib (disables support for on-the-fly decompression)
@@ -1000,6 +974,7 @@ REDUCING SIZE
   size of the libcurl dynamic libraries on some platforms even further.
   Specify them by providing appropriate CFLAGS and LDFLAGS variables on the
   configure command-line, e.g.
     CFLAGS="-Os -ffunction-sections -fdata-sections \
             -fno-unwind-tables -fno-asynchronous-unwind-tables" \
     LDFLAGS="-Wl,-s -Wl,-Bsymbolic -Wl,--gc-sections"
@@ -1011,9 +986,9 @@ REDUCING SIZE
   .comment section).
   Using these techniques it is possible to create a basic HTTP-only shared
-   libcurl library for i386 Linux platforms that is only 106 KiB in size, and
+   libcurl library for i386 Linux platforms that is only 114 KiB in size, and
-   an FTP-only library that is 108 KiB in size (as of libcurl version 7.27.0,
+   an FTP-only library that is 115 KiB in size (as of libcurl version 7.35.0,
-   using gcc 4.6.3).
+   using gcc 4.8.2).
   You may find that statically linking libcurl to your application will
   result in a lower total size than dynamically linking.
@@ -1025,13 +1000,12 @@ REDUCING SIZE
   command line.  Following is a list of appropriate key words:
     --disable-cookies          !cookies
     --disable-crypto-auth      !HTTP\ Digest\ auth !HTTP\ proxy\ Digest\ auth
     --disable-manual           !--manual
     --disable-proxy            !HTTP\ proxy !proxytunnel !SOCKS4 !SOCKS5
 PORTS
 =====
   This is a probably incomplete list of known hardware and operating systems
   that curl has been compiled for. If you know a system curl compiles and
   runs on, that isn't listed, please let us know!
--- a/docs/INSTALL.cmake
+++ b/docs/INSTALL.cmake
@@ -24,7 +24,6 @@ Current flaws in the curl CMake build
   Missing features in the cmake build:
   - Builds libcurl without large file support
   - It doesn't build src/tool_hugehelp.c which creates the --manual output
   - Can't select which SSL library to build with, only OpenSSL
   - Doesn't build with SCP and SFTP support (libssh2)
   - Doesn't allow different resolver backends (no c-ares build support)
@@ -32,7 +31,6 @@ Current flaws in the curl CMake build
   - Doesn't allow build curl and libcurl debug enabled
   - Doesn't allow a custom CA bundle path
   - Doesn't allow you to disable specific protocols from the build
   - Doesn't properly enable IPv6 support by default
   - Doesn't find or use krb4 or GSS
   - Rebuilds test files too eagerly, but still can't run the tests
@@ -71,7 +69,7 @@ Command Line CMake
    $ make install
-    (The teste suit does not work with the cmake build)
+    (The test suite does not work with the cmake build)
 ccmake
 =========
--- a/docs/INTERNALS
+++ b/docs/INTERNALS
@@ -14,6 +14,7 @@ INTERNALS
 GIT
 ===
 All changes to the sources are committed to the git repository as soon as
 they're somewhat verified to work. Changes shall be committed as independently
 as possible so that individual changes can be easier spotted and tracked
@@ -33,7 +34,7 @@ Portability
 want it to remain functional and buildable with these and later versions
 (older versions may still work but is not what we work hard to maintain):
- OpenSSL      0.9.6
+ OpenSSL      0.9.7
 GnuTLS       1.2
 zlib         1.1.4
 libssh2      0.16
@@ -41,11 +42,13 @@ Portability
 libidn       0.4.1
 cyassl       2.0.0
 openldap     2.0
- MIT krb5 lib 1.2.4
+ MIT Kerberos 1.2.4
- qsossl       V5R3M0
+ GSKit        V5R3M0
- NSS          3.12.x
+ NSS          3.14.x
 axTLS        1.2.7
 PolarSSL     1.3.0
 Heimdal      ?
 nghttp2      0.6.0
 On systems where configure runs, we aim at working on them all - if they have
 a suitable C compiler. On systems that don't run configure, we strive to keep
@@ -249,7 +252,9 @@ Library
 Kerberos
- The kerberos support is mainly in lib/krb4.c and lib/security.c.
+ Kerberos support is mainly in lib/krb5.c and lib/security.c but also
 curl_sasl_sspi.c and curl_sasl_gssapi.c for the email protocols and
 socks_gssapi.c & socks_sspi.c for SOCKS5 proxy specifics.
 TELNET
@@ -259,10 +264,18 @@ Library
 The file:// protocol is dealt with in lib/file.c.
 SMB
 The smb:// protocol is dealt with in lib/smb.c.
 LDAP
 Everything LDAP is in lib/ldap.c and lib/openldap.c
 E-mail
 The e-mail related source code is in lib/imap.c, lib/pop3.c and lib/smtp.c.
 GENERAL
 URL encoding and decoding, called escaping and unescaping in the source code,
@@ -300,7 +313,7 @@ Persistent Connections
 o When libcurl is told to perform a transfer, it first checks for an already
   existing connection in the cache that we can use. Otherwise it creates a
   new one and adds that the cache. If the cache is full already when a new
-   conncetion is added added, it will first close the oldest unused one.
+   connection is added added, it will first close the oldest unused one.
 o When the transfer operation is complete, the connection is left
   open. Particular options may tell libcurl not to, and protocols may signal
   closure on connections and then they won't be kept open of course.
@@ -337,10 +350,10 @@ SSL libraries
 in future libcurl versions.
 To deal with this internally in the best way possible, we have a generic SSL
- function API as provided by the sslgen.[ch] system, and they are the only SSL
+ function API as provided by the vtls.[ch] system, and they are the only SSL
- functions we must use from within libcurl. sslgen is then crafted to use the
+ functions we must use from within libcurl. vtls is then crafted to use the
 appropriate lower-level function calls to whatever SSL library that is in
- use.
+ use. For example vtls/openssl.[ch] for the OpenSSL library.
 Library Symbols
 ===============
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -3,43 +3,56 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!
-83. curl is unable to load non-default openssl engines, because openssl isn't
+88. libcurl doesn't support CURLINFO_FILETIME for SFTP transfers and thus
-  initialized properly. This seems to require OpenSSL_config() or
+  curl's -R option also doesn't work then.
-  CONF_modules_load_file() to be used by libcurl but the first seems to not
+
-  work and we've gotten not reports from tests with the latter. Possibly we
+87. -J/--remote-header-name doesn't decode %-encoded file names. RFC6266
-  need to discuss with OpenSSL developers how this is supposed to be done. We
+  details how it should be done. The can of worm is basically that we have no
-  need users with actual external openssl engines for testing to work on this.
+  charset handling in curl and ascii >=128 is a challenge for us. Not to
-  http://curl.haxx.se/bug/view.cgi?id=1208
+  mention that decoding also means that we need to check for nastiness that is
  attempted, like "../" sequences and the like. Probably everything to the left
  of any embedded slashes should be cut off.
  http://curl.haxx.se/bug/view.cgi?id=1294
 86. The disconnect commands (LOGOUT and QUIT) may not be sent by IMAP, POP3
  and SMTP if a failure occurs during the authentication phase of a
  connection.
 85. Wrong STARTTRANSFER timer accounting for POST requests
  Timer works fine with GET requests, but while using POST the time for
  CURLINFO_STARTTRANSFER_TIME is wrong. While using POST
  CURLINFO_STARTTRANSFER_TIME minus CURLINFO_PRETRANSFER_TIME is near to zero
  every time.
  http://curl.haxx.se/bug/view.cgi?id=1213
 84. CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS
  backends, so relying on this information in a generic app is flaky.
 82. When building with the Windows Borland compiler, it fails because the
  "tlib" tool doesn't support hyphens (minus signs) in file names and we have
  such in the build.
  http://curl.haxx.se/bug/view.cgi?id=1222
-81. When using -J (with -O), automaticly resumed downloading together with "-C
+81. When using -J (with -O), automatically resumed downloading together with
-  -" fails. Without -J the same command line works! This happens because the
+  "-C -" fails. Without -J the same command line works! This happens because
-  resume logic is worked out before the target file name (and thus its
+  the resume logic is worked out before the target file name (and thus its
  pre-transfer size) has been figured out!
  http://curl.haxx.se/bug/view.cgi?id=1169
 80. Curl doesn't recognize certificates in DER format in keychain, but it
  works with PEM.
-  http://curl.haxx.se/bug/view.cgi?id=3439999
+  http://curl.haxx.se/bug/view.cgi?id=1065
 79. SMTP. When sending data to multiple recipients, curl will abort and return
  failure if one of the recipients indicate failure (on the "RCPT TO"
  command). Ordinary mail programs would proceed and still send to the ones
  that can receive data. This is subject for change in the future.
-  http://curl.haxx.se/bug/view.cgi?id=3438362
+  http://curl.haxx.se/bug/view.cgi?id=1116
 78. curl and libcurl don't always signal the client properly when "sending"
  zero bytes files - it makes for example the command line client not creating
  any file at all. Like when using FTP.
-  http://curl.haxx.se/bug/view.cgi?id=3438362
+  http://curl.haxx.se/bug/view.cgi?id=1063
 77. CURLOPT_FORBID_REUSE on a handle prevents NTLM from working since it
  "abuses" the underlying connection re-use system and if connections are
  forced to close they break the NTLM support.
 76. The SOCKET type in Win64 is 64 bits large (and thus so is curl_socket_t on
  that platform), and long is only 32 bits. It makes it impossible for
@@ -47,12 +60,12 @@ may have been fixed since this was written!
  option as for all other operating systems.
 75. NTLM authentication involving unicode user name or password only works
-  properly if built with UNICODE defined together with the schannel/winssl
+  properly if built with UNICODE defined together with the WinSSL/schannel
  backend. The original problem was mentioned in:
  http://curl.haxx.se/mail/lib-2009-10/0024.html
-  http://curl.haxx.se/bug/view.cgi?id=2944325
+  http://curl.haxx.se/bug/view.cgi?id=896
-  The schannel version verified to work as mentioned in
+  The WinSSL/schannel version verified to work as mentioned in
  http://curl.haxx.se/mail/lib-2012-07/0073.html
 73. if a connection is made to a FTP server but the server then just never
@@ -60,7 +73,7 @@ may have been fixed since this was written!
  acknowledge the connection timeout during that phase but only the "real"
  timeout - which may surprise users as it is probably considered to be the
  connect phase to most people. Brought up (and is being misunderstood) in:
-  http://curl.haxx.se/bug/view.cgi?id=2844077
+  http://curl.haxx.se/bug/view.cgi?id=856
 72. "Pausing pipeline problems."
  http://curl.haxx.se/mail/lib-2009-07/0214.html
@@ -78,7 +91,7 @@ may have been fixed since this was written!
  http://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02
 66. When using telnet, the time limitation options don't work.
-  http://curl.haxx.se/bug/view.cgi?id=2818950
+  http://curl.haxx.se/bug/view.cgi?id=846
 65. When doing FTP over a socks proxy or CONNECT through HTTP proxy and the
  multi interface is used, libcurl will fail if the (passive) TCP connection
@@ -109,7 +122,7 @@ may have been fixed since this was written!
  and instead the connection is "cancelled" (the operation is considered done)
  prematurely. There is a half-baked (busy-looping) patch provided in the bug
  report but it cannot be accepted as-is. See
-  http://curl.haxx.se/bug/view.cgi?id=2006544
+  http://curl.haxx.se/bug/view.cgi?id=748
 55. libcurl fails to build with MIT Kerberos for Windows (KfW) due to KfW's
  library header files exporting symbols/macros that should be kept private
@@ -133,12 +146,12 @@ may have been fixed since this was written!
  protocol code. This should be very rare.
 43. There seems to be a problem when connecting to the Microsoft telnet server.
-  http://curl.haxx.se/bug/view.cgi?id=1720605
+  http://curl.haxx.se/bug/view.cgi?id=649
 41. When doing an operation over FTP that requires the ACCT command (but not
  when logging in), the operation will fail since libcurl doesn't detect this
  and thus fails to issue the correct command:
-  http://curl.haxx.se/bug/view.cgi?id=1693337
+  http://curl.haxx.se/bug/view.cgi?id=635
 39. Steffen Rumler's Race Condition in Curl_proxyCONNECT:
  http://curl.haxx.se/mail/lib-2007-01/0045.html
@@ -151,28 +164,15 @@ may have been fixed since this was written!
 34. The SOCKS4 connection codes don't properly acknowledge (connect) timeouts.
  Also see #12. According to bug #1556528, even the SOCKS5 connect code does
-  not do it right: http://curl.haxx.se/bug/view.cgi?id=1556528,
+  not do it right: http://curl.haxx.se/bug/view.cgi?id=604
 31. "curl-config --libs" will include details set in LDFLAGS when configure is
  run that might be needed only for building libcurl. Further, curl-config
  --cflags suffers from the same effects with CFLAGS/CPPFLAGS.
 30. You need to use -g to the command line tool in order to use RFC2732-style
  IPv6 numerical addresses in URLs.
 29. IPv6 URLs with zone ID is not nicely supported.
  http://www.ietf.org/internet-drafts/draft-fenner-literal-zone-02.txt (expired)
  specifies the use of a plus sign instead of a percent when specifying zone
  IDs in URLs to get around the problem of percent signs being
  special. According to the reporter, Firefox deals with the URL _with_ a
  percent letter (which seems like a blatant URL spec violation).
  libcurl supports zone IDs where the percent sign is URL-escaped (i.e. %25).
   See http://curl.haxx.se/bug/view.cgi?id=1371118
 26. NTLM authentication using SSPI (on Windows) when (lib)curl is running in
  "system context" will make it use wrong(?) user name - at least when compared
-  to what winhttp does. See http://curl.haxx.se/bug/view.cgi?id=1281867
+  to what winhttp does. See http://curl.haxx.se/bug/view.cgi?id=535
 23. SOCKS-related problems:
  B) libcurl doesn't support FTPS over a SOCKS proxy.
@@ -200,7 +200,7 @@ may have been fixed since this was written!
  be to use a data structure other than a plain C string, one that can handle
  embedded NUL characters.  From a practical standpoint, most FTP servers
  would not meaningfully support NUL characters within RFC 959 <string>,
-  anyway (e.g., UNIX pathnames may not contain NUL).
+  anyway (e.g., Unix pathnames may not contain NUL).
 14. Test case 165 might fail on a system which has libidn present, but with an
  old iconv version (2.1.3 is a known bad version), since it doesn't recognize
@@ -215,10 +215,10 @@ may have been fixed since this was written!
  acknowledged after the actual TCP connect (during the SOCKS "negotiate"
  phase).
-10. To get HTTP Negotiate authentication to work fine, you need to provide a
+10. To get HTTP Negotiate (SPNEGO) authentication to work fine, you need to
-  (fake) user name (this concerns both curl and the lib) because the code
+  provide a (fake) user name (this concerns both curl and the lib) because the
-  wrongly only considers authentication if there's a user name provided.
+  code wrongly only considers authentication if there's a user name provided.
-  http://curl.haxx.se/bug/view.cgi?id=1004841. How?
+  http://curl.haxx.se/bug/view.cgi?id=440 How?
  http://curl.haxx.se/mail/lib-2004-08/0182.html
 8. Doing resumed upload over HTTP does not work with '-C -', because curl
--- a/docs/LIBCURL-STRUCTS
+++ b/docs/LIBCURL-STRUCTS
@@ -47,7 +47,7 @@ for older and later versions as things don't change drastically that often.
  ->mstate is the multi state of this particular SessionHandle. When
  multi_runsingle() is called, it will act on this handle according to which
  state it is in. The mstate is also what tells which sockets to return for a
-  speicific SessionHandle when curl_multi_fdset() is called etc.
+  specific SessionHandle when curl_multi_fdset() is called etc.
  The libcurl source code generally use the name 'data' for the variable that
  points to the SessionHandle.
@@ -60,7 +60,7 @@ for older and later versions as things don't change drastically that often.
  re-use an existing one instead of creating a new as it creates a significant
  performance boost.
-  Each 'connectdata' identifies a single physical conncetion to a server. If
+  Each 'connectdata' identifies a single physical connection to a server. If
  the connection can't be kept alive, the connection will be closed after use
  and then this struct can be removed from the cache and freed.
@@ -158,18 +158,18 @@ for older and later versions as things don't change drastically that often.
  ->do_it is the function called to issue the transfer request. What we call
  the DO action internally. If the DO is not enough and things need to be kept
-  getting done for the entier DO sequence to complete, ->doing is then usually
+  getting done for the entire DO sequence to complete, ->doing is then usually
  also provided. Each protocol that needs to do multiple commands or similar
  for do/doing need to implement their own state machines (see SCP, SFTP,
  FTP). Some protocols (only FTP and only due to historical reasons) has a
  separate piece of the DO state called DO_MORE.
-  ->doing keeps getting called while issudeing the transfer request command(s)
+  ->doing keeps getting called while issuing the transfer request command(s)
  ->done gets called when the transfer is complete and DONE. That's after the
  main data has been transferred.
-  ->do_more gets called doring the DO_MORE state. The FTP protocol uses this
+  ->do_more gets called during the DO_MORE state. The FTP protocol uses this
  state when setting up the second connection.
  ->proto_getsock
--- a/docs/LICENSE-MIXING
+++ b/docs/LICENSE-MIXING
@@ -21,9 +21,7 @@ announcement clause that collides with GPL.
 libcurl http://curl.haxx.se/docs/copyright.html
        Uses an MIT (or Modified BSD)-style license that is as liberal as
-        possible.  Some of the source files that deal with KRB4 have Original
+        possible.
        BSD-style announce-clause licenses. You may not distribute binaries
        with krb4-enabled libcurl that also link with GPL-licensed code!
 OpenSSL http://www.openssl.org/source/license.html
@@ -70,14 +68,6 @@ zlib    http://www.gzip.org/zlib/zlib_license.html
        (Used for compressed Transfer-Encoding support) Uses an MIT-style
        license that shouldn't collide with any other library.
 krb4
        While nothing in particular says that a Kerberos4 library must use any
        particular license, the one I've tried and used successfully so far
        (kth-krb4) is partly Original BSD-licensed with the announcement
        clause. Some of the code in libcurl that is written to deal with
        Kerberos4 is Modified BSD-licensed.
 MIT Kerberos http://web.mit.edu/kerberos/www/dist/
        (May be used for GSS support) MIT licensed, that shouldn't collide
@@ -94,12 +84,6 @@ GNU GSS http://www.gnu.org/software/gss/
        may not distribute binary curl packages that uses this if you build
        curl to also link and use any Original BSD licensed libraries!
 fbopenssl
        (Used for SPNEGO support) Unclear license. Based on its name, I assume
        that it uses the OpenSSL license and thus shares the same issues as
        described for OpenSSL above.
 libidn  http://josefsson.org/libidn/
        (Used for IDNA support) Uses the GNU Lesser General Public
--- a/docs/MAIL-ETIQUETTE
+++ b/docs/MAIL-ETIQUETTE
@@ -14,6 +14,7 @@ MAIL ETIQUETTE
  1.5 Moderation of new posters
  1.6 Handling trolls and spam
  1.7 How to unsubscribe
  1.8 I posted, now what?
 2. Sending mail
  2.1 Reply or New Mail
@@ -105,7 +106,7 @@ MAIL ETIQUETTE
  No matter what, we NEVER EVER respond to trolls or spammers on the list. If
  you believe the list admin should do something particular, contact him/her
  off-list. The subject will be taken care of as good as possible to prevent
-  repeated offences, but responding on the list to such messages never lead to
+  repeated offenses, but responding on the list to such messages never lead to
  anything good and only puts the light even more on the offender: which was
  the entire purpose of it getting to the list in the first place.
@@ -125,6 +126,42 @@ MAIL ETIQUETTE
  You NEVER EVER email the mailing list requesting someone else to get you off
  the list.
  1.8 I posted, now what?
  If you aren't subscribed with the exact same email address that you used to
  send the email, your post will just be silently discarded.
  If you posted for the first time to the mailing list, you first need to wait
  for an administrator to allow your email to go through. This normally
  happens very quickly but in case we're asleep, you may have to wait a few
  hours.
  Once your email goes through it is sent out to several hundred or even
  thousand recipients.  Your email may cover an area that not that many people
  know about or are interested in. Or possibly the person who knows about it
  is on vacation or under a very heavy work load right now. You have to wait
  for a response and you must not expect to get a response at all, but
  hopefully you get an answer within a couple of days.
  You do yourself and all of us a service when you include as many details as
  possible already in your first email. Mention your operating system and
  environment. Tell us which curl version you're using and tell us what you
  did, what happened and what you expected would happen. Preferably, show us
  what you did in details enough to allow others to help point out the problem
  or repeat the same steps in their places.
  Failing to include details will only delay responses and make people respond
  and ask for the details and you have to send a follow-up email that includes
  them.
  Expect the responses to primarily help YOU debug the issue, or ask you
  questions that can lead you or others towards a solution or explanation to
  whatever you experience.
  If you are a repeat offender to the guidelines outlined in this document,
  chances are that people will ignore you at will and your chances to get
  responses will greatly diminish.
 2. Sending mail
--- a/docs/MANUAL
+++ b/docs/MANUAL
@@ -41,16 +41,27 @@ SIMPLE USAGE
  Get a file from an SSH server using SFTP:
-        curl -u username sftp://shell.example.com/etc/issue
+        curl -u username sftp://example.com/etc/issue
-  Get a file from an SSH server using SCP using a private key to authenticate:
+  Get a file from an SSH server using SCP using a private key
  (not password-protected) to authenticate:
-        curl -u username: --key ~/.ssh/id_dsa --pubkey ~/.ssh/id_dsa.pub \
+        curl -u username: --key ~/.ssh/id_rsa \
-            scp://shell.example.com/~/personal.txt
+             scp://example.com/~/file.txt
  Get a file from an SSH server using SCP using a private key
  (password-protected) to authenticate:
        curl -u username: --key ~/.ssh/id_rsa --pass private_key_password \
             scp://example.com/~/file.txt
  Get the main page from an IPv6 web server:
-        curl -g "http://[2001:1890:1112:1::20]/"
+        curl "http://[2001:1890:1112:1::20]/"
  Get a file from an SMB server:
        curl -u "domain\username:passwd" smb://server.example.com/share/file.txt
 DOWNLOAD TO A FILE
@@ -91,10 +102,13 @@ USING PASSWORDS
 SFTP / SCP
-   This is similar to FTP, but you can specify a private key to use instead of
+   This is similar to FTP, but you can use the --key option to specify a
-   a password. Note that the private key may itself be protected by a password
+   private key to use instead of a password. Note that the private key may
-   that is unrelated to the login password of the remote system.  If you
+   itself be protected by a password that is unrelated to the login password
-   provide a private key file you must also provide a public key file.
+   of the remote system; this password is specified using the --pass option.
   Typically, curl will automatically extract the public key from the private
   key file, but in cases where curl does not have the proper library support,
   a matching public key file must be specified using the --pubkey option.
 HTTP
@@ -108,10 +122,10 @@ USING PASSWORDS
        curl -u name:passwd http://machine.domain/full/path/to/file
   HTTP offers many different methods of authentication and curl supports
-   several: Basic, Digest, NTLM and Negotiate. Without telling which method to
+   several: Basic, Digest, NTLM and Negotiate (SPNEGO). Without telling which
-   use, curl defaults to Basic. You can also ask curl to pick the most secure
+   method to use, curl defaults to Basic. You can also ask curl to pick the
-   ones out of the ones that the server accepts for the given URL, by using
+   most secure ones out of the ones that the server accepts for the given URL,
-   --anyauth.
+   by using --anyauth.
   NOTE! According to the URL specification, HTTP URLs can not contain a user
   and password, so that style will not work when using curl via a proxy, even
@@ -218,6 +232,11 @@ UPLOADING
        curl --proxytunnel -x proxy:port -T localfile ftp.upload.com
 SMB / SMBS
        curl -T file.txt -u "domain\username:passwd" 
         smb://server.example.com/share/
 HTTP
  Upload all data on stdin to a specified HTTP site:
@@ -956,9 +975,9 @@ IPv6
  When this style is used, the -g option must be given to stop curl from
  interpreting the square brackets as special globbing characters.  Link local
  and site local addresses including a scope identifier, such as fe80::1234%1,
-  may also be used, but the scope portion must be numeric and the percent
+  may also be used, but the scope portion must be numeric or match an existing
-  character must be URL escaped. The previous example in an SFTP URL might
+  network interface on Linux and the percent character must be URL escaped. The
-  look like:
+  previous example in an SFTP URL might look like:
    sftp://[fe80::1234%251]/
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -37,7 +37,8 @@ EXTRA_DIST = MANUAL BUGS CONTRIBUTE FAQ FEATURES INTERNALS SSLCERTS	 \
 README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS	 \
 KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY INSTALL		 \
 $(PDFPAGES) LICENSE-MIXING README.netware DISTRO-DILEMMA INSTALL.devcpp \
- MAIL-ETIQUETTE HTTP-COOKIES LIBCURL-STRUCTS
+ MAIL-ETIQUETTE HTTP-COOKIES LIBCURL-STRUCTS SECURITY RELEASE-PROCEDURE  \
 SSL-PROBLEMS
 MAN2HTML= roffit < $< >$@
--- a/docs/README.netware
+++ b/docs/README.netware
@@ -10,7 +10,7 @@ README.netware
  Curl has been successfully compiled with gcc / nlmconv on different flavours
  of Linux as well as with the official Metrowerks CodeWarrior compiler.
-  While not being the main development target, a continously growing share of
+  While not being the main development target, a continuously growing share of
  curl users are NetWare-based, specially also consuming the lib from PHP.
  The unix-style man pages are tricky to read on windows, so therefore are all
--- a/docs/RELEASE-PROCEDURE
+++ b/docs/RELEASE-PROCEDURE
@@ -0,0 +1,94 @@
                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|
 curl release procedure - how to do a release
 ============================================
 in the source code repo
 -----------------------
 - edit `RELEASE-NOTES` to be accurate
 - update `docs/THANKS`
 - make sure all relevant changes are committed on the master branch
 - tag the git repo in this style: `git tag -a curl-7_34_0`. -a annotates the
  tag and we use underscores instead of dots in the version number. 
 - run "./maketgz 7.34.0" to build the release tarballs. It is important that
  you run this on a machine with the correct set of autotools etc installed
  as this is what then will be shipped and used by most users on *nix like
  systems.
 - push the git commits and the new tag
 - gpg sign the 4 tarballs as maketgz suggests
 - upload the 8 resulting files to the primary download directory
 in the curl-www repo
 --------------------
 - edit `Makefile` (version number and date),
 - edit `_newslog.html` (announce the new release) and
 - edit `_changes.html` (insert changes+bugfixes from RELEASE-NOTES)
 - commit all local changes
 - tag the repo with the same tag as used for the source repo
 - make sure all relevant changes are committed and pushed on the master branch
  (the web site then updates its contents automatically)
 inform
 ------
 - send an email to curl-users, curl-announce and curl-library. Insert the
  RELEASE-NOTES into the mail.
 celebrate
 ---------
 - suitable beverage intake is encouraged for the festivities
 curl release scheduling
 =======================
 Basics
 ------
 We do releases every 8 weeks on Wednesdays. If critical problems arise, we can
 insert releases outside of the schedule or we can move the release date - but
 this is very rare.
 Each 8 week release cycle is split in two 4-week periods.
 - During the first 4 weeks after a release, we allow new features and changes
  to curl and libcurl. If we accept any such changes, we bump the minor number
  used for the next release.
 - During the second 4-week period we do not merge any features or changes, we
  then only focus on fixing bugs and polishing things to make a solid coming
  release.
 Coming dates
 ------------
 Based on the description above, here are some planned release dates (at the
 time of this writing):
 - November 5, 2014 (version 7.39.0)
 - December 31, 2014
 - February 25, 2015
 - April 22, 2015
 - June 17, 2015
 - August 12, 2015
 - October 7, 2015
 - December 2, 2015
--- a/docs/ROADMAP.md
+++ b/docs/ROADMAP.md
@@ -0,0 +1,85 @@
 curl the next few years - perhaps
 =================================
 Roadmap of things Daniel Stenberg and Steve Holme want to work on next. It is
 intended to serve as a guideline for others for information, feedback and
 possible participation.
 New stuff - libcurl
 -------------------
 1. http2 test suite
 2. http2 multiplexing/pipelining
 3. SPDY
 4. SRV records
 5. HTTPS to proxy
 6. make sure there's an easy handle passed in to `curl_formadd()`,
   `curl_formget()` and `curl_formfree()` by adding replacement functions and
   deprecating the old ones to allow custom mallocs and more
 7. add support for third-party SASL libraries such as Cyrus SASL - may need to
   move existing native and SSPI based authentication into vsasl folder after
   reworking HTTP and SASL code
 8. SASL authentication in LDAP
 9. Simplify the SMTP email interface so that programmers don't have to
   construct the body of an email that contains all the headers, alternative
   content, images and attachments - maintain raw interface so that
   programmers that want to do this can
 10. Allow the email protocols to return the capabilities before
    authenticating. This will allow an application to decide on the best
    authentication mechanism
 11. Allow Windows threading model to be replaced by Win32 pthreads port
 12. Implement a dynamic buffer size to allow SFTP to use much larger buffers
    and possibly allow the size to be customizable by applications. Use less
    memory when handles are not in use?
 New stuff - curl
 ----------------
 1. Embed a language interpreter (lua?). For that middle ground where curl
   isn’t enough and a libcurl binding feels “too much”. Build-time conditional
   of course.
 2. Simplify the SMTP command line so that the headers and multi-part content
   don't have to be constructed before calling curl
 Improve
 -------
 1. build for windows (considered hard by many users)
 2. curl -h output (considered overwhelming to users)
 3. we have > 160 command line options, is there a way to redo things to
   simplify or improve the situation as we are likely to keep adding
   features/options in the future too
 4. docs (considered "bad" by users but how do we make it better?)
  - split up `curl_easy_setopt.3`
  - split up curl.1
 5. authentication framework (consider merging HTTP and SASL authentication to
   give one API for protocols to call)
 6. Perform some of the clean up from the TODO document, removing old
   definitions and such like that are currently earmarked to be removed years
   ago
 Remove
 ------
 1. cmake support (nobody maintains it)
 2. makefile.vc files as there is no point in maintaining two sets of Windows
   makefiles. Note: These are currently being used by the Windows autobuilds
--- a/docs/SECURITY
+++ b/docs/SECURITY
@@ -0,0 +1,107 @@
                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|
 curl security for developers
 ============================
 This document is intended to provide guidance to curl developers on how
 security vulnerabilities should be handled.
 Publishing Information
 ----------------------
 All known and public curl or libcurl related vulnerabilities are listed on
 [the curl web site security page](http://curl.haxx.se/docs/security.html).
 Security vulnerabilities should not be entered in the project's public bug
 tracker unless the necessary configuration is in place to limit access to the
 issue to only the reporter and the project's security team.
 Vulnerability Handling
 ----------------------
 The typical process for handling a new security vulnerability is as follows.
 No information should be made public about a vulnerability until it is
 formally announced at the end of this process. That means, for example that a
 bug tracker entry must NOT be created to track the issue since that will make
 the issue public and it should not be discussed on any of the project's public
 mailing lists. Also messages associated with any commits should not make
 any reference to the security nature of the commit if done prior to the public
 announcement.
 - The person discovering the issue, the reporter, reports the vulnerability
  privately to `curl-security@haxx.se`. That's an email alias that reaches a
  handful of selected and trusted people.
 - Messages that do not relate to the reporting or managing of an undisclosed
  security vulnerability in curl or libcurl are ignored and no further action
  is required.
 - A person in the security team sends an e-mail to the original reporter to
  acknowledge the report.
 - The security team investigates the report and either rejects it or accepts
  it.
 - If the report is rejected, the team writes to the reporter to explain why.
 - If the report is accepted, the team writes to the reporter to let him/her
  know it is accepted and that they are working on a fix.
 - The security team discusses the problem, works out a fix, considers the
  impact of the problem and suggests a release schedule. This discussion
  should involve the reporter as much as possible.
 - The release of the information should be "as soon as possible" and is most
  often synced with an upcoming release that contains the fix. If the
  reporter, or anyone else, thinks the next planned release is too far away
  then a separate earlier release for security reasons should be considered.
 - Write a security advisory draft about the problem that explains what the
  problem is, its impact, which versions it affects, solutions or
  workarounds, when the release is out and make sure to credit all
  contributors properly.
 - Request a CVE number from distros@openwall[1] when also informing and
  preparing them for the upcoming public security vulnerability announcement -
  attach the advisory draft for information. Note that 'distros' won't accept
  an embargo longer than 19 days.
 - Update the "security advisory" with the CVE number.
 - The security team commits the fix in a private branch. The commit message
  should ideally contain the CVE number. This fix is usually also distributed
  to the 'distros' mailing list to allow them to use the fix prior to the
  public announcement.
 - At the day of the next release, the private branch is merged into the master
  branch and pushed. Once pushed, the information is accessible to the public
  and the actual release should follow suit immediately afterwards.
 - The project team creates a release that includes the fix.
 - The project team announces the release and the vulnerability to the world in
  the same manner we always announce releases. It gets sent to the
  curl-announce, curl-library and curl-users mailing lists.
 - The security web page on the web site should get the new vulnerability
  mentioned.
 [1] = http://oss-security.openwall.org/wiki/mailing-lists/distros
 CURL-SECURITY (at haxx dot se)
 ------------------------------
 Who is on this list? There are a couple of criteria you must meet, and then we
 might ask you to join the list or you can ask to join it. It really isn't very
 formal. We basically only require that you have a long-term presence in the
 curl project and you have shown an understanding for the project and its way
 of working. You must've been around for a good while and you should have no
 plans in vanishing in the near future.
 We do not make the list of partipants public mostly because it tends to vary
 somewhat over time and a list somewhere will only risk getting outdated.
--- a/docs/SSL-PROBLEMS
+++ b/docs/SSL-PROBLEMS
@@ -0,0 +1,67 @@
                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|
 SSL problems
  First, let's establish that we often refer to TLS and SSL interchangeably as
  SSL here. The current protocol is called TLS, it was called SSL a long time
  ago.
  There are several known reasons why a connection that involves SSL might
  fail. This is a document that attempts to details the most common ones and
  how to mitigate them.
 CA certs
  CA certs are used to digitally verify the server's certificate. You need a
  "ca bundle" for this. See lots of more details on this in the SSLCERTS
  document.
 CA bundle missing intermediate certificates
  When using said CA bundle to verify a server cert, you will experience
  problems if your CA cert does not have the certificates for the
  intermediates in the whole trust chain.
 SSL version
  Some broken servers fail to support the protocol negotiation properly that
  SSL servers are supposed to handle. This may cause the connection to fail
  completely. Sometimes you may need to explicitly select a SSL version to use
  when connecting to make the connection succeed.
  An additional complication can be that modern SSL libraries sometimes are
  built with support for older SSL and TLS versions disabled!
 SSL ciphers
  Clients give servers a list of ciphers to select from. If the list doesn't
  include any ciphers the server wants/can use, the connection handshake
  fails.
  curl has recently disabled the user of a whole bunch of seriously insecure
  ciphers from its default set (slightly depending on SSL backend in use).
  You may have to explicitly provide an alternative list of ciphers for curl
  to use to allow the server to use a WEAK cipher for you.
  Note that these weak ciphers are identified as flawed. For example, this
  includes symmetric ciphers with less than 128 bit keys and RC4.
  References:
  http://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01
 Allow BEAST
  BEAST is the name of a TLS 1.0 attack that surfaced 2011. When adding means
  to mitigate this attack, it turned out that some broken servers out there in
  the wild didn't work properly with the BEAST mitigation in place.
  To make such broken servers work, the --ssl-allow-beast option was
  introduced. Exactly as it sounds, it re-introduces the BEAST vulnerability
  but on the other hand it allows curl to connect to that kind of strange
  servers.
--- a/docs/SSLCERTS
+++ b/docs/SSLCERTS
@@ -1,23 +1,46 @@
-                      Peer SSL Certificate Verification
+SSL Certificate Verification
-                      =================================
+============================
-(NOTE: If libcurl was built with Schannel or Secure Transport support, then
+SSL is TLS
-this does not apply to you. Scroll down for details on how the OS-native
+----------
-engines handle SSL certificates. If you're not sure, then run "curl -V" and
+
-read the results. If the version string says "WinSSL" in it, then it was built
+SSL is the old name. It is called TLS these days.
-with Schannel support.)
+
 Native SSL
 ----------
 If libcurl was built with Schannel or Secure Transport support (the native SSL
 libraries included in Windows and Mac OS X), then this does not apply to
 you. Scroll down for details on how the OS-native engines handle SSL
 certificates. If you're not sure, then run "curl -V" and read the results. If
 the version string says "WinSSL" in it, then it was built with Schannel
 support.
 It is about trust
 -----------------
 This system is about trust. In your local CA cert bundle you have certs from
 *trusted* Certificate Authorities that you then can use to verify that the
 server certificates you see are valid. They're signed by one of the CAs you
 trust.
 Which CAs do you trust? You can decide to trust the same set of companies your
 operating system trusts, or the set one of the known browsers trust. That's
 basically trust via someone else you trust. You should just be aware that
 modern operating systems and browsers are setup to trust *hundreds* of
 companies and recent years several such CAs have been found untrustworthy.
 Certificate Verification
 ------------------------
 libcurl performs peer SSL certificate verification by default.  This is done
 by using CA cert bundle that the SSL library can use to make sure the peer's
 server certificate is valid.
-If you communicate with HTTPS or FTPS servers using certificates that are
+If you communicate with HTTPS, FTPS or other TLS-using servers using
-signed by CAs present in the bundle, you can be sure that the remote server
+certificates that are signed by CAs present in the bundle, you can be sure
-really is the one it claims to be.
+that the remote server really is the one it claims to be.
 Until 7.18.0, curl bundled a severely outdated ca bundle file that was
 installed by default. These days, the curl archives include no ca certs at
 all. You need to get them elsewhere. See below for example.
 If the remote server uses a self-signed certificate, if you don't install a CA
 cert bundle, if the server uses a certificate signed by a CA that isn't
@@ -26,13 +49,13 @@ impersonating your favorite site, and you want to transfer files from this
 server, do one of the following:
 1. Tell libcurl to *not* verify the peer. With libcurl you disable this with
-    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);
+    `curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);`
    With the curl command line tool, you disable this with -k/--insecure.
 2. Get a CA certificate that can verify the remote server and use the proper
    option to point out this CA cert for verification when connecting. For
-    libcurl hackers: curl_easy_setopt(curl, CURLOPT_CAPATH, capath);
+    libcurl hackers: `curl_easy_setopt(curl, CURLOPT_CAPATH, capath);`
    With the curl command line tool: --cacert [file]
@@ -46,32 +69,32 @@ server, do one of the following:
    If you use Internet Explorer, this is one way to get extract the CA cert
    for a particular server:
-     o View the certificate by double-clicking the padlock
+     - View the certificate by double-clicking the padlock
-     o Find out where the CA certificate is kept (Certificate>
+     - Find out where the CA certificate is kept (Certificate>
       Authority Information Access>URL)
-     o Get a copy of the crt file using curl
+     - Get a copy of the crt file using curl
-     o Convert it from crt to PEM using the openssl tool:
+     - Convert it from crt to PEM using the openssl tool:
       openssl x509 -inform DES -in yourdownloaded.crt \
       -out outcert.pem -text
-     o Append the 'outcert.pem' to the CA cert bundle or use it stand-alone
+     - Append the 'outcert.pem' to the CA cert bundle or use it stand-alone
       as described below.
    If you use the 'openssl' tool, this is one way to get extract the CA cert
    for a particular server:
-     o openssl s_client -connect xxxxx.com:443 |tee logfile
+     - `openssl s_client -connect xxxxx.com:443 |tee logfile`
-     o type "QUIT", followed by the "ENTER" key
+     - type "QUIT", followed by the "ENTER" key
-     o The certificate will have "BEGIN CERTIFICATE" and "END CERTIFICATE"
+     - The certificate will have "BEGIN CERTIFICATE" and "END CERTIFICATE"
       markers.
-     o If you want to see the data in the certificate, you can do: "openssl
+     - If you want to see the data in the certificate, you can do: "openssl
       x509 -inform PEM -in certfile -text -out certdata" where certfile is
       the cert you extracted from logfile. Look in certdata.
-     o If you want to trust the certificate, you can append it to your
+     - If you want to trust the certificate, you can append it to your
-       cert_bundle or use it stand-alone as described. Just remember that the
+       cert bundle or use it stand-alone as described. Just remember that the
       security is no better than the way you obtained the certificate.
 4. If you're using the curl command line tool, you can specify your own CA
-    cert path by setting the environment variable CURL_CA_BUNDLE to the path
+    cert path by setting the environment variable `CURL_CA_BUNDLE` to the path
    of your choice.
    If you're using the curl command line tool on Windows, curl will search
@@ -86,9 +109,7 @@ server, do one of the following:
 5. Get a better/different/newer CA cert bundle! One option is to extract the
    one a recent Firefox browser uses by running 'make ca-bundle' in the curl
    build tree root, or possibly download a version that was generated this
-    way for you:
+    way for you: [CA Extract](http://curl.haxx.se/docs/caextract.html)
        http://curl.haxx.se/docs/caextract.html
 Neglecting to use one of the above methods when dealing with a server using a
 certificate that isn't signed by one of the certificates in the installed CA
@@ -96,35 +117,29 @@ cert bundle, will cause SSL to report an error ("certificate verify failed")
 during the handshake and SSL will then refuse further communication with that
 server.
-                      Peer SSL Certificate Verification with NSS
+Certificate Verification with NSS
-                      ==========================================
+---------------------------------
 If libcurl was built with NSS support, then depending on the OS distribution,
-it is probably required to take some additional steps to use the system-wide CA
+it is probably required to take some additional steps to use the system-wide
-cert db. RedHat ships with an additional module, libnsspem.so, which enables
+CA cert db. RedHat ships with an additional module, libnsspem.so, which
-NSS to read the OpenSSL PEM CA bundle. This library is missing in OpenSuSE, and
+enables NSS to read the OpenSSL PEM CA bundle. This library is missing in
-without it, NSS can only work with its own internal formats. NSS also has a new
+OpenSuSE, and without it, NSS can only work with its own internal formats. NSS
-database format: https://wiki.mozilla.org/NSS_Shared_DB
+also has a new [database format](https://wiki.mozilla.org/NSS_Shared_DB).
-Starting with version 7.19.7, libcurl will check for the NSS version it runs,
+Starting with version 7.19.7, libcurl automatically adds the 'sql:' prefix to
-and automatically add the 'sql:' prefix to the certdb directory (either the
+the certdb directory (either the hardcoded default /etc/pki/nssdb or the
-hardcoded default /etc/pki/nssdb or the directory configured with SSL_DIR
+directory configured with SSL_DIR environment variable). To check which certdb
-environment variable) if version 3.12.0 or later is detected. To check which
+format your distribution provides, examine the default certdb location:
-ertdb format your distribution provides, examine the default
+/etc/pki/nssdb; the new certdb format can be identified by the filenames
-certdb location: /etc/pki/nssdb; the new certdb format can be identified by
+cert9.db, key4.db, pkcs11.txt; filenames of older versions are cert8.db,
-the filenames cert9.db, key4.db, pkcs11.txt; filenames of older versions are
+key3.db, secmod.db.
 cert8.db, key3.db, modsec.db.
-Usually these cert databases are empty, but NSS also has built-in CAs which are
+Certificate Verification with Schannel and Secure Transport
-provided through a shared library, libnssckbi.so; if you want to use these
+-----------------------------------------------------------
 built-in CAs, then create a symlink to libnssckbi.so in /etc/pki/nssdb:
 ln -s /usr/lib[64]/libnssckbi.so /etc/pki/nssdb/libnssckbi.so
-     Peer SSL Certificate Verification with Schannel and Secure Transport
+If libcurl was built with Schannel (Microsoft's native TLS engine) or Secure
-     ====================================================================
+Transport (Apple's native TLS engine) support, then libcurl will still perform
 If libcurl was built with Schannel (Microsoft's TLS/SSL engine) or Secure
 Transport (Apple's TLS/SSL engine) support, then libcurl will still perform
 peer certificate verification, but instead of using a CA cert bundle, it will
 use the certificates that are built into the OS. These are the same
 certificates that appear in the Internet Options control panel (under Windows)
--- a/docs/THANKS
+++ b/docs/THANKS
@@ -4,11 +4,14 @@
 If you have contributed but are missing here, please let us know!
 Aaro Koskinen
 Aaron Oneal
 Aaron Orenstein
 Abram Pousada
 Adam D. Moss
 Adam Light
 Adam Piggott
 Adam Sampson
 Adam Tkac
 Adrian Schuur
 Adriano Meirelles
@@ -19,7 +22,7 @@ Alan Pinstein
 Albert Chin-A-Young
 Albert Choy
 Ale Vesely
-Alejandro Alvarez
+Alejandro Alvarez Ayllon
 Aleksandar Milivojevic
 Aleksey Tulinov
 Alessandro Ghedini
@@ -27,6 +30,7 @@ Alessandro Vesely
 Alex Bligh
 Alex Fishman
 Alex Gruz
 Alex McLellan
 Alex Neblett
 Alex Suykov
 Alex Vinnik
@@ -44,6 +48,7 @@ Alexey Zakhlestin
 Alexis Carvalho
 Alfred Gebert
 Allen Pulsifer
 Alona Rossen
 Amol Pattekar
 Amr Shahin
 Anatoli Tubman
@@ -51,6 +56,7 @@ Anders Gustafsson
 Anders Havn
 Andi Jahja
 Andre Guibert de Bruet
 Andre Heinecke
 Andreas Damm
 Andreas Faerber
 Andreas Farber
@@ -62,7 +68,8 @@ Andreas Schuldei
 Andreas Wurf
 Andrei Benea
 Andrei Cipu
-Andres Garcia
+Andrei Kurushin
 Andrej E Baranov
 Andrew Benham
 Andrew Biggs
 Andrew Bushnell
@@ -78,6 +85,7 @@ Andy Cedilnik
 Andy Serpa
 Andy Tsouladze
 Angus Mackay
 Anthon Pang
 Anthony Bryan
 Anthony G. Basile
 Antoine Calando
@@ -91,12 +99,17 @@ Arnaud Compan
 Arnaud Ebalard
 Arthur Murray
 Arve Knudsen
 Arvid Norberg
 Ask Bjørn Hansen
 Askar Safin
 Ates Goral
 Augustus Saunders
 Avery Fay
 Axel Tillequin
 Balaji Parasuram
 Balaji Salunke
 Balint Szilakszi
 Barry Abrahamson
 Bart Whiteley
 Bas Mevissen
 Ben Darnell
@@ -109,12 +122,16 @@ Benbuck Nason
 Benjamin Gerard
 Benjamin Gilbert
 Benjamin Johnson
 Benoit Neil
 Benoit Sigoure
 Bernard Leak
 Bernhard Reutner-Fischer
 Bertrand Demiddelaer
 Bill Doyle
 Bill Egert
 Bill Hoffman
 Bill Middlecamp
 Bill Nagel
 Bjoern Sikora
 Bjorn Augustsson
 Bjorn Reese
@@ -127,7 +144,9 @@ Bogdan Nicula
 Brad Burdick
 Brad Hards
 Brad King
 Brad Spencer
 Bradford Bruce
 Brandon Casey
 Brandon Wang
 Brendan Jurd
 Brent Beardsley
@@ -138,6 +157,7 @@ Brian R Duffy
 Brian Ulm
 Brock Noland
 Bruce Mitchener
 Bruno Thomsen
 Bruno de Carvalho
 Bryan Henderson
 Bryan Kemp
@@ -145,22 +165,25 @@ Byrial Jensen
 Cameron Kaiser
 Camille Moncelier
 Caolan McNamara
 Carlo Wood
 Carsten Lange
 Casey O'Donnell
-Cedric Deltheil
+Catalin Patulea
 Chad Monroe
 Chandrakant Bagul
 Charles Kerr
 Chen Prog
 Chih-Chung Chang
 Chris "Bob Bob"
 Chris Combes
-Chris Conroy
+Chris Conlon
 Chris Deidun
 Chris Flerackers
 Chris Gaukroger
 Chris Maltby
 Chris Mumford
 Chris Smowton
 Chris Young
 Christian Grothoff
 Christian Hägele
 Christian Krause
@@ -181,6 +204,9 @@ Clarence Gardner
 Clemens Gruber
 Clifford Wolf
 Cody Jones
 Cody Mack
 Colby Ranger
 Colin Blair
 Colin Hogben
 Colin Watson
 Colm Buckley
@@ -194,8 +220,10 @@ Cristian Rodríguez
 Curt Bogmine
 Cyrill Osterwalder
 Cédric Deltheil
 D. Flinkmann
 Dag Ekengren
 Dagobert Michelsen
 Damian Dixon
 Damien Adant
 Dan Becker
 Dan C
@@ -221,6 +249,7 @@ Dave Halbakken
 Dave Hamilton
 Dave May
 Dave Reisner
 Dave Thompson
 Dave Vasilevsky
 David Bau
 David Binderman
@@ -237,21 +266,31 @@ David Kimdon
 David Lang
 David LeBlanc
 David McCreedy
 David Meyer
 David Odin
 David Phillips
 David Rosenstrauch
 David Ryskalczyk
 David Shaw
 David Strauss
 David Tarendash
 David Thiel
 David Walser
 David Woodhouse
 David Wright
 David Yan
 Dengminwen
 Dennis Clarke
 Derek Higgins
 Detlef Schmier
 Didier Brisebourg
 Diego Casorran
 Dilyan Palauzov
 Dima Barsky
 Dima Tisnek
 Dimitar Boevski
 Dimitre Dimitrov
 Dimitrios Siganos
 Dimitris Sarris
 Dinar
 Dirk Eddelbuettel
@@ -259,6 +298,7 @@ Dirk Manske
 Dmitri Shubin
 Dmitriy Sergeyev
 Dmitry Bartsevich
 Dmitry Falko
 Dmitry Kurochkin
 Dmitry Popov
 Dmitry Rechkin
@@ -274,13 +314,13 @@ Douglas R. Horner
 Douglas Steinwand
 Dov Murik
 Duane Cathey
 Duncan
 Duncan Mac-Vicar Prett
 Dustin Boswell
 Dylan Ellicott
 Dylan Salisbury
 Early Ehlinger
 Ebenezer Ikonne
 Ed Morley
 Edin Kadribasic
 Eduard Bloch
 Edward Rudd
@@ -289,6 +329,7 @@ Eelco Dolstra
 Eetu Ojanen
 Eldar Zaitov
 Ellis Pritchard
 Elmira A Semenova
 Emanuele Bovisio
 Emil Romanus
 Emiliano Ida
@@ -298,6 +339,7 @@ Eric Cooper
 Eric Hu
 Eric Landes
 Eric Lavigne
 Eric Lubin
 Eric Melville
 Eric Mertens
 Eric Rautman
@@ -308,20 +350,26 @@ Eric Wong
 Eric Young
 Erick Nuwendam
 Erik Johansson
 Ernest Beinrohr
 Erwan Legrand
 Erwin Authried
 Ethan Glasser Camp
 Eugene Kotlyarov
 Evan Jordan
 Evgeny Turnaev
 Eygene Ryabinkin
 Fabian Frank
 Fabian Hiernaux
 Fabian Keil
 Fabrizio Ammollo
 Fedor Karpelevitch
 Felix Yan
 Felix von Leitner
 Feng Tu
 Florian Schoppmann
 Florian Weimer
 Forrest Cahoon
 Frank Gevaerts
 Frank Hempel
 Frank Keeney
 Frank McGeough
@@ -329,6 +377,7 @@ Frank Meier
 Frank Ticheler
 Frank Van Uffelen
 František Kučera
 François Charlier
 Fred Machado
 Fred New
 Fred Noz
@@ -342,11 +391,14 @@ Gautam Kachroo
 Gautam Mani
 Gavrie Philipson
 Gaz Iqbal
 Gaël Portay
 Geoff Beier
 Georg Horn
 Georg Huettenegger
 Georg Lippitsch
 Georg Wicherski
 Gerd v. Egidy
 Gergely Nagy
 Gerhard Herre
 Gerrit Bruchhäuser
 Ghennadi Procopciuc
@@ -359,21 +411,27 @@ Gilles Blanc
 Gisle Vanem
 Giuseppe Attardi
 Giuseppe D'Ambrosio
 Glen A Johnson Jr.
 Glen Nakamura
 Glen Scott
-Gokhan Sengun
+Glenn Sheridan
 Gordon Marler
 Gorilla Maguila
 Grant Erickson
 Greg Hewgill
 Greg Morse
 Greg Onufer
 Greg Pratt
 Greg Zavertnik
 Grigory Entin
 Guenole Bescon
 Guenter Knauf
 Guido Berhoerster
 Guillaume Arluison
 Gunter Knauf
 Gustaf Hui
 Gwenole Beauchesne
 Gökhan Şengün
 Götz Babin-Ebell
 Hamish Mackenzie
 Hang Kin Lau
@@ -382,10 +440,14 @@ Hanno Kranzhoff
 Hans Steegers
 Hans-Jurgen May
 Hardeep Singh
 Haris Okanovic
 Harshal Pradhan
 Hauke Duden
 He Qin
 Heikki Korpela
 Heinrich Ko
 Heinrich Schaefer
 Helwing Lutz
 Hendrik Visage
 Henrik Storner
 Henry Ludemann
@@ -395,6 +457,7 @@ Ho-chi Chen
 Hoi-Ho Chan
 Hongli Lai
 Howard Chu
 Hubert Kario
 Hzhijun
 Ian D Allen
 Ian Ford
@@ -406,6 +469,7 @@ Ignacio Vazquez-Abrams
 Igor Franchuk
 Igor Novoseltsev
 Igor Polyakov
 Iida Yosiaki
 Ilguiz Latypov
 Ilja van Sprundel
 Immanuel Gregoire
@@ -413,15 +477,18 @@ Ingmar Runge
 Ingo Ralf Blum
 Ingo Wilken
 Ishan SinghLevett
 Ivo Bellin Salarin
 Jack Zhang
 Jacky Lam
 Jacob Meuser
 Jacob Moshenko
 Jad Chamcham
 Jakub Zakrzewski
 James Bursa
 James Cheng
 James Clancy
 James Cone
 James Dury
 James Gallagher
 James Griffiths
 James Housley
@@ -436,11 +503,13 @@ Jan Schaumann
 Jan Van Boghout
 Jared Jennings
 Jared Lundell
 Jari Aalto
 Jari Sundell
 Jason Glasgow
 Jason Liu
 Jason McDonald
 Jason S. Priebe
 Javier Barroso
 Jay Austin
 Jayesh A Shah
 Jaz Fresh
@@ -449,19 +518,24 @@ Jean-Claude Chauve
 Jean-Francois Bertrand
 Jean-Louis Lemaire
 Jean-Marc Ranger
-Jean-Noel Rouvignac
+Jean-Noël Rouvignac
 Jean-Philippe Barrette-LaPierre
 Jeff Connelly
 Jeff Hodges
 Jeff Johnson
 Jeff King
 Jeff Lawson
 Jeff Phillips
 Jeff Pohlmeyer
 Jeff Weber
 Jeffrey Pohlmeyer
 Jeremy Friesner
 Jeremy Huddleston
 Jeremy Lin
 Jeroen Koekkoek
 Jerome Muffat-Meridol
 Jerome Robert
 Jerome Vouillon
 Jerry Krinock
 Jerry Wu
 Jes Badwal
 Jesper Jensen
@@ -473,6 +547,7 @@ Jim Hollinger
 Jim Meyering
 Jiri Hruska
 Jiri Jaburek
 Jiri Malak
 Jocelyn Jaubert
 Joe Halpin
 Joe Malicki
@@ -483,9 +558,12 @@ Johan Anderson
 Johan Nilsson
 Johan van Selst
 Johannes Bauer
 Johannes Ernst
 John Bradshaw
 John Coffey
 John Crow
 John Dennis
 John Dunn
 John E. Malmberg
 John Gardiner Myers
 John Janssen
@@ -503,14 +581,18 @@ Johnny Luong
 Jon Grubbs
 Jon Nelson
 Jon Sargeant
 Jon Torrey
 Jon Travis
 Jon Turner
 Jonas Forsman
 Jonas Schnelli
 Jonatan Lander
 Jonatan Vela
 Jonathan Cardoso Machado
 Jonathan Hseu
 Jonathan Nieder
 Jongki Suwandi
 Jose Alf
 Jose Kahan
 Josef Wolf
 Josh Kapell
@@ -530,15 +612,16 @@ Jun-ichiro itojun Hagino
 Jurij Smakov
 Justin Fletcher
 Justin Karneges
 Justin Maggard
 Jörg Mueller-Tolk
 Jörn Hartroth
 K. R. Walker
 Kai Engert
 Kai Sommerfeld
 Kai-Uwe Rommel
 Kalle Vahlman
 Kamil Dudka
 Kang-Jin Lee
 Karl M
 Karl Moerder
 Karol Pietrzak
 Kaspar Brand
@@ -569,10 +652,13 @@ Krishnendu Majumdar
 Krister Johansen
 Kristian Gunstone
 Kristian Köhntopp
 Kyle L. Huff
 Kyle Sallee
 Lachlan O'Dea
 Larry Campbell
 Larry Fahnoe
 Larry Lin
 Larry Stone
 Lars Buitinck
 Lars Gustafsson
 Lars J. Aas
@@ -583,12 +669,16 @@ Lau Hang Kin
 Laurent Rabret
 Legoff Vincent
 Lehel Bernadt
 Leif W
 Len Krause
 Lenaic Lefever
 Lenny Rachitsky
 Leon Winter
 Leonardo Rosati
 Liam Healy
 Lijo Antony
 Linas Vepstas
 Lindley French
 Ling Thio
 Linus Nielsen Feltzing
 Lisa Xu
@@ -596,21 +686,28 @@ Liza Alenchery
 Lluís Batlle i Rossell
 Loic Dachary
 Loren Kirkby
 Luan Cestari
 Luca Altea
 Luca Alteas
 Lucas Adamski
 Lucas Pardue
 Ludek Finstrle
 Ludovico Cavedon
 Lukasz Czekierda
 Luke Amery
 Luke Call
 Luke Dashjr
 Luong Dinh Dung
 Lyndon Hill
 Maciej Karpiuk
 Maciej Puzio
 Maciej W. Rozycki
 Maks Naumov
 Mamoru Tasaka
 Mandy Wu
 Manfred Schwarb
 Manuel Massing
 Marc Boucher
 Marc Deslauriers
 Marc Doughty
 Marc Hoersken
 Marc Kleine-Budde
@@ -618,6 +715,7 @@ Marcel Raad
 Marcel Roelofs
 Marcelo Juchem
 Marcin Adamski
 Marcin Gryszkalis
 Marcin Konicki
 Marco G. Salvagno
 Marco Maggi
@@ -655,6 +753,7 @@ Mateusz Loskot
 Mathias Axelsson
 Mats Lidell
 Matt Arsenault
 Matt Ford
 Matt Kraai
 Matt Veenstra
 Matt Witherspoon
@@ -672,6 +771,7 @@ Maxim Prohorov
 Maxime Larocque
 Mehmet Bozkurt
 Mekonikum
 Melissa Mears
 Mettgut Jamalla
 Michael Benedict
 Michael Calmer
@@ -683,15 +783,17 @@ Michael Jahn
 Michael Jerris
 Michael Mealling
 Michael Mueller
 Michael Osipov
 Michael Smith
 Michael Stillwell
 Michael Wallner
 Michal Bonino
 Michal Gorny
 Michal Kowalczyk
 Michal Marek
 Michał Górny
 Michał Kowalczyk
 Michele Bini
 Miguel Angel
 Miguel Diaz
 Mihai Ionescu
 Mikael Johansson
 Mikael Sennerholm
@@ -699,17 +801,22 @@ Mike Bytnar
 Mike Crowe
 Mike Dobbs
 Mike Giancola
 Mike Hasselberg
 Mike Henshaw
 Mike Hommey
 Mike Mio
 Mike Power
 Mike Protts
 Mike Revi
 Miklos Nemeth
 Miroslav Spousta
 Mitz Wark
 Mohamed Lrhazi
 Mohammad AlSaleh
 Mohun Biswas
 Moonesamy
 Myk Taylor
 Nach M. S.
 Nagai H
 Nathan Coulter
 Nathan O'Sullivan
 Nathanael Nerode
@@ -740,10 +847,12 @@ Nodak Sodak
 Norbert Frese
 Norbert Novotny
 Ofer
 Ola Mork
 Olaf Flebbe
 Olaf Stueben
 Olaf Stüben
 Oliver Gondža
 Oliver Kuckertz
 Oliver Schindler
 Olivier Berger
 Oren Tirosh
 Ori Avtalion
@@ -751,23 +860,30 @@ Oscar Koeroo
 Oscar Norlander
 P R Schaffner
 Paolo Piacentini
 Paras Sethia
 Pascal Terjan
 Pasha Kuznetsov
 Pasi Karkkainen
 Pat Ray
 Patrice Guerin
 Patricia Muscalu
 Patrick Bihan-Faou
 Patrick McManus
 Patrick Monnerat
 Patrick Scott
 Patrick Smith
 Patrick Watson
 Patrik Thunstrom
 Pau Garcia i Quiles
 Paul Donohue
 Paul Harrington
 Paul Howarth
 Paul Marks
 Paul Marquis
 Paul Moore
 Paul Nolan
 Paul Querna
 Paul Saab
 Pavel Cenek
 Pavel Orehov
 Pavel Raiskup
@@ -775,7 +891,6 @@ Pawel A. Gajda
 Pawel Kierski
 Pedro Larroy
 Pedro Neves
 Pete Su
 Peter Bray
 Peter Forret
 Peter Gal
@@ -790,8 +905,13 @@ Peter Su
 Peter Sylvester
 Peter Todd
 Peter Verhas
 Peter Wang
 Peter Wu
 Peter Wullinger
 Peteris Krumins
 Petr Bahula
 Petr Novak
 Petr Pisar
 Phil Blundell
 Phil Karn
 Phil Lisiecki
@@ -809,12 +929,16 @@ Pierre Joye
 Pierre Ynard
 Pooyan McSporran
 Pramod Sharma
 Prash Dush
 Priyanka Shah
 Puneet Pawaia
 Quagmire
 Quanah Gibson-Mount
 Quinn Slack
 Radu Simionescu
 Rafa Muyo
 Rafael Sagula
 Rafaël Carré
 Rainer Canavan
 Rainer Jung
 Rainer Koenig
@@ -827,7 +951,9 @@ Randy McMurchy
 Ravi Pratap
 Ray Dassen
 Ray Pekowski
 Ray Satiro
 Reinout van Schouwen
 Remi Gacogne
 Renato Botelho
 Renaud Chaillat
 Renaud Duhaut
@@ -846,11 +972,13 @@ Richard Clayton
 Richard Cooper
 Richard Gorton
 Richard Michael
 Richard Moore
 Richard Prescott
 Richard Silverman
 Rick Jones
 Rick Richardson
 Rob Crittenden
 Rob Davies
 Rob Jones
 Rob Stanzel
 Rob Ward
@@ -868,6 +996,7 @@ Robin Johnson
 Robin Kay
 Robson Braga Araujo
 Rodney Simmons
 Rodric Glaser
 Rodrigo Silva
 Roland Blom
 Roland Krikava
@@ -875,20 +1004,23 @@ Roland Zimmermann
 Rolland Dudemaine
 Roman Koifman
 Roman Mamedov
 Romulo A. Ceccon
 Ron Parker
 Ron Zapp
 Rosimildo da Silva
 Roy Shan
 Rune Kleveland
 Ruslan Gazizov
 Rutger Hofman
 Ryan Braud
 Ryan Chan
 Ryan Nelson
 Ryan Schmidt
 Rémy Léone
 S. Moonesamy
 Salvador Dávila
 Salvatore Sorrentino
 Sam Deane
 Sam Listopad
 Sampo Kellomaki
 Samuel Díaz García
 Samuel Listopad
@@ -899,6 +1031,7 @@ Santhana Todatry
 Saqib Ali
 Sara Golemon
 Saran Neti
 Sascha Swiercy
 Saul good
 Scott Bailey
 Scott Barrett
@@ -906,14 +1039,16 @@ Scott Cantor
 Scott Davis
 Scott McCreary
 Sebastian Rasmussen
 Sebastien Willemijns
 Senthil Raja Velu
 Sergei Nikulov
 Sergey Tatarincev
 Sergio Ballestrero
 Seshubabu Pasam
 Sh Diao
 Shao Shuchao
 Sharad Gupta
 Shard
 Shawn Landden
 Shawn Poulson
 Shmulik Regev
 Siddhartha Prakash Jain
@@ -926,6 +1061,7 @@ Song Ma
 Sonia Subramanian
 Spacen Jasset
 Spiridonoff A.V
 Spork Schivago
 Stadler Stephan
 Stan van de Burgt
 Stanislav Ivochkin
@@ -935,6 +1071,7 @@ Stefan Neis
 Stefan Teleman
 Stefan Tomanek
 Stefan Ulrich
 Steinar H. Gunderson
 Stephan Bergmann
 Stephen Collyer
 Stephen Kick
@@ -954,9 +1091,11 @@ Steven Gu
 Steven M. Schweda
 Steven Parkes
 Stoned Elipot
 Sune Ahlgren
 Sven Anders
 Sven Neuhaus
 Sven Wegener
 Symeon Paraschoudis
 Sébastien Willemijns
 T. Bharath
 T. Yamada
@@ -964,12 +1103,15 @@ Taneli Vahakangas
 Tanguy Fautre
 Tatsuhiro Tsujikawa
 Temprimus
 Thomas Braun
 Thomas J. Moore
 Thomas Klausner
 Thomas L. Shinnick
 Thomas Lopatic
 Thomas Schwinge
 Thomas Tonino
 Tiit Pikma
 Till Maas
 Tim Ansell
 Tim Baker
 Tim Bartley
@@ -978,9 +1120,12 @@ Tim Costello
 Tim Harder
 Tim Heckman
 Tim Newsome
 Tim Ruehsen
 Tim Sneddon
 Tim Starling
 Timo Sirainen
 Tinus van den Berg
 Tobias Markus
 Tobias Rundström
 Toby Peterson
 Todd A Ouska
@@ -995,8 +1140,10 @@ Tom Mattison
 Tom Moers
 Tom Mueller
 Tom Regner
 Tom Sparrow
 Tom Wright
 Tom Zerucha
 Tomas Hoger
 Tomas Mlcoch
 Tomas Pospisek
 Tomas Szepe
@@ -1014,12 +1161,18 @@ Traian Nicolescu
 Troels Walsted Hansen
 Troy Engel
 Tupone Alfredo
 Tyler Hall
 Török Edwin
 Ulf Härnhammar
 Ulf Samuelsson
 Ulrich Doehner
 Ulrich Telle
 Ulrich Zadow
 Venkat Akella
 Victor Snezhko
 Vijay Panghal
 Vikram Saxena
 Viktor Szakáts
 Vilmos Nebehaj
 Vincent Bronner
 Vincent Le Normand
@@ -1033,6 +1186,7 @@ Vladimir Lazarenko
 Vojtech Janota
 Vojtech Minarik
 Vsevolod Novikov
 Waldek Kozba
 Walter J. Mack
 Ward Willats
 Wayne Haigh
@@ -1041,15 +1195,22 @@ Wesley Laxton
 Wesley Miaw
 Wez Furlong
 Wilfredo Sanchez
 Will Dietz
 Willem Sparreboom
 William Ahern
 Wojciech Zwiefka
 Wouter Van Rooy
 Wu Yongzheng
 Xavier Bouchoux
-Yamada Yasuharu
+Yaakov Selkowitz
 Yang Tse
 Yarram Sunil
 Yasuharu Yamada
 Yehezkel Horowitz
 Yehoshua Hershberg
 Yi Huang
 Yingwei Liu
 Yousuke Kimoto
 Yukihiro Kawada
 Yuriy Sosov
 Yves Arrouye
@@ -1061,3 +1222,4 @@ Zvi Har'El
 nk
 swalkaus at yahoo.com
 tommink[at]post.pl
 Никита Дорохин
--- a/docs/THANKS-filter
+++ b/docs/THANKS-filter
@@ -0,0 +1,48 @@
 # This is a list of names we have recorded that already are thanked
 # appropriately in THANKS. This list contains variations of their names and
 # their "canonical" name. This file is used for scripting purposes to avoid
 # duplicate entries and will not be included in release tarballs.
 # When removing dupes that aren't identical names from THANKS, add a line
 # here!
 #
 # Used-by: contributor.sh
 s/Andres Garcia/Andrés García/
 s/Chris Conroy/Christopher Conroy/
 s/Francois Charlier/François Charlier/
 s/Gokhan Sengun/Gökhan Şengün/
 s/John Malmberg/John E. Malmberg/
 s/Luca Alteas/Luca Altea/
 s/Michal Gorny/Michał Górny/
 s/Michal Górny/Michał Górny/
 s/Moonesamy/S. Moonesamy/
 s/Pete Su$/Peter Su/
 s/Sam Listopad/Samuel Listopad/
 s/Sebastien Willemijns/Sébastien Willemijns/
 s/YAMADA Yasuharu/Yasuharu Yamada/
 s/Karl M$/Karl Moerder/
 s/Bjorn Stenberg/Björn Stenberg/
 s/upstream tests 305 and 404//
 s/Gaël PORTAY/Gaël Portay/
 s/Romulo Ceccon/Romulo A. Ceccon/
 s/Nach M. S$/Nach M. S./
 s/Jay Satiro/Ray Satiro/
 s/Richard J. Moore/Richard Moore/
 s/Sergey Nikulov/Sergei Nikulov/
 s/Petr Písař/Petr Pisar/
 s/Nick Zitzmann (originally)/Nick Zitzmann/
 s/product-security at Apple//
 s/IT DOES NOT WORK//
 s/Albert Chin/Albert Chin-A-Young/
 s/Paras S/Paras Sethia/
 s/Дмитрий Фалько/Dmitry Falko/
 s/byte_bucket in the #curl IRC channel//
 s/Michal Górny and Anthony G. Basile//
 s/Alejandro Alvarez$/Alejandro Alvarez Ayllon/
 s/Ant Bryan/Anthony Bryan/
 s/Cédric Deltheil/Cédric Deltheil/
 s/Christian Hagele/Christian Hägele/
 s/douglas steinwand/Douglas Steinwand/
 s/Frank Van Uffelen and Fabian Hiernaux//
 s/Rodrigo Silva (MestreLion)/Rodrigo Silva/
 s/tetetest tetetest//
 s/Jiří Hruška/Jiri Hruska/
--- a/docs/TODO
+++ b/docs/TODO
@@ -16,29 +16,34 @@
 1.3 struct lifreq
 1.4 signal-based resolver timeouts
 1.5 get rid of PATH_MAX
- 1.6 Happy Eyeball dual stack connect
+ 1.6 Modified buffer size approach
- 1.7 Modified buffer size approach
+ 1.7 Detect when called from within callbacks
 1.8 Allow SSL (HTTPS) to proxy
 1.9 Cache negative name resolves
 2. libcurl - multi interface
 2.1 More non-blocking
 2.2 Fix HTTP Pipelining for PUT
 2.3 Better support for same name resolves
 3. Documentation
- 3.1  More and better
+ 3.1 Update date and version in man pages
 4. FTP
 4.1 HOST
 4.2 Alter passive/active on failure and retry
 4.3 Earlier bad letter detection
 4.4 REST for large files
- 4.5 FTP proxy support
+ 4.5 ASCII support
- 4.6 ASCII support
+ 4.6 GSSAPI via Windows SSPI
 4.7 STAT for LIST without data connection
 5. HTTP
 5.1 Better persistency for HTTP 1.0
 5.2 support FF3 sqlite cookie files
 5.3 Rearrange request header order
- 5.4 HTTP2/SPDY
+ 5.4 SPDY
 5.5 auth= in URLs
 6. TELNET
 6.1 ditch stdin
@@ -48,17 +53,14 @@
 7. SMTP
 7.1 Pipelining
- 7.2 Graceful base64 decoding failure
+ 7.2 Enhanced capability support
 7.3 Enhanced capability support
 8. POP3
 8.1 Pipelining
- 8.2 Graceful base64 decoding failure
+ 8.2 Enhanced capability support
 8.3 Enhanced capability support
 9. IMAP
- 9.1 Graceful base64 decoding failure
+ 9.1 Enhanced capability support
 9.2 Enhanced capability support
 10. LDAP
 10.1 SASL based authentication mechanisms
@@ -73,9 +75,8 @@
 12.4 Cache OpenSSL contexts
 12.5 Export session ids
 12.6 Provide callback for cert verification
- 12.7 Support other SSL libraries
+ 12.7 improve configure --with-ssl
- 12.8 improve configure --with-ssl
+ 12.8 Support DANE
 12.9 Support DANE
 13. GnuTLS
 13.1 SSL engine stuff
@@ -83,6 +84,7 @@
 14. SASL
 14.1 Other authentication mechanisms
 14.2 Add QOP support to GSSAPI authentication
 15. Client
 15.1 sync
@@ -90,9 +92,7 @@
 15.3 prevent file overwriting
 15.4 simultaneous parallel transfers
 15.5 provide formpost headers
- 15.6 url-specific options
+ 15.6 warning when setting an option
 15.7 warning when setting an option
 15.8 IPv6 addresses with globbing
 16. Build
 16.1 roffit
@@ -102,9 +102,10 @@
 17.2 nicer lacking perl message
 17.3 more protocols supported
 17.4 more platforms supported
 17.5 Add support for concurrent connections
 18. Next SONAME bump
- 18.1 http-style HEAD output for ftp
+ 18.1 http-style HEAD output for FTP
 18.2 combine error codes
 18.3 extend CURLOPT_SOCKOPTFUNCTION prototype
@@ -134,7 +135,7 @@
 Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
 SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete.
- To support ipv6 interface addresses for network interfaces properly.
+ To support IPv6 interface addresses for network interfaces properly.
 1.4 signal-based resolver timeouts
@@ -157,19 +158,7 @@
 we need libssh2 to properly tell us when we pass in a too small buffer and
 its current API (as of libssh2 1.2.7) doesn't.
-1.6 Happy Eyeball dual stack connect
+1.6 Modified buffer size approach
 In order to make alternative technologies not suffer when transitioning, like
 when introducing IPv6 as an alternative to IPv4 and there are more than one
 option existing simultaneously there are reasons to reconsider internal
 choices.
 To make libcurl do blazing fast IPv6 in a dual-stack configuration, this needs
 to be addressed:
    http://tools.ietf.org/html/rfc6555
 1.7 Modified buffer size approach
 Current libcurl allocates a fixed 16K size buffer for download and an
 additional 16K for upload. They are always unconditionally part of the easy
@@ -190,6 +179,26 @@
 Dynamically allocate buffer size depending on protocol in use in combination
 with freeing it after each individual transfer? Other suggestions?
 1.7 Detect when called from within callbacks
 We should set a state variable before calling callbacks, so that we
 subsequently can add code within libcurl that returns error if called within
 callbacks for when that's not supported.
 1.8 Allow SSL (HTTPS) to proxy
 To prevent local users from snooping on your traffic to the proxy. Supported
 by Chrome already:
 http://www.chromium.org/developers/design-documents/secure-web-proxy
 ...and by Firefox soon:
 https://bugzilla.mozilla.org/show_bug.cgi?id=378637
 1.9 Cache negative name resolves
 A name resolve that has failed is likely to fail when made again within a
 short period of time. Currently we only cache positive responses.
 2. libcurl - multi interface
@@ -213,20 +222,31 @@
 serial requests and currently libcurl only supports that for HEAD and GET
 requests but it should also be possible for PUT.
 2.3 Better support for same name resolves
 If a name resolve has been initiated for name NN and a second easy handle
 wants to resolve that name as well, make it wait for the first resolve to end
 up in the cache instead of doing a second separate resolve. This is
 especially needed when adding many simultaneous handles using the same host
 name when the DNS resolver can get flooded.
 3. Documentation
-3.1  More and better
+3.1 Update date and version in man pages
- Exactly
+ 'maketgz' or another suitable script could update the .TH sections of the man
 pages at release time to use the current date and curl/libcurl version
 number.
 4. FTP
 4.1 HOST
- HOST is a suggested command in the works for a client to tell which host name
+ HOST is a command for a client to tell which host name to use, to offer FTP
- to use, to offer FTP servers named-based virtual hosting:
+ servers named-based virtual hosting:
- http://tools.ietf.org/html/draft-hethmon-mcmurray-ftp-hosts-11
+ http://tools.ietf.org/html/rfc7151
 4.2 Alter passive/active on failure and retry
@@ -237,7 +257,7 @@
 4.3 Earlier bad letter detection
- Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in the
+ Make the detection of (bad) %0d and %0a codes in FTP URL parts earlier in the
 process to avoid doing a resolve and connect in vain.
 4.4 REST for large files
@@ -246,17 +266,25 @@
 the server doesn't set the pointer to the requested index. The tricky
 (impossible?) part is to figure out if the server did the right thing or not.
-4.5 FTP proxy support
+4.5 ASCII support
 Support the most common FTP proxies, Philip Newton provided a list allegedly
 from ncftp. This is not a subject without debate, and is probably not really
 suitable for libcurl.  http://curl.haxx.se/mail/archive-2003-04/0126.html
 4.6 ASCII support
 FTP ASCII transfers do not follow RFC959. They don't convert the data
 accordingly.
 4.6 GSSAPI via Windows SSPI
 In addition to currently supporting the SASL GSSAPI mechanism (Kerberos V5)
 via third-party GSS-API libraries, such as Heimdal or MIT Kerberos, also add
 support for GSSAPI authentication via Windows SSPI.
 4.7 STAT for LIST without data connection
 Some FTP servers allow STAT for listing directories instead of using LIST, and
 the response is then sent over the control connection instead of as the
 otherwise usedw data connection: http://www.nsftools.com/tips/RawFTP.htm#STAT
 This is not detailed in any FTP specification.
 5. HTTP
 5.1 Better persistency for HTTP 1.0
@@ -282,24 +310,25 @@
 headers use a default value so only headers that need to be moved have to be
 specified.
-5.4 HTTP2/SPDY
+5.4 SPDY
- The first drafts for HTTP2 have been published
+ Chrome and Firefox already support SPDY and lots of web services do. There's
- (http://tools.ietf.org/html/draft-ietf-httpbis-http2-03) and is so far based
+ a library for us to use for this (spdylay) that has a similar API and the
- on SPDY (http://www.chromium.org/spdy) designs and experiences. Chances are
+ same author as nghttp2.
 it will end up in that style. Chrome and Firefox already support SPDY and
 lots of web services do.
- It would make sense to implement SPDY support now and later transition into
+ spdylay: https://github.com/tatsuhiro-t/spdylay
 or add HTTP2 support as well.
- We should base or HTTP2/SPDY work on a 3rd party library for the protocol
+5.5 auth= in URLs
 fiddling. The Spindy library (http://spindly.haxx.se/) was an attempt to make
 such a library with an API suitable for use by libcurl but that effort has
 more or less stalled.  spdylay (https://github.com/tatsuhiro-t/spdylay) may
 be a better option, either used directly or wrapped with a more spindly-like
 API.
 Add the ability to specify the preferred authentication mechanism to use by
 using ;auth=<mech> in the login part of the URL.
 For example:
 http://test:pass;auth=NTLM@example.com would be equivalent to specifying --user
 test:pass;auth=NTLM or --user test:pass --ntlm from the command line. 
 Additionally this should be implemented for proxy base URLs as well.
 6. TELNET
@@ -331,14 +360,7 @@ to provide the data to send.
 Add support for pipelining emails.
-7.2 Graceful base64 decoding failure
+7.2 Enhanced capability support
 Rather than shutting down the session and returning an error when the
 decoding of a base64 encoded authentication response fails, we should
 gracefully shutdown the authentication process by sending a * response to the
 server as per RFC4954.
 7.3 Enhanced capability support
 Add the ability, for an application that uses libcurl, to obtain the list of
 capabilities returned from the EHLO command.
@@ -349,28 +371,14 @@ to provide the data to send.
 Add support for pipelining commands.
-8.2 Graceful base64 decoding failure
+8.2 Enhanced capability support
 Rather than shutting down the session and returning an error when the
 decoding of a base64 encoded authentication response fails, we should
 gracefully shutdown the authentication process by sending a * response to the
 server as per RFC5034.
 8.3 Enhanced capability support
 Add the ability, for an application that uses libcurl, to obtain the list of
 capabilities returned from the CAPA command.
 9. IMAP
-9.1 Graceful base64 decoding failure
+9.1 Enhanced capability support
 Rather than shutting down the session and returning an error when the
 decoding of a base64 encoded authentication response fails, we should
 gracefully shutdown the authentication process by sending a * response to the
 server as per RFC3501.
 9.2 Enhanced capability support
 Add the ability, for an application that uses libcurl, to obtain the list of
 capabilities returned from the CAPABILITY command.
@@ -382,7 +390,7 @@ to provide the data to send.
 Currently the LDAP module only supports ldap_simple_bind_s() in order to bind
 to an LDAP server. However, this function sends username and password details
 using the simple authentication mechanism (as clear text). However, it should
- be possible to use ldap_bind_s() instead specifing the security context
+ be possible to use ldap_bind_s() instead specifying the security context
 information ourselves.
 11. New protocols
@@ -413,7 +421,7 @@ to provide the data to send.
 12.4 Cache OpenSSL contexts
 "Look at SSL cafile - quick traces look to me like these are done on every
- request as well, when they should only be necessary once per ssl context (or
+ request as well, when they should only be necessary once per SSL context (or
 once per handle)". The major improvement we can rather easily do is to make
 sure we don't create and kill a new SSL "context" for every request, but
 instead make one for every connection and re-use that SSL context in the same
@@ -434,17 +442,12 @@ to provide the data to send.
 certificate, but this doesn't seem to be exposed in the libcurl APIs. Could
 it be? There's so much that could be done if it were!
-12.7 Support other SSL libraries
+12.7 improve configure --with-ssl
 Make curl's SSL layer capable of using other free SSL libraries.  Such as
 MatrixSSL (http://www.matrixssl.org/).
 12.8 improve configure --with-ssl
 make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
 then NSS...
-12.9 Support DANE
+12.8 Support DANE
 DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL
 keys and certs over DNS using DNSSEC as an alternative to the CA model.
@@ -471,7 +474,15 @@ to provide the data to send.
 14.1 Other authentication mechanisms
- Add support for GSSAPI to SMTP, POP3 and IMAP.
+ Add support for other authentication mechanisms such as EXTERNAL, OLP,
 GSS-SPNEGO and others.
 14.2 Add QOP support to GSSAPI authentication
 Currently the GSSAPI authentication only supports the default QOP of auth
 (Authentication), whilst Kerberos V5 supports both auth-int (Authentication
 with integrity protection) and auth-conf (Authentication with integrity and
 privacy protection).
 15. Client
@@ -518,33 +529,12 @@ to provide the data to send.
 which should overwrite the program reasonable defaults (plain/text,
 8bit...)
-15.6 url-specific options
+15.6 warning when setting an option
 Provide a way to make options bound to a specific URL among several on the
 command line. Possibly by letting ':' separate options between URLs,
 similar to this:
    curl --data foo --url url.com : \
        --url url2.com : \
        --url url3.com --data foo3
 (More details: http://curl.haxx.se/mail/archive-2004-07/0133.html)
 The example would do a POST-GET-POST combination on a single command line.
 15.7 warning when setting an option
  Display a warning when libcurl returns an error when setting an option.
  This can be useful to tell when support for a particular feature hasn't been
  compiled into the library.
 15.8 IPv6 addresses with globbing
  Currently the command line client needs to get url globbing disabled (with
  -g) for it to support IPv6 numerical addresses. This is a rather silly flaw
  that should be corrected. It probably involves a smarter detection of the
  '[' and ']' letters.
 16. Build
 16.1 roffit
@@ -567,7 +557,7 @@ to provide the data to send.
 17.3 more protocols supported
- Extend the test suite to include more protocols. The telnet could just do ftp
+ Extend the test suite to include more protocols. The telnet could just do FTP
 or http operations (for which we have test servers).
 17.4 more platforms supported
@@ -575,12 +565,26 @@ to provide the data to send.
 Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
 fork()s and it should become even more portable.
 17.5 Add support for concurrent connections
 Tests 836, 882 and 938 were designed to verify that separate connections aren't
 used when using different login credentials in protocols that shouldn't re-use
 a connection under such circumstances.
 Unfortunately, ftpserver.pl doesn't appear to support multiple concurrent
 connections. The read while() loop seems to loop until it receives a disconnect
 from the client, where it then enters the waiting for connections loop. When
 the client opens a second connection to the server, the first connection hasn't
 been dropped (unless it has been forced - which we shouldn't do in these tests)
 and thus the wait for connections loop is never entered to receive the second
 connection.
 18. Next SONAME bump
-18.1 http-style HEAD output for ftp
+18.1 http-style HEAD output for FTP
 #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
- from being output in NOBODY requests over ftp
+ from being output in NOBODY requests over FTP
 18.2 combine error codes
@@ -614,7 +618,7 @@ to provide the data to send.
 for applications to differentiate on TCP vs UDP and even HTTP vs FTP and
 similar.
-10. Next major release
+19. Next major release
 19.1 cleanup return codes
@@ -678,7 +682,7 @@ to provide the data to send.
 but instead often restricts how the form functions can or can't be modified.
 Changing them to return a private handle will benefit the implementation and
- allow us much greater freedoms while still maintining a solid API and ABI.
+ allow us much greater freedoms while still maintaining a solid API and ABI.
 19.9 have form functions use CURL handle argument
@@ -692,7 +696,7 @@ to provide the data to send.
 Rather than use the URL to specify the mail client string to present in the
 HELO and EHLO commands, libcurl should support a new CURLOPT specifically for
- specifing this data as the URL is non-standard and to be honest a bit of a
+ specifying this data as the URL is non-standard and to be honest a bit of a
 hack ;-)
 Please see the following thread for more information:
--- a/docs/TheArtOfHttpScripting
+++ b/docs/TheArtOfHttpScripting
@@ -1,16 +1,72 @@
-Online:  http://curl.haxx.se/docs/httpscripting.html
+Updated: Dec 24, 2013 (http://curl.haxx.se/docs/httpscripting.html)
-Date:    Jan 19, 2011
+                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|
 The Art Of Scripting HTTP Requests Using Curl
                =============================================
- This document will assume that you're familiar with HTML and general
+ 1. HTTP Scripting
- networking.
+ 1.1 Background
 1.2 The HTTP Protocol
 1.3 See the Protocol
 1.4 See the Timing
 1.5 See the Response
 2. URL
 2.1 Spec
 2.2 Host
 2.3 Port number
 2.4 User name and password
 2.5 Path part
 3. Fetch a page
 3.1 GET
 3.2 HEAD
 4. HTML forms
 4.1 Forms explained
 4.2 GET
 4.3 POST
 4.4 File Upload POST
 4.5 Hidden Fields
 4.6 Figure Out What A POST Looks Like
 5. HTTP upload
 5.1 PUT
 6. HTTP Authentication
 6.1 Basic Authentication
 6.2 Other Authentication
 6.3 Proxy Authentication
 6.4 Hiding credentials
 7. More HTTP Headers
 7.1 Referer
 7.2 User Agent
 8. Redirects
 8.1 Location header
 8.2 Other redirects
 9. Cookies
 9.1 Cookie Basics
 9.2 Cookie options
 10. HTTPS
 10.1 HTTPS is HTTP secure
 10.2 Certificates
 11. Custom Request Elements
 11.1 Modify method and headers
 11.2 More on changed methods
 12. Web Login
 12.1 Some login tricks
 13. Debug
 13.1 Some debug tricks
 14. References
 14.1 Standards
 14.2 Sites
- The possibility to write scripts is essential to make a good computer
+==============================================================================
- system. Unix' capability to be extended by shell scripts and various tools to
+
- run various automated commands and scripts is one reason why it has succeeded
+1. HTTP Scripting
- so well.
+
 1.1 Background
 This document assumes that you're familiar with HTML and general networking.
 The increasing amount of applications moving to the web has made "HTTP
 Scripting" more frequently requested and wanted. To be able to automatically
@@ -27,7 +83,7 @@ Date:    Jan 19, 2011
 to glue everything together using some kind of script language or repeated
 manual invokes.
-1. The HTTP Protocol
+ 1.2 The HTTP Protocol
 HTTP is the protocol used to fetch data from web servers. It is a very simple
 protocol that is built upon TCP/IP. The protocol also allows information to
@@ -44,7 +100,7 @@ Date:    Jan 19, 2011
 well), response headers and most often also a response body. The "body" part
 is the plain data you requested, like the actual HTML or the image etc.
- 1.1 See the Protocol
+ 1.3 See the Protocol
  Using curl's option --verbose (-v as a short option) will display what kind
  of commands curl sends to the server, as well as a few other informational
@@ -59,13 +115,88 @@ Date:    Jan 19, 2011
      curl --trace-ascii debugdump.txt http://www.example.com/
 1.4 See the Timing
  Many times you may wonder what exactly is taking all the time, or you just
  want to know the amount of milliseconds between two points in a
  transfer. For those, and other similar situations, the --trace-time option
  is what you need. It'll prepend the time to each trace output line:
      curl --trace-ascii d.txt --trace-time http://example.com/
 1.5 See the Response
  By default curl sends the response to stdout. You need to redirect it
  somewhere to avoid that, most often that is done with -o or -O.
 2. URL
 2.1 Spec
 The Uniform Resource Locator format is how you specify the address of a
 particular resource on the Internet. You know these, you've seen URLs like
- http://curl.haxx.se or https://yourbank.com a million times.
+ http://curl.haxx.se or https://yourbank.com a million times. RFC 3986 is the
 canonical spec.
-3. GET a page
+ 2.2 Host
 The host name is usually resolved using DNS or your /etc/hosts file to an IP
 address and that's what curl will communicate with. Alternatively you specify
 the IP address directly in the URL instead of a name.
 For development and other trying out situation, you can point out a different
 IP address for a host name than what would otherwise be used, by using curl's
 --resolve option:
      curl --resolve www.example.org:80:127.0.0.1 http://www.example.org/
 2.3 Port number
 Each protocol curl supports operate on a default port number, be it over TCP
 or in some cases UDP. Normally you don't have to take that into
 consideration, but at times you run test servers on other ports or
 similar. Then you can specify the port number in the URL with a colon and a
 number immediately following the host name. Like when doing HTTP to port
 1234:
      curl http://www.example.org:1234/
 The port number you specify in the URL is the number that the server uses to
 offer its services. Sometimes you may use a local proxy, and then you may
 need to specify that proxy's port number separate on what curl needs to
 connect to locally. Like when using a HTTP proxy on port 4321:
      curl --proxy http://proxy.example.org:4321 http://remote.example.org/
 2.4 User name and password
 Some services are setup to require HTTP authentication and then you need to
 provide name and password which then is transferred to the remote site in
 various ways depending on the exact authentication protocol used.
 You can opt to either insert the user and password in the URL or you can
 provide them separately:
      curl http://user:password@example.org/
 or
      curl -u user:password http://example.org/
 You need to pay attention that this kind of HTTP authentication is not what
 is usually done and requested by user-oriented web sites these days. They
 tend to use forms and cookies instead.
 2.5 Path part
 The path part is just sent off to the server to request that it sends back
 the associated response. The path is what is to the right side of the slash
 that follows the host name and possibly port number.
 3. Fetch a page
 3.1 GET
 The simplest and most common request/operation made using HTTP is to get a
 URL. The URL could itself refer to a web page, an image or a file. The client
@@ -79,10 +210,23 @@ Date:    Jan 19, 2011
 All HTTP replies contain a set of response headers that are normally hidden,
 use curl's --include (-i) option to display them as well as the rest of the
- document. You can also ask the remote server for ONLY the headers by using
+ document.
 the --head (-I) option (which will make curl issue a HEAD request).
-4. Forms
+ 3.2 HEAD
 You can ask the remote server for ONLY the headers by using the --head (-I)
 option which will make curl issue a HEAD request. In some special cases
 servers deny the HEAD method while others still work, which is a particular
 kind of annoyance.
 The HEAD method is defined and made so that the server returns the headers
 exactly the way it would do for a GET, but without a body. It means that you
 may see a Content-Length: in the response headers, but there must not be an
 actual body in the HEAD response.
 4. HTML forms
 4.1 Forms explained
 Forms are the general way a web site can present a HTML page with fields for
 the user to enter data in, and then press some kind of 'OK' or 'submit'
@@ -95,7 +239,7 @@ Date:    Jan 19, 2011
 Of course there has to be some kind of program in the server end to receive
 the data you send. You cannot just invent something out of the air.
- 4.1 GET
+ 4.2 GET
  A GET-form uses the method GET, as specified in HTML like:
@@ -121,7 +265,7 @@ Date:    Jan 19, 2011
        curl "http://www.hotmail.com/when/junk.cgi?birthyear=1905&press=OK"
- 4.2 POST
+ 4.3 POST
  The GET method makes all input field names get displayed in the URL field of
  your browser. That's generally a good thing when you want to be able to
@@ -158,7 +302,7 @@ Date:    Jan 19, 2011
        curl --data-urlencode "name=I am Daniel" http://www.example.com
- 4.3 File Upload POST
+ 4.4 File Upload POST
  Back in late 1995 they defined an additional way to post data over HTTP. It
  is documented in the RFC 1867, why this method sometimes is referred to as
@@ -179,7 +323,7 @@ Date:    Jan 19, 2011
        curl --form upload=@localfilename --form press=OK [URL]
- 4.4 Hidden Fields
+ 4.5 Hidden Fields
  A very common way for HTML based application to pass state information
  between pages is to add hidden fields to the forms. Hidden fields are
@@ -200,7 +344,7 @@ Date:    Jan 19, 2011
        curl --data "birthyear=1905&press=OK&person=daniel" [URL]
- 4.5 Figure Out What A POST Looks Like
+ 4.6 Figure Out What A POST Looks Like
  When you're about fill in a form and send to a server by using curl instead
  of a browser, you're of course very interested in sending a POST exactly the
@@ -213,7 +357,9 @@ Date:    Jan 19, 2011
  You will then clearly see the data get appended to the URL, separated with a
  '?'-letter as GET forms are supposed to.
-5. PUT
+5. HTTP upload
 5.1 PUT
 The perhaps best way to upload data to a HTTP server is to use PUT. Then
 again, this of course requires that someone put a program or script on the
@@ -225,6 +371,8 @@ Date:    Jan 19, 2011
 6. HTTP Authentication
 6.1 Basic Authentication
 HTTP Authentication is the ability to tell the server your username and
 password so that it can verify that you're allowed to do the request you're
 doing. The Basic authentication used in HTTP (which is the type curl uses by
@@ -236,10 +384,14 @@ Date:    Jan 19, 2011
        curl --user name:password http://www.example.com
 6.2 Other Authentication
 The site might require a different authentication method (check the headers
 returned by the server), and then --ntlm, --digest, --negotiate or even
 --anyauth might be options that suit you.
 6.3 Proxy Authentication
 Sometimes your HTTP access is only available through the use of a HTTP
 proxy. This seems to be especially common at various companies. A HTTP proxy
 may require its own user and password to allow the client to get through to
@@ -253,6 +405,8 @@ Date:    Jan 19, 2011
 If you use any one these user+password options but leave out the password
 part, curl will prompt for the password interactively.
 6.4 Hiding credentials
 Do note that when a program is run, its parameters might be possible to see
 when listing the running processes of the system. Thus, other users may be
 able to watch your passwords if you pass them as plain command line
@@ -262,7 +416,9 @@ Date:    Jan 19, 2011
 many web sites will not use this concept when they provide logins etc. See
 the Web Login chapter further below for more details on that.
-7. Referer
+7. More HTTP Headers
 7.1 Referer
 A HTTP request may include a 'referer' field (yes it is misspelled), which
 can be used to tell from which URL the client got to this particular
@@ -276,7 +432,7 @@ Date:    Jan 19, 2011
        curl --referer http://www.example.come http://www.example.com
-8. User Agent
+ 7.2 User Agent
 Very similar to the referer field, all HTTP requests may set the User-Agent
 field. It names what user agent (client) that is being used. Many
@@ -298,7 +454,9 @@ Date:    Jan 19, 2011
  curl --user-agent "Mozilla/4.73 [en] (X11; U; Linux 2.2.15 i686)" [URL]
-9. Redirects
+8. Redirects
 8.1 Location header
 When a resource is requested from a server, the reply from the server may
 include a hint about where the browser should go next to find this page, or a
@@ -318,7 +476,16 @@ Date:    Jan 19, 2011
 only use POST in the first request, and then revert to GET in the following
 operations.
-10. Cookies
+ 8.2 Other redirects
 Browser typically support at least two other ways of redirects that curl
 doesn't: first the html may contain a meta refresh tag that asks the browser
 to load a specific URL after a set number of seconds, or it may use
 javascript to do it.
 9. Cookies
 9.1 Cookie Basics
 The way the web browsers do "client side state control" is by using
 cookies. Cookies are just names with associated contents. The cookies are
@@ -335,6 +502,8 @@ Date:    Jan 19, 2011
 must be able to record and send back cookies the way the web application
 expects them. The same way browsers deal with them.
 9.2 Cookie options
 The simplest way to send a few cookies to the server when getting a page with
 curl is to add them on the command line like:
@@ -351,7 +520,7 @@ Date:    Jan 19, 2011
 Curl has a full blown cookie parsing engine built-in that comes to use if you
 want to reconnect to a server and use cookies that were stored from a
- previous connection (or handicrafted manually to fool the server into
+ previous connection (or hand-crafted manually to fool the server into
 believing you had a previous connection). To use previously stored cookies,
 you run curl like:
@@ -366,16 +535,18 @@ Date:    Jan 19, 2011
        curl --cookie nada --location http://www.example.com
 Curl has the ability to read and write cookie files that use the same file
- format that Netscape and Mozilla do. It is a convenient way to share cookies
+ format that Netscape and Mozilla once used. It is a convenient way to share
- between browsers and automatic scripts. The --cookie (-b) switch
+ cookies between scripts or invokes. The --cookie (-b) switch automatically
- automatically detects if a given file is such a cookie file and parses it,
+ detects if a given file is such a cookie file and parses it, and by using the
- and by using the --cookie-jar (-c) option you'll make curl write a new cookie
+ --cookie-jar (-c) option you'll make curl write a new cookie file at the end
- file at the end of an operation:
+ of an operation:
        curl --cookie cookies.txt --cookie-jar newcookies.txt \
        http://www.example.com
-11. HTTPS
+10. HTTPS
 10.1 HTTPS is HTTP secure
 There are a few ways to do secure HTTP transfers. The by far most common
 protocol for doing this is what is generally known as HTTPS, HTTP over
@@ -391,7 +562,7 @@ Date:    Jan 19, 2011
        curl https://secure.example.com
- 11.1 Certificates
+ 10.2 Certificates
  In the HTTPS world, you use certificates to validate that you are the one
  you claim to be, as an addition to normal passwords. Curl supports client-
@@ -413,7 +584,9 @@ Date:    Jan 19, 2011
        http://curl.haxx.se/docs/sslcerts.html
-12. Custom Request Elements
+11. Custom Request Elements
 11.1 Modify method and headers
 Doing fancy stuff, you may need to add or change elements of a single curl
 request.
@@ -434,7 +607,26 @@ Date:    Jan 19, 2011
        curl --header "Destination: http://nowhere" http://example.com
-13. Web Login
+ 11.2 More on changed methods
 It should be noted that curl selects which methods to use on its own
 depending on what action to ask for. -d will do POST, -I will do HEAD and so
 on. If you use the --request / -X option you can change the method keyword
 curl selects, but you will not modify curl's behavior. This means that if you
 for example use -d "data" to do a POST, you can modify the method to a
 PROPFIND with -X and curl will still think it sends a POST. You can change
 the normal GET to a POST method by simply adding -X POST in a command line
 like:
        curl -X POST http://example.org/
 ... but curl will still think and act as if it sent a GET so it won't send any
 request body etc.
 12. Web Login
 12.1 Some login tricks
 While not strictly just HTTP related, it still cause a lot of people problems
 so here's the executive run-down of how the vast majority of all login forms
@@ -453,7 +645,7 @@ Date:    Jan 19, 2011
 sometimes they use such code to set or modify cookie contents. Possibly they
 do that to prevent programmed logins, like this manual describes how to...
 Anyway, if reading the code isn't enough to let you repeat the behavior
- manually, capturing the HTTP requests done by your browers and analyzing the
+ manually, capturing the HTTP requests done by your browsers and analyzing the
 sent cookies is usually a working method to work out how to shortcut the
 javascript need.
@@ -463,7 +655,9 @@ Date:    Jan 19, 2011
 to do a proper login POST. Remember that the contents need to be URL encoded
 when sent in a normal POST.
-14. Debug
+13. Debug
 13.1 Some debug tricks
 Many times when you run curl on a site, you'll notice that the site doesn't
 seem to respond the same way to your curl requests as it does to your
@@ -483,25 +677,30 @@ Date:    Jan 19, 2011
 * Set referer like it is set by the browser
 * If you use POST, make sure you send all the fields and in the same order as
-   the browser does it. (See chapter 4.5 above)
+ the browser does it.
 A very good helper to make sure you do this right, is the LiveHTTPHeader tool
 that lets you view all headers you send and receive with Mozilla/Firefox
- (even when using HTTPS).
+ (even when using HTTPS). Chrome features similar functionality out of the box
 among the developer's tools.
 A more raw approach is to capture the HTTP traffic on the network with tools
 such as ethereal or tcpdump and check what headers that were sent and
 received by the browser. (HTTPS makes this technique inefficient.)
-15. References
+14. References
 14.1 Standards
 RFC 2616 is a must to read if you want in-depth understanding of the HTTP
- protocol.
+ protocol
- RFC 3986 explains the URL syntax.
+ RFC 3986 explains the URL syntax
- RFC 2109 defines how cookies are supposed to work.
+ RFC 1867 defines the HTTP post upload format
- RFC 1867 defines the HTTP post upload format.
+ RFC 6525 defines how HTTP cookies work
 14.2 Sites
 http://curl.haxx.se is the home of the cURL project
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -20,7 +20,7 @@
 .\" *
 .\" **************************************************************************
 .\"
-.TH curl 1 "27 July 2012" "Curl 7.27.0" "Curl Manual"
+.TH curl 1 "30 Nov 2014" "Curl 7.40.0" "Curl Manual"
 .SH NAME
 curl \- transfer a URL
 .SH SYNOPSIS
@@ -30,8 +30,8 @@ curl \- transfer a URL
 .B curl
 is a tool to transfer data from or to a server, using one of the supported
 protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP,
-LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP).  The
+LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET
-command is designed to work without user interaction.
+and TFTP). The command is designed to work without user interaction.
 curl offers a busload of useful tricks like proxy support, user
 authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer
@@ -53,7 +53,9 @@ braces as in:
 or you can get sequences of alphanumeric series by using [] as in:
  ftp://ftp.numericals.com/file[1-100].txt
  ftp://ftp.numericals.com/file[001-100].txt    (with leading zeros)
  ftp://ftp.letters.com/file[a-z].txt
 Nested sequences are not supported, but you can use several ones next to each
@@ -68,8 +70,19 @@ You can specify a step counter for the ranges to get every Nth number or
 letter:
  http://www.numericals.com/file[1-100:10].txt
  http://www.letters.com/file[a-z:2].txt
 When using [] or {} sequences when invoked from a command line prompt, you
 probably have to put the full URL within double quotes to avoid the shell from
 interfering with it. This also goes for other characters treated special, like
 for example '&', '?' and '*'.
 Provide the IPv6 zone index in the URL with an escaped percentage sign and the
 interface name. Like in
  http://[fe80::3%25eth0]/
 If you specify URL without protocol:// prefix, curl will attempt to guess what
 protocol you might want. It will then default to HTTP but try other protocols
 based on often-used host name prefixes. For example, for host names starting
@@ -103,6 +116,18 @@ any response data to the terminal.
 If you prefer a progress "bar" instead of the regular meter, \fI-#\fP is your
 friend.
 .SH OPTIONS
 Options start with one or two dashes. Many of the options require an
 additional value next to them.
 The short "single-dash" form of the options, -d for example, may be used with
 or without a space between it and its value, although a space is a recommended
 separator. The long "double-dash" form, --data for example, requires a space
 between it and its value.
 Short version options that don't need any additional values can be used
 immediately next to each other, like for example you can specify all the
 options -O, -L and -v at once as -OLv.
 In general, all boolean options are enabled with --\fBoption\fP and yet again
 disabled with --\fBno-\fPoption. That is, you use the exact same option name
 but prefix it with "no-". However, in this list we mostly only list and show
@@ -112,30 +137,56 @@ same command line option.)
 .IP "-#, --progress-bar"
 Make curl display progress as a simple progress bar instead of the standard,
 more informational, meter.
 .IP "-:, --next"
 Tells curl to use a separate operation for the following URL and associated
 options. This allows you to send several URL requests, each with their own
 specific options, for example, such as different user names or custom requests
 for each. (Added in 7.36.0)
 .IP "-0, --http1.0"
-(HTTP) Forces curl to issue its requests using HTTP 1.0 instead of using its
+(HTTP) Tells curl to use HTTP version 1.0 instead of using its internally
-internally preferred: HTTP 1.1.
+preferred: HTTP 1.1.
 .IP "--http1.1"
 (HTTP) Tells curl to use HTTP version 1.1. This is the internal default
 version. (Added in 7.33.0)
 .IP "--http2"
 (HTTP) Tells curl to issue its requests using HTTP 2. This requires that the
 underlying libcurl was built to support it. (Added in 7.33.0)
 .IP "--no-npn"
 Disable the NPN TLS extension. NPN is enabled by default if libcurl was built
 with an SSL library that supports NPN. NPN is used by a libcurl that supports
 HTTP 2 to negotiate HTTP 2 support with the server during https sessions.
 (Added in 7.36.0)
 .IP "--no-alpn"
 Disable the ALPN TLS extension. ALPN is enabled by default if libcurl was built
 with an SSL library that supports ALPN. ALPN is used by a libcurl that supports
 HTTP 2 to negotiate HTTP 2 support with the server during https sessions.
 (Added in 7.36.0)
 .IP "-1, --tlsv1"
 (SSL)
-Forces curl to use TLS version 1 when negotiating with a remote TLS server.
+Forces curl to use TLS version 1.x when negotiating with a remote TLS server.
 You can use options \fI--tlsv1.0\fP, \fI--tlsv1.1\fP, and \fI--tlsv1.2\fP to
 control the TLS version more precisely (if the SSL backend in use supports such
 a level of control).
 .IP "-2, --sslv2"
-(SSL)
+(SSL) Forces curl to use SSL version 2 when negotiating with a remote SSL
-Forces curl to use SSL version 2 when negotiating with a remote SSL server.
+server. Sometimes curl is built without SSLv2 support. SSLv2 is widely
 considered insecure.
 .IP "-3, --sslv3"
-(SSL)
+(SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL
-Forces curl to use SSL version 3 when negotiating with a remote SSL server.
+server. Sometimes curl is built without SSLv3 support.
 .IP "-4, --ipv4"
-If curl is capable of resolving an address to multiple IP versions (which it
+This option tells curl to resolve names to IPv4 addresses only, and not for
-is if it is IPv6-capable), this option tells curl to resolve names to IPv4
+example try IPv6.
 addresses only.
 .IP "-6, --ipv6"
-If curl is capable of resolving an address to multiple IP versions (which it
+This option tells curl to resolve names to IPv6 addresses only, and not for
-is if it is IPv6-capable), this option tells curl to resolve names to IPv6
+example try IPv4.
 addresses only.
 .IP "-a, --append"
-(FTP/SFTP) When used in an upload, this will tell curl to append to the target
+(FTP/SFTP) When used in an upload, this makes curl append to the target file
-file instead of overwriting it. If the file doesn't exist, it will be created.
+instead of overwriting it. If the remote file doesn't exist, it will be
-Note that this flag is ignored by some SSH servers (including OpenSSH).
+created.  Note that this flag is ignored by some SFTP servers (including
 OpenSSH).
 .IP "-A, --user-agent <agent string>"
 (HTTP) Specify the User-Agent string to send to the HTTP server. Some badly
 done CGIs fail if this field isn't set to "Mozilla/4.0". To encode blanks in
@@ -156,10 +207,9 @@ since it may require data to be sent twice and then the client must be able to
 rewind. If the need should arise when uploading from stdin, the upload
 operation will fail.
 .IP "-b, --cookie <name=data>"
-(HTTP)
+(HTTP) Pass the data to the HTTP server as a cookie. It is supposedly the data
-Pass the data to the HTTP server as a cookie. It is supposedly the
+previously received from the server in a "Set-Cookie:" line.  The data should
-data previously received from the server in a "Set-Cookie:" line.
+be in the format "NAME1=VALUE1; NAME2=VALUE2".
 The data should be in the format "NAME1=VALUE1; NAME2=VALUE2".
 If no '=' symbol is used in the line, it is treated as a filename to use to
 read previously stored cookie lines from, which should be used in this session
@@ -169,26 +219,29 @@ in combination with the \fI-L, --location\fP option. The file format of the
 file to read cookies from should be plain HTTP headers or the Netscape/Mozilla
 cookie file format.
-\fBNOTE\fP that the file specified with \fI-b, --cookie\fP is only used as
+The file specified with \fI-b, --cookie\fP is only used as input. No cookies
-input. No cookies will be stored in the file. To store cookies, use the
+will be written to the file. To store cookies, use the \fI-c, --cookie-jar\fP
-\fI-c, --cookie-jar\fP option or you could even save the HTTP headers to a file
+option.
 using \fI-D, --dump-header\fP!
 If this option is used several times, the last one will be used.
 .IP "-B, --use-ascii"
-(FTP/LDAP) Enable ASCII transfer. For FTP, this can also be
+(FTP/LDAP) Enable ASCII transfer. For FTP, this can also be enforced by using
-enforced by using an URL that ends with ";type=A". This option causes data
+an URL that ends with ";type=A". This option causes data sent to stdout to be
-sent to stdout to be in text mode for win32 systems.
+in text mode for win32 systems.
 .IP "--basic"
-(HTTP) Tells curl to use HTTP Basic authentication. This is the default and
+(HTTP) Tells curl to use HTTP Basic authentication with the remote host. This
-this option is usually pointless, unless you use it to override a previously
+is the default and this option is usually pointless, unless you use it to
-set option that sets a different authentication method (such as \fI--ntlm\fP,
+override a previously set option that sets a different authentication method
-\fI--digest\fP, or \fI--negotiate\fP).
+(such as \fI--ntlm\fP, \fI--digest\fP, or \fI--negotiate\fP).
 Used together with \fI-u, --user\fP and \fI-x, --proxy\fP.
 See also \fI--proxy-basic\fP.
 .IP "-c, --cookie-jar <file name>"
 (HTTP) Specify to which file you want curl to write all cookies after a
 completed operation. Curl writes all cookies previously read from a specified
 file as well as all cookies received from remote server(s). If no cookies are
-known, no file will be written. The file will be written using the Netscape
+known, no data will be written. The file will be written using the Netscape
 cookie file format. If you set the file name to a single dash, "-", the
 cookies will be written to stdout.
@@ -228,11 +281,12 @@ If this option is used several times, the last one will be used.
 supports, and save the uncompressed document.  If this option is used and the
 server sends an unsupported encoding, curl will report an error.
 .IP "--connect-timeout <seconds>"
-Maximum time in seconds that you allow the connection to the server to take.
+Maximum time in seconds that you allow curl's connection to take.  This only
-This only limits the connection phase, once curl has connected this option is
+limits the connection phase, so if curl connects within the given period it
-of no more use.  Since 7.32.0, this option accepts decimal values, but the
+will continue - if not it will exit.  Since version 7.32.0, this option
-actual timeout will decrease in accuracy as the specified timeout increases in
+accepts decimal values.
-decimal precision. See also the \fI-m, --max-time\fP option.
+
 See also the \fI-m, --max-time\fP option.
 If this option is used several times, the last one will be used.
 .IP "--create-dirs"
@@ -244,7 +298,9 @@ uses no dir or if the dirs it mentions already exist, no dir will be created.
 To create remote directories when using FTP or SFTP, try
 \fI--ftp-create-dirs\fP.
 .IP "--crlf"
-(FTP) Convert LF to CRLF in upload. Useful for MVS (OS/390).
+Convert LF to CRLF in upload. Useful for MVS (OS/390).
 (SMTP added in 7.40.0)
 .IP "--crlfile <file>"
 (HTTPS/FTPS) Provide a file using PEM format with a Certificate Revocation
 List that may specify peer certificates that are to be considered revoked.
@@ -269,23 +325,23 @@ data pieces specified will be merged together with a separating
 chunk that looks like \&'name=daniel&skill=lousy'.
 If you start the data with the letter @, the rest should be a file name to
-read the data from, or - if you want curl to read the data from stdin.  The
+read the data from, or - if you want curl to read the data from
-contents of the file must already be URL-encoded. Multiple files can also be
+stdin. Multiple files can also be specified. Posting data from a file
-specified. Posting data from a file named 'foobar' would thus be done with
+named 'foobar' would thus be done with \fI--data\fP @foobar. When --data is
-\fI--data @foobar\fP.
+told to read from a file like that, carriage returns and newlines will be
 stripped out.
 .IP "-D, --dump-header <file>"
 Write the protocol headers to the specified file.
 This option is handy to use when you want to store the headers that an HTTP
 site sends to you. Cookies from the headers could then be read in a second
 curl invocation by using the \fI-b, --cookie\fP option! The
-\fI-c, --cookie-jar\fP option is however a better way to store cookies.
+\fI-c, --cookie-jar\fP option is a better way to store cookies.
 When used in FTP, the FTP server response lines are considered being "headers"
 and thus are saved there.
 If this option is used several times, the last one will be used.
 .IP "--data-ascii <data>"
 See \fI-d, --data\fP.
 .IP "--data-binary <data>"
@@ -294,7 +350,7 @@ whatsoever.
 If you start the data with the letter @, the rest should be a filename.  Data
 is posted in a similar manner as \fI--data-ascii\fP does, except that newlines
-are preserved and conversions are never done.
+and carriage returns are preserved and conversions are never done.
 If this option is used several times, the ones following the first will append
 data as described in \fI-d, --data\fP.
@@ -369,8 +425,41 @@ is an alias for \fB--disable-epsv\fP.
 Disabling EPSV only changes the passive behavior. If you want to switch to
 active mode you need to use \fI-P, --ftp-port\fP.
 .IP "--dns-interface <interface>"
 Tell curl to send outgoing DNS requests through <interface>. This option
 is a counterpart to \fI--interface\fP (which does not affect DNS). The
 supplied string must be an interface name (not an address).
 This option requires that libcurl was built with a resolver backend that
 supports this operation. The c-ares backend is the only such one. (Added in
 7.33.0)
 .IP "--dns-ipv4-addr <ip-address>"
 Tell curl to bind to <ip-address> when making IPv4 DNS requests, so that
 the DNS requests originate from this address. The argument should be a
 single IPv4 address.
 This option requires that libcurl was built with a resolver backend that
 supports this operation. The c-ares backend is the only such one.  (Added in
 7.33.0)
 .IP "--dns-ipv6-addr <ip-address>"
 Tell curl to bind to <ip-address> when making IPv6 DNS requests, so that
 the DNS requests originate from this address. The argument should be a
 single IPv6 address.
 This option requires that libcurl was built with a resolver backend that
 supports this operation. The c-ares backend is the only such one.  (Added in
 7.33.0)
 .IP "--dns-servers <ip-address,ip-address>"
 Set the list of DNS servers to be used instead of the system default.
 The list of IP addresses should be separated with commas. Port numbers
 may also optionally be given as \fI:<port-number>\fP after each IP
 address.
 This option requires that libcurl was built with a resolver backend that
 supports this operation. The c-ares backend is the only such one.  (Added in
 7.33.0)
 .IP "-e, --referer <URL>"
-(HTTP) Sends the "Referer Page" information to the HTTP server. This can also
+(HTTP) Sends the "Referrer Page" information to the HTTP server. This can also
 be set with the \fI-H, --header\fP flag of course.  When used with
 \fI-L, --location\fP you can append ";auto" to the --referer URL to make curl
 automatically set the previous URL when it follows a Location: header. The
@@ -380,7 +469,8 @@ If this option is used several times, the last one will be used.
 .IP "-E, --cert <certificate[:password]>"
 (SSL) Tells curl to use the specified client certificate file when getting a
 file with HTTPS, FTPS or another SSL-based protocol. The certificate must be
-in PEM format.  If the optional password isn't specified, it will be queried
+in PKCS#12 format if using Secure Transport, or PEM format if using any other
 engine.  If the optional password isn't specified, it will be queried
 for on the terminal. Note that this option assumes a \&"certificate" file that
 is the private key and the private certificate concatenated! See \fI--cert\fP
 and \fI--key\fP to specify them independently.
@@ -396,9 +486,10 @@ recognized as password delimiter.  If the nickname contains "\\", it needs to
 be escaped as "\\\\" so that it is not recognized as an escape character.
 (iOS and Mac OS X only) If curl is built against Secure Transport, then the
-certificate string must match the name of a certificate that's in the system or
+certificate string can either be the name of a certificate/private key in the
-user keychain. The private key corresponding to the certificate, and
+system or user keychain, or the path to a PKCS#12-encoded certificate and
-certificate chain (if any),  must also be present in the keychain.
+private key. If you want to use a file from the current directory, please
 precede it with "./" prefix, in order to avoid confusion with a nickname.
 If this option is used several times, the last one will be used.
 .IP "--engine <name>"
@@ -448,12 +539,25 @@ OpenSSL-powered curl to make SSL-connections much more efficiently than using
 If this option is set, the default capath value will be ignored, and if it is
 used several times, the last one will be used.
 .IP "--pinnedpubkey <pinned public key>"
 (SSL) Tells curl to use the specified public key file to verify the peer. The
 file must contain a single public key in PEM or DER format.
 When negotiating a TLS or SSL connection, the server sends a certificate
 indicating its identity. A public key is extracted from this certificate and
 if it does not exactly match the public key provided to this option, curl will
 abort the connection before sending or receiving any data.
 This is currently only implemented in the OpenSSL, GnuTLS and GSKit backends.
 If this option is used several times, the last one will be used.
 (Added in 7.39.0)
 .IP "-f, --fail"
 (HTTP) Fail silently (no output at all) on server errors. This is mostly done
-to better enable scripts etc to better deal with failed attempts. In
+to better enable scripts etc to better deal with failed attempts. In normal
-normal cases when an HTTP server fails to deliver a document, it returns an
+cases when an HTTP server fails to deliver a document, it returns an HTML
-HTML document stating so (which often also describes why and more). This flag
+document stating so (which often also describes why and more). This flag will
-will prevent curl from outputting that and return error 22.
+prevent curl from outputting that and return error 22.
 This method is not fail-safe and there are occasions where non-successful
 response codes will slip through, especially when authentication is involved
@@ -462,11 +566,11 @@ response codes will slip through, especially when authentication is involved
 (HTTP) This lets curl emulate a filled-in form in which a user has pressed the
 submit button. This causes curl to POST data using the Content-Type
 multipart/form-data according to RFC 2388. This enables uploading of binary
-files etc. To force the 'content' part to be a file, prefix the file name
+files etc. To force the 'content' part to be a file, prefix the file name with
-with an @ sign. To just get the content part from a file, prefix the file name
+an @ sign. To just get the content part from a file, prefix the file name with
-with the symbol <. The difference between @ and < is then that @ makes a file
+the symbol <. The difference between @ and < is then that @ makes a file get
-get attached in the post as a file upload, while the < makes a text field and
+attached in the post as a file upload, while the < makes a text field and just
-just get the contents for that text field from a file.
+get the contents for that text field from a file.
 Example, to send your password file to the server, where
 \&'password' is the name of the form-field to which /etc/passwd will be the
@@ -592,10 +696,10 @@ you can specify URLs that contain the letters {}[] without having them being
 interpreted by curl itself. Note that these letters are not normal legal URL
 contents but they should be encoded according to the URI standard.
 .IP "-G, --get"
-When used, this option will make all data specified with \fI-d, --data\fP or
+When used, this option will make all data specified with \fI-d, --data\fP,
-\fI--data-binary\fP to be used in an HTTP GET request instead of the POST
+\fI--data-binary\fP or \fI--data-urlencode\fP to be used in an HTTP GET
-request that otherwise would be used. The data will be appended to the URL
+request instead of the POST request that otherwise would be used. The data
-with a '?' separator.
+will be appended to the URL with a '?' separator.
 If used in combination with -I, the POST data will instead be appended to the
 URL with a HEAD request.
@@ -604,16 +708,16 @@ If this option is used several times, only the first one is used. This is
 because undoing a GET doesn't make sense, but you should then instead enforce
 the alternative method you prefer.
 .IP "-H, --header <header>"
-(HTTP) Extra header to use when getting a web page. You may specify any number
+(HTTP) Extra header to include in the request when sending HTTP to a
-of extra headers. Note that if you should add a custom header that has the
+server. You may specify any number of extra headers. Note that if you should
-same name as one of the internal ones curl would use, your externally set
+add a custom header that has the same name as one of the internal ones curl
-header will be used instead of the internal one. This allows you to make even
+would use, your externally set header will be used instead of the internal
-trickier stuff than curl would normally do. You should not replace internally
+one. This allows you to make even trickier stuff than curl would normally
-set headers without knowing perfectly well what you're doing. Remove an
+do. You should not replace internally set headers without knowing perfectly
-internal header by giving a replacement without content on the right side of
+well what you're doing. Remove an internal header by giving a replacement
-the colon, as in: -H \&"Host:". If you send the custom header with no-value
+without content on the right side of the colon, as in: -H \&"Host:". If you
-then its header must be terminated with a semicolon, such as \-H
+send the custom header with no-value then its header must be terminated with a
-\&"X-Custom-Header;" to send "X-Custom-Header:".
+semicolon, such as \-H \&"X-Custom-Header;" to send "X-Custom-Header:".
 curl will make sure that each header you add/replace is sent with the proper
 end-of-line marker, you should thus \fBnot\fP add that as a part of the header
@@ -622,6 +726,13 @@ for you.
 See also the \fI-A, --user-agent\fP and \fI-e, --referer\fP options.
 Starting in 7.37.0, you need \fI--proxy-header\fP to send custom headers
 intended for a proxy.
 Example:
 \&# curl -H "X-First-Name: Joe" http://192.168.0.1/
 This option can be used multiple times to add/replace/remove multiple headers.
 .IP "--hostpubmd5 <md5>"
 (SCP/SFTP) Pass a string containing 32 hexadecimal digits. The string should
@@ -657,6 +768,9 @@ cookies when they're closed down.
 (HTTP) This option tells the \fI-O, --remote-name\fP option to use the
 server-specified Content-Disposition filename instead of extracting a filename
 from the URL.
 There's no attempt to decode %-sequences (yet) in the provided file name, so
 this option may provide you with rather unexpected file names.
 .IP "-k, --insecure"
 (SSL) This option explicitly allows curl to perform "insecure" SSL connections
 and transfers. All SSL connections are attempted to be made secure by using
@@ -668,16 +782,21 @@ See this online resource for further details:
 .IP "-K, --config <config file>"
 Specify which config file to read curl arguments from. The config file is a
 text file in which command line arguments can be written which then will be
-used as if they were written on the actual command line. Options and their
+used as if they were written on the actual command line.
-parameters must be specified on the same config file line, separated by
+
-whitespace, colon, the equals sign or any combination thereof (however,
+Options and their parameters must be specified on the same config file line,
-the preferred separator is the equals sign). If the parameter is to contain
+separated by whitespace, colon, or the equals sign. Long option names can
-whitespace, the parameter must be enclosed within quotes. Within double
+optionally be given in the config file without the initial double dashes and
-quotes, the following escape sequences are available: \\\\, \\", \\t, \\n,
+if so, the colon or equals characters can be used as separators. If the option
-\\r and \\v. A backslash preceding any other letter is ignored. If the
+is specified with one or two dashes, there can be no colon or equals character
-first column of a config line is a '#' character, the rest of the line will be
+between the option and its parameter.
-treated as a comment. Only write one option per physical line in the config
+
-file.
+If the parameter is to contain whitespace, the parameter must be enclosed
 within quotes. Within double quotes, the following escape sequences are
 available: \\\\, \\", \\t, \\n, \\r and \\v. A backslash preceding any other
 letter is ignored. If the first column of a config line is a '#' character,
 the rest of the line will be treated as a comment. Only write one option per
 physical line in the config file.
 Specify the filename to -K, --config as '-' to make curl read the file from
 stdin.
@@ -688,21 +807,18 @@ line. So, it could look similar to this:
 url = "http://curl.haxx.se/docs/"
 Long option names can optionally be given in the config file without the
 initial double dashes.
 When curl is invoked, it always (unless \fI-q\fP is used) checks for a default
 config file and uses it if found. The default config file is checked for in
 the following places in this order:
 1) curl tries to find the "home dir": It first checks for the CURL_HOME and
 then the HOME environment variables. Failing that, it uses getpwuid() on
-UNIX-like systems (which returns the home dir given the current user in your
+Unix-like systems (which returns the home dir given the current user in your
 system). On Windows, it then checks for the APPDATA variable, or as a last
 resort the '%USERPROFILE%\\Application Data'.
 2) On windows, if there is no _curlrc file in the home dir, it checks for one
-in the same dir the curl executable is placed. On UNIX-like systems, it will
+in the same dir the curl executable is placed. On Unix-like systems, it will
 simply try to load .curlrc from the determined home dir.
 .nf
@@ -731,7 +847,8 @@ If this option is used several times, the last one will be used. If
 unspecified, the option defaults to 60 seconds.
 .IP "--key <key>"
 (SSL/SSH) Private key file name. Allows you to provide your private key in this
-separate file.
+separate file. For SSH, if not specified, curl tries the following candidates
 in order: '~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'.
 If this option is used several times, the last one will be used.
 .IP "--key-type <type>"
@@ -745,22 +862,29 @@ If this option is used several times, the last one will be used.
 should be one of 'clear', 'safe', 'confidential', or 'private'. Should you use
 a level that is not one of these, 'private' will instead be used.
-This option requires a library built with kerberos4 or GSSAPI
+This option requires a library built with kerberos4 support. This is not
-(GSS-Negotiate) support. This is not very common. Use \fI-V, --version\fP to
+very common. Use \fI-V, --version\fP to see if your curl supports it.
 see if your curl supports it.
 If this option is used several times, the last one will be used.
 .IP "-l, --list-only"
 (FTP)
-When listing an FTP directory, this switch forces a name-only view.
+When listing an FTP directory, this switch forces a name-only view. This is
-Especially useful if you want to machine-parse the contents of an FTP
+especially useful if the user wants to machine-parse the contents of an FTP
-directory since the normal directory view doesn't use a standard look
+directory since the normal directory view doesn't use a standard look or
-or format.
+format. When used like this, the option causes a NLST command to be sent to
 the server instead of LIST.
-This option causes an FTP NLST command to be sent.  Some FTP servers
+Note: Some FTP servers list only files in their response to NLST; they do not
-list only files in their response to NLST; they do not include
+include sub-directories and symbolic links.
 subdirectories and symbolic links.
 (POP3)
 When retrieving a specific email from POP3, this switch forces a LIST command
 to be performed instead of RETR. This is particularly useful if the user wants
 to see if a specific message id exists on the server and what size it is.
 Note: When combined with \fI-X, --request <command>\fP, this option can be used
 to send an UIDL command instead, so the user may use the email's unique
 identifier rather than it's message id to make the request. (Added in 7.21.5)
 .IP "-L, --location"
 (HTTP/HTTPS) If the server reports that the requested page has moved to a
 different location (indicated with a Location: header and a 3XX response code),
@@ -776,6 +900,10 @@ When curl follows a redirect and the request is not a plain GET (for example
 POST or PUT), it will do the following request with a GET if the HTTP response
 was 301, 302, or 303. If the response code was any other 3xx code, curl will
 re-send the following request using the same unmodified method.
 You can tell curl to not change the non-GET request method to GET after a 30x
 response by using the dedicated options for that: \fI--post301\fP,
 \fI--post302\fP and \fI-post303\fP.
 .IP "--libcurl <file>"
 Append this option to any ordinary curl command line, and you will get a
 libcurl-using C source code written to the file that does the equivalent
@@ -784,9 +912,10 @@ of what your command-line operation does!
 If this option is used several times, the last given file name will be
 used. (Added in 7.16.1)
 .IP "--limit-rate <speed>"
-Specify the maximum transfer rate you want curl to use. This feature is useful
+Specify the maximum transfer rate you want curl to use - for both downloads
-if you have a limited pipe and you'd like your transfer not to use your entire
+and uploads. This feature is useful if you have a limited pipe and you'd like
-bandwidth.
+your transfer not to use your entire bandwidth. To make it slower than it
 otherwise would be.
 The given speed is measured in bytes/second, unless a suffix is appended.
 Appending 'k' or 'K' will count the number as kilobytes, 'm' or M' makes it
@@ -820,6 +949,16 @@ values, but the actual timeout will decrease in accuracy as the specified
 timeout increases in decimal precision.  See also the \fI--connect-timeout\fP
 option.
 If this option is used several times, the last one will be used.
 .IP "--login-options <options>"
 Specify the login options to use during server authentication.
 You can use the login options to specify protocol specific options that may
 be used during authentication. At present only IMAP, POP3 and SMTP support
 login options. For more information about the login options please see
 RFC 2384, RFC 5092 and IETF draft draft-earhart-url-smtp-00.txt (Added in
 7.34.0).
 If this option is used several times, the last one will be used.
 .IP "--mail-auth <address>"
 (SMTP) Specify a single address. This will be used to specify the
@@ -840,10 +979,18 @@ return with exit code 63.
 files this option has no effect even if the file transfer ends up being larger
 than this given limit. This concerns both FTP and HTTP transfers.
 .IP "--mail-rcpt <address>"
-(SMTP) Specify a single address that the given mail should get sent to. This
+(SMTP) Specify a single address, user name or mailing list name.
 option can be used multiple times to specify many recipients.
-(Added in 7.20.0)
+When performing a mail transfer, the recipient should specify a valid email
 address to send the mail to. (Added in 7.20.0)
 When performing an address verification (VRFY command), the recipient should be
 specified as the user name or user name and domain (as per Section 3.5 of
 RFC5321). (Added in 7.34.0)
 When performing a mailing list expand (EXPN command), the recipient should be
 specified using the mailing list name, such as "Friends" or "London-Office".
 (Added in 7.34.0)
 .IP "--max-redirs <num>"
 Set maximum number of redirection-followings allowed. If \fI-L, --location\fP
 is used, this option can be used to prevent curl from following redirections
@@ -879,7 +1026,7 @@ in Metalink file, hash check will fail.
 .IP "-n, --netrc"
 Makes curl scan the \fI.netrc\fP (\fI_netrc\fP on Windows) file in the user's
 home directory for login name and password. This is typically used for FTP on
-UNIX. If used with HTTP, curl will enable user authentication. See
+Unix. If used with HTTP, curl will enable user authentication. See
 .BR netrc(4)
 or
 .BR ftp(1)
@@ -916,18 +1063,13 @@ Very similar to \fI--netrc\fP, but this option makes the .netrc usage
 \fBoptional\fP and not mandatory as the \fI--netrc\fP option does.
 .IP "--negotiate"
-(HTTP) Enables GSS-Negotiate authentication. The GSS-Negotiate method was
+(HTTP) Enables Negotiate (SPNEGO) authentication.
 designed by Microsoft and is used in their web applications. It is primarily
 meant as a support for Kerberos5 authentication but may be also used along
 with another authentication method. For more information see IETF draft
 draft-brezak-spnego-http-04.txt.
-If you want to enable Negotiate for your proxy authentication, then use
+If you want to enable Negotiate (SPNEGO) for proxy authentication, then use
 \fI--proxy-negotiate\fP.
-This option requires a library built with GSSAPI support. This is
+This option requires a library built with GSS-API or SSPI support. Use \fI-V,
-not very common. Use \fI-V, --version\fP to see if your version supports
+--version\fP to see if your curl supports GSS-API/SSPI and SPNEGO.
 GSS-Negotiate.
 When using this option, you must also provide a fake \fI-u, --user\fP option to
 activate the authentication code properly. Sending a '-u :' is enough as the
@@ -999,7 +1141,37 @@ Consequentially, the file will be saved in the current working directory. If
 you want the file saved in a different directory, make sure you change current
 working directory before you invoke curl with the \fB-O, --remote-name\fP flag!
 There is no URL decoding done on the file name. If it has %20 or other URL
 encoded parts of the name, they will end up as-is as file name.
 You may use this option as many times as the number of URLs you have.
 .IP "--oauth2-bearer"
 (IMAP, POP3, SMTP)
 Specify the Bearer Token for OAUTH 2.0 server authentication. The Bearer Token
 is used in conjunction with the user name which can be specified as part of the
 \fI--url\fP or \fI-u, --user\fP options.
 The Bearer Token and user name are formatted according to RFC 6750.
 If this option is used several times, the last one will be used.
 .IP "--proxy-header <header>"
 (HTTP) Extra header to include in the request when sending HTTP to a
 proxy. You may specify any number of extra headers. This is the equivalent
 option to \fI-H, --header\fP but is for proxy communication only like in
 CONNECT requests when you want a separate header sent to the proxy to what is
 sent to the actual remote host.
 curl will make sure that each header you add/replace is sent with the proper
 end-of-line marker, you should thus \fBnot\fP add that as a part of the header
 content: do not add newlines or carriage returns, they will only mess things
 up for you.
 Headers specified with this option will not be included in requests that curl
 knows will not be sent to a proxy.
 This option can be used multiple times to add/replace/remove multiple headers.
 (Added in 7.37.0)
 .IP "-p, --proxytunnel"
 When an HTTP proxy is used (\fI-x, --proxy\fP), this option will cause non-HTTP
 protocols to attempt to tunnel through the proxy instead of merely using it to
@@ -1116,8 +1288,8 @@ the default authentication method curl uses with proxies.
 Tells curl to use HTTP Digest authentication when communicating with the given
 proxy. Use \fI--digest\fP for enabling HTTP Digest with a remote host.
 .IP "--proxy-negotiate"
-Tells curl to use HTTP Negotiate authentication when communicating
+Tells curl to use HTTP Negotiate (SPNEGO) authentication when communicating
-with the given proxy. Use \fI--negotiate\fP for enabling HTTP Negotiate
+with the given proxy. Use \fI--negotiate\fP for enabling HTTP Negotiate (SPNEGO)
 with a remote host. (Added in 7.17.1)
 .IP "--proxy-ntlm"
 Tells curl to use HTTP NTLM authentication when communicating with the given
@@ -1134,6 +1306,11 @@ protocol instead of the default HTTP 1.1.
 separate file.
 If this option is used several times, the last one will be used.
 (As of 7.39.0, curl attempts to automatically extract the public key from the
 private key file, so passing this option is generally not required. Note that
 this public key extraction requires libcurl to be linked against a copy of
 libssh2 1.2.8 or higher that is itself linked against OpenSSL.)
 .IP "-q"
 If used as the first parameter on the command line, the \fIcurlrc\fP config
 file will not be read and used. See the \fI-K, --config\fP for details on the
@@ -1317,7 +1494,7 @@ option name can still be used but will be removed in a future version.
 .IP "--ssl-allow-beast"
 (SSL) This option tells curl to not work around a security flaw in the SSL3
 and TLS1.0 protocols known as BEAST.  If this option isn't used, the SSL layer
-may use work-arounds known to cause interoperability problems with some older
+may use workarounds known to cause interoperability problems with some older
 SSL implementations. WARNING: this option loosens the SSL security, and by
 using this flag you ask for exactly that.  (Added in 7.25.0)
 .IP "--socks4 <host[:port]>"
@@ -1380,7 +1557,7 @@ sockd/proxy-name --socks5 proxy-name \fI--socks5-gssapi-service\fP
 sockd/real-name would use sockd/real-name for cases where the proxy-name does
 not match the principal name.  (Added in 7.19.4).
 .IP "--socks5-gssapi-nec"
-As part of the gssapi negotiation a protection mode is negotiated. RFC 1961
+As part of the GSS-API negotiation a protection mode is negotiated. RFC 1961
 says in section 4.3/4.4 it should be protected, but the NEC reference
 implementation does not.  The option \fI--socks5-gssapi-nec\fP allows the
 unprotected exchange of the protection mode negotiation. (Added in 7.19.4).
@@ -1436,14 +1613,26 @@ Set TLS authentication type. Currently, the only supported option is "SRP",
 for TLS-SRP (RFC 5054). If \fI--tlsuser\fP and \fI--tlspassword\fP are
 specified but \fI--tlsauthtype\fP is not, then this option defaults to "SRP".
 (Added in 7.21.4)
 .IP "--tlsuser <user>"
 Set username for use with the TLS authentication method specified with
 \fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also be set.  (Added in
 7.21.4)
 .IP "--tlspassword <password>"
 Set password for use with the TLS authentication method specified with
 \fI--tlsauthtype\fP. Requires that \fI--tlsuser\fP also be set.  (Added in
 7.21.4)
 .IP "--tlsuser <user>"
 Set username for use with the TLS authentication method specified with
 \fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also be set.  (Added in
 7.21.4)
 .IP "--tlsv1.0"
 (SSL)
 Forces curl to use TLS version 1.0 when negotiating with a remote TLS server.
 (Added in 7.34.0)
 .IP "--tlsv1.1"
 (SSL)
 Forces curl to use TLS version 1.1 when negotiating with a remote TLS server.
 (Added in 7.34.0)
 .IP "--tlsv1.2"
 (SSL)
 Forces curl to use TLS version 1.2 when negotiating with a remote TLS server.
 (Added in 7.34.0)
 .IP "--tr-encoding"
 (HTTP) Request a compressed Transfer-Encoding response using one of the
 algorithms curl supports, and uncompress the data while receiving it.
@@ -1473,24 +1662,44 @@ If this option is used several times, the last one will be used.
 .IP "--trace-time"
 Prepends a time stamp to each trace or verbose line that curl displays.
 (Added in 7.14.0)
 .IP "--unix-socket <path>"
 (HTTP) Connect through this Unix domain socket, instead of using the
 network. (Added in 7.40.0)
 .IP "-u, --user <user:password>"
 Specify the user name and password to use for server authentication. Overrides
 \fI-n, --netrc\fP and \fI--netrc-optional\fP.
-If you just give the user name (without entering a colon) curl will prompt for
+If you simply specify the user name, curl will prompt for a password.
 a password.
-If you use an SSPI-enabled curl binary and do NTLM authentication, you can
+The user name and passwords are split up on the first colon, which makes it
-force curl to pick up the user name and password from your environment by
+impossible to use a colon in the user name with this option. The password can,
-simply specifying a single colon with this option: "-u :".
+still.
 When using Kerberos V5 with a Windows based server you should include the
 Windows domain name in the user name, in order for the server to succesfully
 obtain a Kerberos Ticket. If you don't then the initial authentication
 handshake may fail.
 When using NTLM, the user name can be specified simply as the user name,
 without the domain, if there is a single domain and forest in your setup
 for example.
 To specify the domain name use either Down-Level Logon Name or UPN (User
 Principal Name) formats. For example, EXAMPLE\\user and user@example.com
 respectively.
 If you use a Windows SSPI-enabled curl binary and perform Kerberos V5,
 Negotiate, NTLM or Digest authentication then you can tell curl to select
 the user name and password from your environment by specifying a single colon
 with this option: "-u :".
 If this option is used several times, the last one will be used.
 .IP "-U, --proxy-user <user:password>"
 Specify the user name and password to use for proxy authentication.
-If you use an SSPI-enabled curl binary and do NTLM authentication, you can
+If you use a Windows SSPI-enabled curl binary and do either Negotiate or NTLM
-force curl to pick up the user name and password from your environment by
+authentication then you can tell curl to select the user name and password
-simply specifying a single colon with this option: "-U :".
+from your environment by specifying a single colon with this option: "-U :".
 If this option is used several times, the last one will be used.
 .IP "--url <URL>"
@@ -1500,10 +1709,11 @@ URL(s) in a config file.
 This option may be used any number of times. To control where this URL is
 written, use the \fI-o, --output\fP or the \fI-O, --remote-name\fP options.
 .IP "-v, --verbose"
-Makes the fetching more verbose/talkative. Mostly useful for debugging. A line
+Be more verbose/talkative during the operation. Useful for debugging and
-starting with '>' means "header data" sent by curl, '<' means "header data"
+seeing what's going on "under the hood". A line starting with '>' means
-received by curl that is hidden in normal cases, and a line starting with '*'
+"header data" sent by curl, '<' means "header data" received by curl that is
-means additional info provided by curl.
+hidden in normal cases, and a line starting with '*' means additional info
 provided by curl.
 Note that if you only want HTTP headers in the output, \fI-i, --include\fP
 might be the option you're looking for.
@@ -1515,10 +1725,10 @@ This option overrides previous uses of \fI--trace-ascii\fP or \fI--trace\fP.
 Use \fI-s, --silent\fP to make curl quiet.
 .IP "-w, --write-out <format>"
-Defines what to display on stdout after a completed and successful
+Make curl display information on stdout after a completed transfer. The format
-operation. The format is a string that may contain plain text mixed with any
+is a string that may contain plain text mixed with any number of
-number of variables. The string can be specified as "string", to get read from
+variables. The format can be specified as a literal "string", or you can have
-a particular file you specify it "@filename" and to tell curl to read the
+curl read the format from a file with "@filename" and to tell curl to read the
 format from stdin you write "@-".
 The variables present in the output format will be substituted by the value or
@@ -1643,8 +1853,16 @@ to follow location: headers.
 If this option is used several times, the last one will be used.
 .IP "-x, --proxy <[protocol://][user:password@]proxyhost[:port]>"
-Use the specified HTTP proxy. If the port number is not specified, it is
+Use the specified proxy.
-assumed at port 1080.
+
 The proxy string can be specified with a protocol:// prefix to specify
 alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
 socks5h:// to request the specific SOCKS version to be used. No protocol
 specified, http:// and all others will be treated as HTTP proxies. (The
 protocol support was added in curl 7.21.7)
 If the port number is not specified in the proxy string, it is assumed to be
 1080.
 This option overrides existing environment variables that set the proxy to
 use. If there's an environment variable setting a proxy, you can set proxy to
@@ -1663,11 +1881,6 @@ The proxy host can be specified the exact same way as the proxy environment
 variables, including the protocol prefix (http://) and the embedded user +
 password.
 From 7.21.7, the proxy string may be specified with a protocol:// prefix to
 specify alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
 socks5h:// to request the specific SOCKS version to be used. No protocol
 specified, http:// and all others will be treated as HTTP proxies.
 If this option is used several times, the last one will be used.
 .IP "-X, --request <command>"
 (HTTP) Specifies a custom request method to use when communicating with the
@@ -1689,8 +1902,17 @@ option.
 Specifies a custom FTP command to use instead of LIST when doing file lists
 with FTP.
-If this option is used several times, the last one will be used.
+(POP3)
 Specifies a custom POP3 command to use instead of LIST or RETR. (Added in
 7.26.0)
 (IMAP)
 Specifies a custom IMAP command to use instead of LIST. (Added in 7.30.0)
 (SMTP)
 Specifies a custom SMTP command to use instead of HELP or VRFY. (Added in 7.34.0)
 If this option is used several times, the last one will be used.
 .IP "--xattr"
 When saving output to a file, this option tells curl to store certain file
 metadata in extended file attributes. Currently, the URL is stored in the
@@ -1727,7 +1949,8 @@ than the specified date/time.
 If this option is used several times, the last one will be used.
 .IP "-h, --help"
-Usage help.
+Usage help. This lists all current command line options with a short
 description.
 .IP "-M, --manual"
 Manual. Display the huge help text.
 .IP "-V, --version"
@@ -1747,29 +1970,32 @@ You can use IPv6 with this.
 .IP "krb4"
 Krb4 for FTP is supported.
 .IP "SSL"
-HTTPS and FTPS are supported.
+SSL versions of various protocols are supported, such as HTTPS, FTPS, POP3S
 and so on.
 .IP "libz"
 Automatic decompression of compressed files over HTTP is supported.
 .IP "NTLM"
 NTLM authentication is supported.
 .IP "GSS-Negotiate"
 Negotiate authentication and krb5 for FTP is supported.
 .IP "Debug"
 This curl uses a libcurl built with Debug. This enables more error-tracking
 and memory debugging etc. For curl-developers only!
 .IP "AsynchDNS"
-This curl uses asynchronous name resolves.
+This curl uses asynchronous name resolves. Asynchronous name resolves can be
 done using either the c-ares or the threaded resolver backends.
 .IP "SPNEGO"
-SPNEGO Negotiate authentication is supported.
+SPNEGO authentication is supported.
 .IP "Largefile"
 This curl supports transfers of large files, files larger than 2GB.
 .IP "IDN"
 This curl supports IDN - international domain names.
 .IP "GSS-API"
 GSS-API is supported.
 .IP "SSPI"
-SSPI is supported. If you use NTLM and set a blank user name, curl will
+SSPI is supported.
 authenticate with your current user and password.
 .IP "TLS-SRP"
 SRP (Secure Remote Password) authentication is supported for TLS.
 .IP "HTTP2"
 HTTP/2 support has been built-in.
 .IP "Metalink"
 This curl supports Metalink (both version 3 and 4 (RFC 5854)), which
 describes mirrors and hashes.  curl will use mirrors for failover if
@@ -1983,6 +2209,10 @@ RTSP: mismatch of Session Identifiers
 unable to parse FTP file list
 .IP 88
 FTP chunk callback reported error
 .IP 89
 No connection available, the session will be queued
 .IP 90
 SSL public key does not matched pinned public key
 .IP XX
 More error codes will appear here in future releases. The existing ones
 are meant to never change.
--- a/docs/examples/.gitignore
+++ b/docs/examples/.gitignore
@@ -20,15 +20,39 @@ httpcustomheader
 httpput
 https
 imap
 imap-append
 imap-copy
 imap-create
 imap-delete
 imap-examine
 imap-fetch
 imap-list
 imap-multi
 imap-noop
 imap-search
 imap-ssl
 imap-store
 imap-tls
 multi-app
 multi-debugcallback
 multi-double
 multi-post
 multi-single
 persistant
 pop3-dele
 pop3-list
 pop3-multi
 pop3-noop
 pop3-retr
 pop3-ssl
 pop3-stat
 pop3-tls
 pop3-top
 pop3-uidl
 pop3s
 pop3slist
 post-callback
 postinmemory
 postit2
 progressfunc
 resolve
@@ -40,8 +64,12 @@ simple
 simplepost
 simplesmtp
 simplessl
 smtp-expn
 smtp-mail
 smtp-multi
 smtp-ssl
 smtp-tls
 smtp-vrfy
 url2file
 usercertinmem
 xmlstream
--- a/docs/examples/10-at-a-time.c
+++ b/docs/examples/10-at-a-time.c
@@ -62,7 +62,6 @@ static const char *urls[] = {
  "http://www.uefa.com",
  "http://www.ieee.org",
  "http://www.apple.com",
  "http://www.sony.com",
  "http://www.symantec.com",
  "http://www.zdnet.com",
  "http://www.fujitsu.com",
--- a/docs/examples/Makefile.inc
+++ b/docs/examples/Makefile.inc
@@ -1,11 +1,37 @@
 #***************************************************************************
 #                                  _   _ ____  _
 #  Project                     ___| | | |  _ \| |
 #                             / __| | | | |_) | |
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
 # Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
 # are also available at http://curl.haxx.se/docs/copyright.html.
 #
 # You may opt to use, copy, modify, merge, publish, distribute and/or sell
 # copies of the Software, and permit persons to whom the Software is
 # furnished to do so, under the terms of the COPYING file.
 #
 # This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 # KIND, either express or implied.
 #
 ###########################################################################
 # These are all libcurl example programs to be test compiled
 check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \
  fopen ftpget ftpgetresp ftpupload getinfo getinmemory http-post httpput  \
  https multi-app multi-debugcallback multi-double multi-post multi-single \
  persistant post-callback postit2 sepheaders simple simplepost simplessl  \
  sendrecv httpcustomheader certinfo chkspeed ftpgetinfo ftp-wildcard      \
-  smtp-multi simplesmtp smtp-tls rtsp externalsocket resolve \
+  smtp-mail smtp-multi smtp-ssl smtp-tls smtp-vrfy smtp-expn rtsp          \
-  progressfunc pop3s pop3slist imap url2file sftpget ftpsget
+  externalsocket resolve progressfunc pop3-retr pop3-list pop3-uidl        \
  pop3-dele pop3-top pop3-stat pop3-noop pop3-ssl pop3-tls pop3-multi      \
  imap-list imap-lsub imap-fetch imap-store imap-append imap-examine       \
  imap-search imap-create imap-delete imap-copy imap-noop imap-ssl         \
  imap-tls imap-multi url2file sftpget ftpsget postinmemory
 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
@@ -13,4 +39,4 @@ COMPLICATED_EXAMPLES = curlgtk.c curlx.c htmltitle.cpp cacertinmem.c	   \
  ftpuploadresume.c ghiper.c hiperfifo.c htmltidy.c multithread.c          \
  opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c evhiperfifo.c \
  smooth-gtk-thread.c version-check.pl href_extractor.c asiohiper.cpp      \
-  multi-uv.c xmlstream.c usercertinmem.c
+  multi-uv.c xmlstream.c usercertinmem.c sessioninfo.c
--- a/docs/examples/Makefile.m32
+++ b/docs/examples/Makefile.m32
@@ -38,7 +38,7 @@ ZLIB_PATH = ../../../zlib-1.2.8
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8y
+OPENSSL_PATH = ../../../openssl-0.9.8zc
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
@@ -148,9 +148,6 @@ endif
 ifeq ($(findstring -sspi,$(CFG)),-sspi)
 SSPI = 1
 endif
 ifeq ($(findstring -spnego,$(CFG)),-spnego)
 SPNEGO = 1
 endif
 ifeq ($(findstring -ldaps,$(CFG)),-ldaps)
 LDAPS = 1
 endif
@@ -230,9 +227,6 @@ ifdef SSPI
    CFLAGS += -DUSE_SCHANNEL
  endif
 endif
 ifdef SPNEGO
  CFLAGS += -DHAVE_SPNEGO
 endif
 ifdef IPV6
  CFLAGS += -DENABLE_IPV6 -D_WIN32_WINNT=0x0501
 endif
--- a/docs/examples/Makefile.netware
+++ b/docs/examples/Makefile.netware
@@ -19,7 +19,7 @@ endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8y
+OPENSSL_PATH = ../../../openssl-0.9.8zc
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
@@ -211,9 +211,6 @@ endif
 ifeq ($(findstring -idn,$(CFG)),-idn)
 WITH_IDN = 1
 endif
 ifeq ($(findstring -spnego,$(CFG)),-spnego)
 WITH_SPNEGO = 1
 endif
 ifeq ($(findstring -ipv6,$(CFG)),-ipv6)
 ENABLE_IPV6 = 1
 endif
@@ -247,10 +244,6 @@ ifdef WITH_SSL
 	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/ssl.$(LIBEXT)
 	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/crypto.$(LIBEXT)
 	IMPORTS += GetProcessSwitchCount RunningProcess
 ifdef WITH_SPNEGO
 	# INCLUDES += -I$(FBOPENSSL_PATH)/include
 	LDLIBS += $(FBOPENSSL_PATH)/nw/fbopenssl.$(LIBEXT)
 endif
 else
 ifdef WITH_AXTLS
 	INCLUDES += -I$(AXTLS_PATH)/inc
--- a/docs/examples/asiohiper.cpp
+++ b/docs/examples/asiohiper.cpp
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -108,21 +108,39 @@ static void mcode_or_die(const char *where, CURLMcode code)
    const char *s;
    switch(code)
    {
-    case CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
+    case CURLM_CALL_MULTI_PERFORM:
-    case CURLM_BAD_HANDLE:         s="CURLM_BAD_HANDLE";         break;
+      s = "CURLM_CALL_MULTI_PERFORM";
    case CURLM_BAD_EASY_HANDLE:    s="CURLM_BAD_EASY_HANDLE";    break;
    case CURLM_OUT_OF_MEMORY:      s="CURLM_OUT_OF_MEMORY";      break;
    case CURLM_INTERNAL_ERROR:     s="CURLM_INTERNAL_ERROR";     break;
    case CURLM_UNKNOWN_OPTION:     s="CURLM_UNKNOWN_OPTION";     break;
    case CURLM_LAST:               s="CURLM_LAST";               break;
    default: s="CURLM_unknown";
      break;
-    case     CURLM_BAD_SOCKET:         s="CURLM_BAD_SOCKET";
+    case CURLM_BAD_HANDLE:
      s = "CURLM_BAD_HANDLE";
      break;
    case CURLM_BAD_EASY_HANDLE:
      s = "CURLM_BAD_EASY_HANDLE";
      break;
    case CURLM_OUT_OF_MEMORY:
      s = "CURLM_OUT_OF_MEMORY";
      break;
    case CURLM_INTERNAL_ERROR:
      s = "CURLM_INTERNAL_ERROR";
      break;
    case CURLM_UNKNOWN_OPTION:
      s = "CURLM_UNKNOWN_OPTION";
      break;
    case CURLM_LAST:
      s = "CURLM_LAST";
      break;
    default:
      s = "CURLM_unknown";
      break;
    case CURLM_BAD_SOCKET:
      s = "CURLM_BAD_SOCKET";
      fprintf(MSG_OUT, "\nERROR: %s returns %s", where, s);
      /* ignore this error */
      return;
    }
    fprintf(MSG_OUT, "\nERROR: %s returns %s", where, s);
    exit(code);
  }
 }
@@ -157,12 +175,14 @@ static void check_multi_info(GlobalInfo *g)
 }
 /* Called by asio when there is an action on a socket */
-static void event_cb(GlobalInfo * g, boost::asio::ip::tcp::socket * tcp_socket, int action)
+static void event_cb(GlobalInfo *g, boost::asio::ip::tcp::socket *tcp_socket,
                     int action)
 {
  fprintf(MSG_OUT, "\nevent_cb: action=%d", action);
  CURLMcode rc;
-  rc = curl_multi_socket_action(g->multi, tcp_socket->native_handle(), action, &g->still_running);
+  rc = curl_multi_socket_action(g->multi, tcp_socket->native_handle(), action,
                                &g->still_running);
  mcode_or_die("event_cb: curl_multi_socket_action", rc);
  check_multi_info(g);
@@ -209,6 +229,7 @@ static void setsock(int *fdp, curl_socket_t s, CURL*e, int act, GlobalInfo*g)
  if(it == socket_map.end())
  {
    fprintf(MSG_OUT, "\nsocket %d is a c-ares socket, ignoring", s);
    return;
  }
@@ -221,39 +242,31 @@ static void setsock(int *fdp, curl_socket_t s, CURL*e, int act, GlobalInfo*g)
    fprintf(MSG_OUT, "\nwatching for socket to become readable");
    tcp_socket->async_read_some(boost::asio::null_buffers(),
-                             boost::bind(&event_cb, g,
+                                boost::bind(&event_cb, g, tcp_socket, act));
                               tcp_socket,
                               act));
  }
  else if (act == CURL_POLL_OUT)
  {
    fprintf(MSG_OUT, "\nwatching for socket to become writable");
    tcp_socket->async_write_some(boost::asio::null_buffers(),
-                              boost::bind(&event_cb, g,
+                                 boost::bind(&event_cb, g, tcp_socket, act));
                                tcp_socket,
                                act));
  }
  else if(act == CURL_POLL_INOUT)
  {
    fprintf(MSG_OUT, "\nwatching for socket to become readable & writable");
    tcp_socket->async_read_some(boost::asio::null_buffers(),
-                             boost::bind(&event_cb, g,
+                                boost::bind(&event_cb, g, tcp_socket, act));
                               tcp_socket,
                               act));
    tcp_socket->async_write_some(boost::asio::null_buffers(),
-                              boost::bind(&event_cb, g,
+                                 boost::bind(&event_cb, g, tcp_socket, act));
                                tcp_socket,
                                act));
  }
 }
 static void addsock(curl_socket_t s, CURL *easy, int action, GlobalInfo *g)
 {
-  int *fdp = (int *)calloc(sizeof(int), 1); /* fdp is used to store current action */
+  /* fdp is used to store current action */
  int *fdp = (int *) calloc(sizeof(int), 1);
  setsock(fdp, s, easy, action, g);
  curl_multi_assign(g->multi, s, fdp);
@@ -291,10 +304,10 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
      setsock(actionp, s, e, what, g);
    }
  }
  return 0;
 }
 /* CURLOPT_WRITEFUNCTION */
 static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data)
 {
@@ -312,12 +325,12 @@ static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data)
  return written;
 }
 /* CURLOPT_PROGRESSFUNCTION */
 static int prog_cb(void *p, double dltotal, double dlnow, double ult,
                   double uln)
 {
  ConnInfo *conn = (ConnInfo *)p;
  (void)ult;
  (void)uln;
@@ -328,15 +341,14 @@ static int prog_cb (void *p, double dltotal, double dlnow, double ult,
 }
 /* CURLOPT_OPENSOCKETFUNCTION */
-static curl_socket_t opensocket(void *clientp,
+static curl_socket_t opensocket(void *clientp, curlsocktype purpose,
                                curlsocktype purpose,
                                struct curl_sockaddr *address)
 {
  fprintf(MSG_OUT, "\nopensocket :");
  curl_socket_t sockfd = CURL_SOCKET_BAD;
-  /* restrict to ipv4 */
+  /* restrict to IPv4 */
  if(purpose == CURLSOCKTYPE_IPCXN && address->family == AF_INET)
  {
    /* create a tcp socket object */
@@ -348,7 +360,7 @@ static curl_socket_t opensocket(void *clientp,
    if(ec)
    {
-      //An error occurred
+      /* An error occurred */
      std::cout << std::endl << "Couldn't open socket [" << ec << "][" << ec.message() << "]";
      fprintf(MSG_OUT, "\nERROR: Returning CURL_SOCKET_BAD to signal error");
    }
@@ -388,16 +400,15 @@ static void new_conn(char *url, GlobalInfo *g )
  CURLMcode rc;
  conn = (ConnInfo *) calloc(1, sizeof(ConnInfo));
  memset(conn, 0, sizeof(ConnInfo));
  conn->error[0]='\0';
  conn->easy = curl_easy_init();
  if(!conn->easy)
  {
    fprintf(MSG_OUT, "\ncurl_easy_init() failed, exiting!");
    exit(2);
  }
  conn->global = g;
  conn->url = strdup(url);
  curl_easy_setopt(conn->easy, CURLOPT_URL, conn->url);
@@ -431,6 +442,7 @@ int main(int argc, char **argv)
 {
  GlobalInfo g;
  CURLMcode rc;
  (void)argc;
  (void)argv;
@@ -450,5 +462,6 @@ int main(int argc, char **argv)
  curl_multi_cleanup(g.multi);
  fprintf(MSG_OUT, "\ndone.\n");
  return 0;
 }
--- a/docs/examples/cacertinmem.c
+++ b/docs/examples/cacertinmem.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -103,6 +103,10 @@ static CURLcode sslctx_function(CURL * curl, void * sslctx, void * parm)
  if (X509_STORE_add_cert(store, cert)==0)
    printf("error adding certificate\n");
  /* decrease reference counts */
  X509_free(cert);
  BIO_free(bio);
  /* all set to go */
  return CURLE_OK ;
 }
@@ -121,7 +125,7 @@ int main(void)
  rv=curl_easy_setopt(ch,CURLOPT_WRITEFUNCTION, *writefunction);
  rv=curl_easy_setopt(ch,CURLOPT_WRITEDATA, stdout);
  rv=curl_easy_setopt(ch,CURLOPT_HEADERFUNCTION, *writefunction);
-  rv=curl_easy_setopt(ch,CURLOPT_WRITEHEADER, stderr);
+  rv=curl_easy_setopt(ch,CURLOPT_HEADERDATA, stderr);
  rv=curl_easy_setopt(ch,CURLOPT_SSLCERTTYPE,"PEM");
  rv=curl_easy_setopt(ch,CURLOPT_SSL_VERIFYPEER,1L);
  rv=curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/");
--- a/docs/examples/evhiperfifo.c
+++ b/docs/examples/evhiperfifo.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -133,7 +133,6 @@ static void mcode_or_die(const char *where, CURLMcode code)
    const char *s;
    switch ( code )
    {
    case CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
    case CURLM_BAD_HANDLE:         s="CURLM_BAD_HANDLE";         break;
    case CURLM_BAD_EASY_HANDLE:    s="CURLM_BAD_EASY_HANDLE";    break;
    case CURLM_OUT_OF_MEMORY:      s="CURLM_OUT_OF_MEMORY";      break;
--- a/docs/examples/externalsocket.c
+++ b/docs/examples/externalsocket.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -38,7 +38,7 @@
 #include <sys/socket.h>       /*  socket definitions        */
 #include <netinet/in.h>
 #include <arpa/inet.h>        /*  inet (3) funtions         */
-#include <unistd.h>           /*  misc. UNIX functions      */
+#include <unistd.h>           /*  misc. Unix functions      */
 #endif
 #include <errno.h>
--- a/docs/examples/fopen.c
+++ b/docs/examples/fopen.c
@@ -128,6 +128,7 @@ static int fill_buffer(URL_FILE *file, size_t want)
  fd_set fdexcep;
  struct timeval timeout;
  int rc;
  CURLMcode mc; /* curl_multi_fdset() return code */
  /* only attempt to fill buffer if transactions still running and buffer
   * doesnt exceed required size already
@@ -158,15 +159,35 @@ static int fill_buffer(URL_FILE *file, size_t want)
    }
    /* get file descriptors from the transfers */
-    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
-    /* In a real-world program you OF COURSE check the return code of the
+    if(mc != CURLM_OK)
-       function calls.  On success, the value of maxfd is guaranteed to be
+    {
-       greater or equal than -1.  We call select(maxfd + 1, ...), specially
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
-       in case of (maxfd == -1), we call select(0, ...), which is basically
+      break;
-       equal to sleep. */
+    }
    /* On success the value of maxfd is guaranteed to be >= -1. We call
       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
       to sleep 100ms, which is the minimum suggested value in the
       curl_multi_fdset() doc. */
    if(maxfd == -1) {
 #ifdef _WIN32
      Sleep(100);
      rc = 0;
 #else
      /* Portable sleep for platforms other than Windows. */
      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
      rc = select(0, NULL, NULL, NULL, &wait);
 #endif
    }
    else {
      /* Note that on some platforms 'timeout' may be modified by select().
         If you need access to the original value save a copy beforehand. */
      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
    }
    switch(rc) {
    case -1:
--- a/docs/examples/ftp-wildcard.c
+++ b/docs/examples/ftp-wildcard.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -26,7 +26,7 @@ struct callback_data {
  FILE *output;
 };
-static long file_is_comming(struct curl_fileinfo *finfo,
+static long file_is_coming(struct curl_fileinfo *finfo,
                           struct callback_data *data,
                           int remains);
@@ -61,7 +61,7 @@ int main(int argc, char **argv)
  curl_easy_setopt(handle, CURLOPT_WILDCARDMATCH, 1L);
  /* callback is called before download of concrete file started */
-  curl_easy_setopt(handle, CURLOPT_CHUNK_BGN_FUNCTION, file_is_comming);
+  curl_easy_setopt(handle, CURLOPT_CHUNK_BGN_FUNCTION, file_is_coming);
  /* callback is called after data from the file have been transferred */
  curl_easy_setopt(handle, CURLOPT_CHUNK_END_FUNCTION, file_is_downloaded);
@@ -89,7 +89,7 @@ int main(int argc, char **argv)
  return rc;
 }
-static long file_is_comming(struct curl_fileinfo *finfo,
+static long file_is_coming(struct curl_fileinfo *finfo,
                           struct callback_data *data,
                           int remains)
 {
--- a/docs/examples/ftpgetresp.c
+++ b/docs/examples/ftpgetresp.c
@@ -58,7 +58,7 @@ int main(void)
    /* If you intend to use this on windows with a libcurl DLL, you must use
       CURLOPT_WRITEFUNCTION as well */
    curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, write_response);
-    curl_easy_setopt(curl, CURLOPT_WRITEHEADER, respfile);
+    curl_easy_setopt(curl, CURLOPT_HEADERDATA, respfile);
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
--- a/docs/examples/getinmemory.c
+++ b/docs/examples/getinmemory.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -98,10 +98,6 @@ int main(void)
     * bytes big and contains the remote file.
     *
     * Do something nice with it!
     *
     * You should be aware of the fact that at this point we might have an
     * allocated data block, and nothing has yet deallocated that data. So when
     * you're done with it, you should free() it as a nice application.
     */
    printf("%lu bytes retrieved\n", (long)chunk.size);
--- a/docs/examples/ghiper.c
+++ b/docs/examples/ghiper.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -104,7 +104,6 @@ static void mcode_or_die(const char *where, CURLMcode code) {
  if ( CURLM_OK != code ) {
    const char *s;
    switch (code) {
      case     CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
      case     CURLM_BAD_HANDLE:         s="CURLM_BAD_HANDLE";         break;
      case     CURLM_BAD_EASY_HANDLE:    s="CURLM_BAD_EASY_HANDLE";    break;
      case     CURLM_OUT_OF_MEMORY:      s="CURLM_OUT_OF_MEMORY";      break;
--- a/docs/examples/hiperfifo.c
+++ b/docs/examples/hiperfifo.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -125,7 +125,6 @@ static void mcode_or_die(const char *where, CURLMcode code)
  if ( CURLM_OK != code ) {
    const char *s;
    switch (code) {
      case     CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
      case     CURLM_BAD_HANDLE:         s="CURLM_BAD_HANDLE";         break;
      case     CURLM_BAD_EASY_HANDLE:    s="CURLM_BAD_EASY_HANDLE";    break;
      case     CURLM_OUT_OF_MEMORY:      s="CURLM_OUT_OF_MEMORY";      break;
--- a/docs/examples/href_extractor.c
+++ b/docs/examples/href_extractor.c
@@ -74,7 +74,7 @@ int main(int argc, char *argv[])
  curl_easy_setopt(curl, CURLOPT_URL, argv[1]);
  curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
  curl_easy_setopt(curl, CURLOPT_WRITEDATA, hsp);
-  curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1);
+  curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
  curl_easy_perform(curl);
--- a/docs/examples/httpcustomheader.c
+++ b/docs/examples/httpcustomheader.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -31,20 +31,25 @@ int main(void)
  if(curl) {
    struct curl_slist *chunk = NULL;
-    chunk = curl_slist_append(chunk, "Accept: moo");
+    /* Remove a header curl would otherwise add by itself */
    chunk = curl_slist_append(chunk, "Accept:");
    /* Add a custom header */
    chunk = curl_slist_append(chunk, "Another: yes");
-    /* request with the built-in Accept: */
+    /* Modify a header curl otherwise adds differently */
    chunk = curl_slist_append(chunk, "Host: example.com");
    /* Add a header with "blank" contents to the right of the colon. Note that
       we're then using a semicolon in the string we pass to curl! */
    chunk = curl_slist_append(chunk, "X-silly-header;");
    /* set our custom set of headers */
    res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
    curl_easy_setopt(curl, CURLOPT_URL, "localhost");
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* redo request with our own custom Accept: */
    res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
--- a/docs/examples/httpput.c
+++ b/docs/examples/httpput.c
@@ -22,8 +22,6 @@
 #include <stdio.h>
 #include <fcntl.h>
 #include <sys/stat.h>
 #include <unistd.h>
 #include <curl/curl.h>
 /*
@@ -59,7 +57,6 @@ int main(int argc, char **argv)
  CURL *curl;
  CURLcode res;
  FILE * hd_src ;
  int hd ;
  struct stat file_info;
  char *file;
@@ -72,9 +69,7 @@ int main(int argc, char **argv)
  url = argv[2];
  /* get the file size of the local file */
-  hd = open(file, O_RDONLY) ;
+  stat(file, &file_info);
  fstat(hd, &file_info);
  close(hd) ;
  /* get a FILE * of the same file, could also be made with
     fdopen() from the previous descriptor, but hey this is just
--- a/docs/examples/imap-append.c
+++ b/docs/examples/imap-append.c
@@ -0,0 +1,116 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <string.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to send mail using libcurl's IMAP
 * capabilities.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 #define FROM    "<sender@example.org>"
 #define TO      "<addressee@example.net>"
 #define CC      "<info@example.org>"
 static const char *payload_text[] = {
  "Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n",
  "To: " TO "\r\n",
  "From: " FROM "(Example User)\r\n",
  "Cc: " CC "(Another example User)\r\n",
  "Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@rfcpedant.example.org>\r\n",
  "Subject: IMAP example message\r\n",
  "\r\n", /* empty line to divide headers from body, see RFC5322 */
  "The body of the message starts here.\r\n",
  "\r\n",
  "It could be a lot of lines, could be MIME encoded, whatever.\r\n",
  "Check RFC5322.\r\n",
  NULL
 };
 struct upload_status {
  int lines_read;
 };
 static size_t payload_source(void *ptr, size_t size, size_t nmemb, void *userp)
 {
  struct upload_status *upload_ctx = (struct upload_status *)userp;
  const char *data;
  if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
    return 0;
  }
  data = payload_text[upload_ctx->lines_read];
  if(data) {
    size_t len = strlen(data);
    memcpy(ptr, data, len);
    upload_ctx->lines_read++;
    return len;
  }
  return 0;
 }
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  struct upload_status upload_ctx;
  upload_ctx.lines_read = 0;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This will create a new message 100. Note that you should perform an
     * EXAMINE command to obtain the UID of the next message to create and a
     * SELECT to ensure you are creating the message in the OUTBOX. */
    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/100");
    /* In this case, we're using a callback function to specify the data. You
     * could just use the CURLOPT_READDATA option to specify a FILE pointer to
     * read from. */
    curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source);
    curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
    curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
    /* Perform the append */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/imap-copy.c
+++ b/docs/examples/imap-copy.c
@@ -0,0 +1,65 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to copy a mail from one mailbox folder
 * to another using libcurl's IMAP capabilities.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is source mailbox folder to select */
    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX");
    /* Set the COPY command specifing the message ID and destination folder */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "COPY 1 FOLDER");
    /* Note that to perform a move operation you will need to perform the copy,
     * then mark the original mail as Deleted and EXPUNGE or CLOSE. Please see
     * imap-store.c for more information on deleting messages. */
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/imap-create.c
+++ b/docs/examples/imap-create.c
@@ -0,0 +1,61 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to create a new mailbox folder using
 * libcurl's IMAP capabilities.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is just the server URL */
    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
    /* Set the CREATE command specifing the new folder name */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "CREATE FOLDER");
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/imap-delete.c
+++ b/docs/examples/imap-delete.c
@@ -0,0 +1,61 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to delete an existing mailbox folder
 * using libcurl's IMAP capabilities.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is just the server URL */
    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
    /* Set the DELETE command specifing the existing folder */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "DELETE FOLDER");
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/imap-examine.c
+++ b/docs/examples/imap-examine.c
@@ -0,0 +1,61 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to obtain information about a mailbox
 * folder using libcurl's IMAP capabilities via the EXAMINE command.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is just the server URL */
    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
    /* Set the EXAMINE command specifing the mailbox folder */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "EXAMINE OUTBOX");
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/imap-fetch.c
+++ b/docs/examples/imap-fetch.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -22,6 +22,12 @@
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to fetch mail using libcurl's IMAP
 * capabilities.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
@@ -30,15 +36,23 @@ int main(void)
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
-    curl_easy_setopt(curl, CURLOPT_USERPWD, "user:password");
+    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
-    /* This will fetch the mailbox named "foobar" */
+    /* This will fetch message 1 from the user's inbox */
-    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/foobar");
+    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX/;UID=1");
    /* Perform the fetch */
    res = curl_easy_perform(curl);
-    /* always cleanup */
+    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/imap-list.c
+++ b/docs/examples/imap-list.c
@@ -0,0 +1,60 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to list the folders within an IMAP
 * mailbox.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This will list the folders within the user's mailbox. If you want to
     * list the folders within a specific folder, for example the inbox, then
     * specify the folder as a path in the URL such as /INBOX */
    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
    /* Perform the list */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/imap-lsub.c
+++ b/docs/examples/imap-lsub.c
@@ -0,0 +1,62 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to list the subscribed folders within
 * an IMAP mailbox.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is just the server URL */
    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
    /* Set the LSUB command. Note the syntax is very similar to that of a LIST
       command. */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "LSUB \"\" *");
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/imap-multi.c
+++ b/docs/examples/imap-multi.c
@@ -0,0 +1,167 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to fetch mail using libcurl's IMAP
 * capabilities. It builds on the imap-fetch.c example to demonstrate how to
 * use libcurl's multi interface.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 #define MULTI_PERFORM_HANG_TIMEOUT 60 * 1000
 static struct timeval tvnow(void)
 {
  struct timeval now;
  /* time() returns the value of time in seconds since the epoch */
  now.tv_sec = (long)time(NULL);
  now.tv_usec = 0;
  return now;
 }
 static long tvdiff(struct timeval newer, struct timeval older)
 {
  return (newer.tv_sec - older.tv_sec) * 1000 +
    (newer.tv_usec - older.tv_usec) / 1000;
 }
 int main(void)
 {
  CURL *curl;
  CURLM *mcurl;
  int still_running = 1;
  struct timeval mp_start;
  curl_global_init(CURL_GLOBAL_DEFAULT);
  curl = curl_easy_init();
  if(!curl)
    return 1;
  mcurl = curl_multi_init();
  if(!mcurl)
    return 2;
  /* Set username and password */
  curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
  curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
  /* This will fetch message 1 from the user's inbox */
  curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX/;UID=1");
  /* Tell the multi stack about our easy handle */
  curl_multi_add_handle(mcurl, curl);
  /* Record the start time which we can use later */
  mp_start = tvnow();
  /* We start some action by calling perform right away */
  curl_multi_perform(mcurl, &still_running);
  while(still_running) {
    struct timeval timeout;
    fd_set fdread;
    fd_set fdwrite;
    fd_set fdexcep;
    int maxfd = -1;
    int rc;
    CURLMcode mc; /* curl_multi_fdset() return code */
    long curl_timeo = -1;
    /* Initialise the file descriptors */
    FD_ZERO(&fdread);
    FD_ZERO(&fdwrite);
    FD_ZERO(&fdexcep);
    /* Set a suitable timeout to play around with */
    timeout.tv_sec = 1;
    timeout.tv_usec = 0;
    curl_multi_timeout(mcurl, &curl_timeo);
    if(curl_timeo >= 0) {
      timeout.tv_sec = curl_timeo / 1000;
      if(timeout.tv_sec > 1)
        timeout.tv_sec = 1;
      else
        timeout.tv_usec = (curl_timeo % 1000) * 1000;
    }
    /* get file descriptors from the transfers */
    mc = curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
    if(mc != CURLM_OK)
    {
      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
      break;
    }
    /* On success the value of maxfd is guaranteed to be >= -1. We call
       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
       to sleep 100ms, which is the minimum suggested value in the
       curl_multi_fdset() doc. */
    if(maxfd == -1) {
 #ifdef _WIN32
      Sleep(100);
      rc = 0;
 #else
      /* Portable sleep for platforms other than Windows. */
      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
      rc = select(0, NULL, NULL, NULL, &wait);
 #endif
    }
    else {
      /* Note that on some platforms 'timeout' may be modified by select().
         If you need access to the original value save a copy beforehand. */
      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
    }
    if(tvdiff(tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
      fprintf(stderr,
              "ABORTING: Since it seems that we would have run forever.\n");
      break;
    }
    switch(rc) {
    case -1:  /* select error */
      break;
    case 0:   /* timeout */
    default:  /* action */
      curl_multi_perform(mcurl, &still_running);
      break;
    }
  }
  /* Always cleanup */
  curl_multi_remove_handle(mcurl, curl);
  curl_multi_cleanup(mcurl);
  curl_easy_cleanup(curl);
  curl_global_cleanup();
  return 0;
 }
--- a/docs/examples/imap-noop.c
+++ b/docs/examples/imap-noop.c
@@ -0,0 +1,61 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to perform a noop using libcurl's IMAP
 * capabilities.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is just the server URL */
    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
    /* Set the NOOP command */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "NOOP");
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/imap-search.c
+++ b/docs/examples/imap-search.c
@@ -0,0 +1,65 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to search for new messages using
 * libcurl's IMAP capabilities.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is mailbox folder to select */
    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX");
    /* Set the SEARCH command specifing what we want to search for. Note that
     * this can contain a message sequence set and a number of search criteria
     * keywords including flags such as ANSWERED, DELETED, DRAFT, FLAGGED, NEW,
     * RECENT and SEEN. For more information about the search criteria please
     * see RFC-3501 section 6.4.4.   */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "SEARCH NEW");
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/pop3slist.c
+++ b/docs/examples/pop3slist.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -22,52 +22,64 @@
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to fetch mail using libcurl's IMAP
 * capabilities. It builds on the imap-fetch.c example adding transport
 * security to protect the authentication details from being snooped.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
-  CURLcode res;
+  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
-    curl_easy_setopt(curl, CURLOPT_USERPWD, "user:password");
+    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
-    /* This will list every message of the given mailbox */
+    /* This will fetch message 1 from the user's inbox. Note the use of
-    curl_easy_setopt(curl, CURLOPT_URL, "pop3s://user@pop.example.com/");
+    * imaps:// rather than imap:// to request a SSL based connection. */
    curl_easy_setopt(curl, CURLOPT_URL, "imaps://imap.example.com/INBOX/;UID=1");
-#ifdef SKIP_PEER_VERIFICATION
+    /* If you want to connect to a site who isn't using a certificate that is
    /*
     * If you want to connect to a site who isn't using a certificate that is
     * signed by one of the certs in the CA bundle you have, you can skip the
     * verification of the server's certificate. This makes the connection
     * A LOT LESS SECURE.
     *
     * If you have a CA cert for the server stored someplace else than in the
     * default bundle, then the CURLOPT_CAPATH option might come handy for
-     * you.
+     * you. */
-     */
+#ifdef SKIP_PEER_VERIFICATION
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
 #endif
-#ifdef SKIP_HOSTNAME_VERFICATION
+    /* If the site you're connecting to uses a different host name that what
    /*
     * If the site you're connecting to uses a different host name that what
     * they have mentioned in their server certificate's commonName (or
     * subjectAltName) fields, libcurl will refuse to connect. You can skip
-     * this check, but this will make the connection less secure.
+     * this check, but this will make the connection less secure. */
-     */
+#ifdef SKIP_HOSTNAME_VERFICATION
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
 #endif
-    /* Perform the request, res will get the return code */
+    /* Since the traffic will be encrypted, it is very useful to turn on debug
     * information within libcurl to see what is happening during the
     * transfer */
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
    /* Perform the fetch */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
-    /* always cleanup */
+    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
-  return 0;
+
  return (int)res;
 }
--- a/docs/examples/imap-store.c
+++ b/docs/examples/imap-store.c
@@ -0,0 +1,76 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to modify an existing mail using
 * libcurl's IMAP capabilities with the STORE command.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is the mailbox folder to select */
    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX");
    /* Set the STORE command with the Deleted flag for message 1. Note that
     * you can use the STORE command to set other flags such as Seen, Answered,
     * Flagged, Draft and Recent. */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "STORE 1 +Flags \\Deleted");
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    else {
      /* Set the EXPUNGE command, although you can use the CLOSE command if you
       * don't want to know the result of the STORE */
      curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "EXPUNGE");
      /* Perform the second custom request */
      res = curl_easy_perform(curl);
      /* Check for errors */
      if(res != CURLE_OK)
        fprintf(stderr, "curl_easy_perform() failed: %s\n",
                curl_easy_strerror(res));
    }
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/imap-tls.c
+++ b/docs/examples/imap-tls.c
@@ -0,0 +1,84 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to fetch mail using libcurl's IMAP
 * capabilities. It builds on the imap-fetch.c example adding transport
 * security to protect the authentication details from being snooped.
 *
 * Note that this example requires libcurl 7.30.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This will fetch message 1 from the user's inbox */
    curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX/;UID=1");
    /* In this example, we'll start with a plain text connection, and upgrade
     * to Transport Layer Security (TLS) using the STARTTLS command. Be careful
     * of using CURLUSESSL_TRY here, because if TLS upgrade fails, the transfer
     * will continue anyway - see the security discussion in the libcurl
     * tutorial for more details. */
    curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);
    /* If your server doesn't have a valid certificate, then you can disable
     * part of the Transport Layer Security protection by setting the
     * CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST options to 0 (false).
     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
     * That is, in general, a bad idea. It is still better than sending your
     * authentication details in plain text though.
     * Instead, you should get the issuer certificate (or the host certificate
     * if the certificate is self-signed) and add it to the set of certificates
     * that are known to libcurl using CURLOPT_CAINFO and/or CURLOPT_CAPATH. See
     * docs/SSLCERTS for more information. */
    curl_easy_setopt(curl, CURLOPT_CAINFO, "/path/to/certificate.pem");
    /* Since the traffic will be encrypted, it is very useful to turn on debug
     * information within libcurl to see what is happening during the
     * transfer */
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
    /* Perform the fetch */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/multi-app.c
+++ b/docs/examples/multi-app.c
@@ -73,6 +73,7 @@ int main(void)
  do {
    struct timeval timeout;
    int rc; /* select() return code */
    CURLMcode mc; /* curl_multi_fdset() return code */
    fd_set fdread;
    fd_set fdwrite;
@@ -99,15 +100,35 @@ int main(void)
    }
    /* get file descriptors from the transfers */
-    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
-    /* In a real-world program you OF COURSE check the return code of the
+    if(mc != CURLM_OK)
-       function calls.  On success, the value of maxfd is guaranteed to be
+    {
-       greater or equal than -1.  We call select(maxfd + 1, ...), specially in
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
-       case of (maxfd == -1), we call select(0, ...), which is basically equal
+      break;
-       to sleep. */
+    }
    /* On success the value of maxfd is guaranteed to be >= -1. We call
       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
       to sleep 100ms, which is the minimum suggested value in the
       curl_multi_fdset() doc. */
    if(maxfd == -1) {
 #ifdef _WIN32
      Sleep(100);
      rc = 0;
 #else
      /* Portable sleep for platforms other than Windows. */
      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
      rc = select(0, NULL, NULL, NULL, &wait);
 #endif
    }
    else {
      /* Note that on some platforms 'timeout' may be modified by select().
         If you need access to the original value save a copy beforehand. */
      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
    }
    switch(rc) {
    case -1:
--- a/docs/examples/multi-debugcallback.c
+++ b/docs/examples/multi-debugcallback.c
@@ -147,6 +147,7 @@ int main(void)
  do {
    struct timeval timeout;
    int rc; /* select() return code */
    CURLMcode mc; /* curl_multi_fdset() return code */
    fd_set fdread;
    fd_set fdwrite;
@@ -173,15 +174,35 @@ int main(void)
    }
    /* get file descriptors from the transfers */
-    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
-    /* In a real-world program you OF COURSE check the return code of the
+    if(mc != CURLM_OK)
-       function calls.  On success, the value of maxfd is guaranteed to be
+    {
-       greater or equal than -1.  We call select(maxfd + 1, ...), specially in
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
-       case of (maxfd == -1), we call select(0, ...), which is basically equal
+      break;
-       to sleep. */
+    }
    /* On success the value of maxfd is guaranteed to be >= -1. We call
       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
       to sleep 100ms, which is the minimum suggested value in the
       curl_multi_fdset() doc. */
    if(maxfd == -1) {
 #ifdef _WIN32
      Sleep(100);
      rc = 0;
 #else
      /* Portable sleep for platforms other than Windows. */
      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
      rc = select(0, NULL, NULL, NULL, &wait);
 #endif
    }
    else {
      /* Note that on some platforms 'timeout' may be modified by select().
         If you need access to the original value save a copy beforehand. */
      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
    }
    switch(rc) {
    case -1:
--- a/docs/examples/multi-double.c
+++ b/docs/examples/multi-double.c
@@ -62,6 +62,7 @@ int main(void)
  do {
    struct timeval timeout;
    int rc; /* select() return code */
    CURLMcode mc; /* curl_multi_fdset() return code */
    fd_set fdread;
    fd_set fdwrite;
@@ -88,15 +89,35 @@ int main(void)
    }
    /* get file descriptors from the transfers */
-    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
-    /* In a real-world program you OF COURSE check the return code of the
+    if(mc != CURLM_OK)
-       function calls.  On success, the value of maxfd is guaranteed to be
+    {
-       greater or equal than -1.  We call select(maxfd + 1, ...), specially in
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
-       case of (maxfd == -1), we call select(0, ...), which is basically equal
+      break;
-       to sleep. */
+    }
    /* On success the value of maxfd is guaranteed to be >= -1. We call
       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
       to sleep 100ms, which is the minimum suggested value in the
       curl_multi_fdset() doc. */
    if(maxfd == -1) {
 #ifdef _WIN32
      Sleep(100);
      rc = 0;
 #else
      /* Portable sleep for platforms other than Windows. */
      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
      rc = select(0, NULL, NULL, NULL, &wait);
 #endif
    }
    else {
      /* Note that on some platforms 'timeout' may be modified by select().
         If you need access to the original value save a copy beforehand. */
      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
    }
    switch(rc) {
    case -1:
--- a/docs/examples/multi-post.c
+++ b/docs/examples/multi-post.c
@@ -83,6 +83,7 @@ int main(void)
    do {
      struct timeval timeout;
      int rc; /* select() return code */
      CURLMcode mc; /* curl_multi_fdset() return code */
      fd_set fdread;
      fd_set fdwrite;
@@ -109,15 +110,35 @@ int main(void)
      }
      /* get file descriptors from the transfers */
-      curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+      mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
-      /* In a real-world program you OF COURSE check the return code of the
+      if(mc != CURLM_OK)
-         function calls.  On success, the value of maxfd is guaranteed to be
+      {
-         greater or equal than -1.  We call select(maxfd + 1, ...), specially in
+        fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
-         case of (maxfd == -1), we call select(0, ...), which is basically equal
+        break;
-         to sleep. */
+      }
      /* On success the value of maxfd is guaranteed to be >= -1. We call
         select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
         no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
         to sleep 100ms, which is the minimum suggested value in the
         curl_multi_fdset() doc. */
      if(maxfd == -1) {
 #ifdef _WIN32
        Sleep(100);
        rc = 0;
 #else
        /* Portable sleep for platforms other than Windows. */
        struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
        rc = select(0, NULL, NULL, NULL, &wait);
 #endif
      }
      else {
        /* Note that on some platforms 'timeout' may be modified by select().
           If you need access to the original value save a copy beforehand. */
        rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
      }
      switch(rc) {
      case -1:
--- a/docs/examples/multi-single.c
+++ b/docs/examples/multi-single.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -31,6 +31,15 @@
 /* curl stuff */
 #include <curl/curl.h>
 #ifdef _WIN32
 #define WAITMS(x) Sleep(x)
 #else
 /* Portable sleep for platforms other than Windows. */
 #define WAITMS(x)                               \
  struct timeval wait = { 0, (x) * 1000 };      \
  (void)select(0, NULL, NULL, NULL, &wait);
 #endif
 /*
 * Simply download a HTTP file.
 */
@@ -40,6 +49,7 @@ int main(void)
  CURLM *multi_handle;
  int still_running; /* keep number of running handles */
  int repeats = 0;
  curl_global_init(CURL_GLOBAL_DEFAULT);
@@ -58,56 +68,33 @@ int main(void)
  curl_multi_perform(multi_handle, &still_running);
  do {
-    struct timeval timeout;
+    CURLMcode mc; /* curl_multi_wait() return code */
-    int rc; /* select() return code */
+    int numfds;
-    fd_set fdread;
+    /* wait for activity, timeout or "nothing" */
-    fd_set fdwrite;
+    mc = curl_multi_wait(multi_handle, NULL, 0, 1000, &numfds);
    fd_set fdexcep;
    int maxfd = -1;
-    long curl_timeo = -1;
+    if(mc != CURLM_OK)
    {
      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
      break;
    }
-    FD_ZERO(&fdread);
+    /* 'numfds' being zero means either a timeout or no file descriptors to
-    FD_ZERO(&fdwrite);
+       wait for. Try timeout on first occurance, then assume no file
-    FD_ZERO(&fdexcep);
+       descriptors and no file descriptors to wait for means wait for 100
       milliseconds. */
-    /* set a suitable timeout to play around with */
+    if(!numfds) {
-    timeout.tv_sec = 1;
+      repeats++; /* count number of repeated zero numfds */
-    timeout.tv_usec = 0;
+      if(repeats > 1) {
-
+        WAITMS(100); /* sleep 100 milliseconds */
-    curl_multi_timeout(multi_handle, &curl_timeo);
+      }
-    if(curl_timeo >= 0) {
+    }
      timeout.tv_sec = curl_timeo / 1000;
      if(timeout.tv_sec > 1)
        timeout.tv_sec = 1;
    else
-        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+      repeats = 0;
    }
    /* get file descriptors from the transfers */
    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
    /* In a real-world program you OF COURSE check the return code of the
       function calls.  On success, the value of maxfd is guaranteed to be
       greater or equal than -1.  We call select(maxfd + 1, ...), specially in
       case of (maxfd == -1), we call select(0, ...), which is basically equal
       to sleep. */
    rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
    switch(rc) {
    case -1:
      /* select error */
      still_running = 0;
      printf("select() returns error, this is badness\n");
      break;
    case 0:
    default:
      /* timeout or readable/writable sockets */
    curl_multi_perform(multi_handle, &still_running);
      break;
    }
  } while(still_running);
  curl_multi_remove_handle(multi_handle, http_handle);
--- a/docs/examples/multi-uv.c
+++ b/docs/examples/multi-uv.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -83,18 +83,49 @@ void add_download(const char *url, int num)
  sprintf(filename, "%d.download", num);
  file = fopen(filename, "w");
-  if (file == NULL) {
+  if(!file) {
    fprintf(stderr, "Error opening %s\n", filename);
    return;
  }
  handle = curl_easy_init();
  curl_easy_setopt(handle, CURLOPT_WRITEDATA, file);
  curl_easy_setopt(handle, CURLOPT_PRIVATE, file);
  curl_easy_setopt(handle, CURLOPT_URL, url);
  curl_multi_add_handle(curl_handle, handle);
  fprintf(stderr, "Added download %s -> %s\n", url, filename);
 }
 static void check_multi_info(void)
 {
  int running_handles;
  char *done_url;
  CURLMsg *message;
  int pending;
  FILE *file;
  while((message = curl_multi_info_read(curl_handle, &pending))) {
    switch(message->msg) {
    case CURLMSG_DONE:
      curl_easy_getinfo(message->easy_handle, CURLINFO_EFFECTIVE_URL,
                        &done_url);
      curl_easy_getinfo(message->easy_handle, CURLINFO_PRIVATE, &file);
      printf("%s DONE\n", done_url);
      curl_multi_remove_handle(curl_handle, message->easy_handle);
      curl_easy_cleanup(message->easy_handle);
      if(file) {
        fclose(file);
      }
      break;
    default:
      fprintf(stderr, "CURLMSG default\n");
      break;
    }
  }
 }
 void curl_perform(uv_poll_t *req, int status, int events)
 {
  int running_handles;
@@ -116,22 +147,7 @@ void curl_perform(uv_poll_t *req, int status, int events)
  curl_multi_socket_action(curl_handle, context->sockfd, flags,
                           &running_handles);
-  while ((message = curl_multi_info_read(curl_handle, &pending))) {
+  check_multi_info();
    switch (message->msg) {
    case CURLMSG_DONE:
      curl_easy_getinfo(message->easy_handle, CURLINFO_EFFECTIVE_URL,
                        &done_url);
      printf("%s DONE\n", done_url);
      curl_multi_remove_handle(curl_handle, message->easy_handle);
      curl_easy_cleanup(message->easy_handle);
      break;
    default:
      fprintf(stderr, "CURLMSG default\n");
      abort();
    }
  }
 }
 void on_timeout(uv_timer_t *req, int status)
@@ -139,6 +155,7 @@ void on_timeout(uv_timer_t *req, int status)
  int running_handles;
  curl_multi_socket_action(curl_handle, CURL_SOCKET_TIMEOUT, 0,
                           &running_handles);
  check_multi_info();
 }
 void start_timeout(CURLM *multi, long timeout_ms, void *userp)
@@ -208,5 +225,6 @@ int main(int argc, char **argv)
  uv_run(loop, UV_RUN_DEFAULT);
  curl_multi_cleanup(curl_handle);
  return 0;
 }
--- a/docs/examples/pop3-dele.c
+++ b/docs/examples/pop3-dele.c
@@ -0,0 +1,64 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to delete an existing mail using
 * libcurl's POP3 capabilities.
 *
 * Note that this example requires libcurl 7.26.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* You can specify the message either in the URL or DELE command */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");
    /* Set the DELE command */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "DELE");
    /* Do not perform a transfer as DELE returns no data */
    curl_easy_setopt(curl, CURLOPT_NOBODY, 1L);
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/pop3-list.c
+++ b/docs/examples/pop3-list.c
@@ -0,0 +1,58 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example using libcurl's POP3 capabilities to list the
 * contents of a mailbox.
 *
 * Note that this example requires libcurl 7.20.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This will list every message of the given mailbox */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com");
    /* Perform the list */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/pop3-multi.c
+++ b/docs/examples/pop3-multi.c
@@ -0,0 +1,167 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to retrieve mail using libcurl's POP3
 * capabilities. It builds on the pop3-retr.c example to demonstrate how to use
 * libcurl's multi interface.
 *
 * Note that this example requires libcurl 7.20.0 or above.
 */
 #define MULTI_PERFORM_HANG_TIMEOUT 60 * 1000
 static struct timeval tvnow(void)
 {
  struct timeval now;
  /* time() returns the value of time in seconds since the epoch */
  now.tv_sec = (long)time(NULL);
  now.tv_usec = 0;
  return now;
 }
 static long tvdiff(struct timeval newer, struct timeval older)
 {
  return (newer.tv_sec - older.tv_sec) * 1000 +
    (newer.tv_usec - older.tv_usec) / 1000;
 }
 int main(void)
 {
  CURL *curl;
  CURLM *mcurl;
  int still_running = 1;
  struct timeval mp_start;
  curl_global_init(CURL_GLOBAL_DEFAULT);
  curl = curl_easy_init();
  if(!curl)
    return 1;
  mcurl = curl_multi_init();
  if(!mcurl)
    return 2;
  /* Set username and password */
  curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
  curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
  /* This will retreive message 1 from the user's mailbox */
  curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");
  /* Tell the multi stack about our easy handle */
  curl_multi_add_handle(mcurl, curl);
  /* Record the start time which we can use later */
  mp_start = tvnow();
  /* We start some action by calling perform right away */
  curl_multi_perform(mcurl, &still_running);
  while(still_running) {
    struct timeval timeout;
    fd_set fdread;
    fd_set fdwrite;
    fd_set fdexcep;
    int maxfd = -1;
    int rc;
    CURLMcode mc; /* curl_multi_fdset() return code */
    long curl_timeo = -1;
    /* Initialise the file descriptors */
    FD_ZERO(&fdread);
    FD_ZERO(&fdwrite);
    FD_ZERO(&fdexcep);
    /* Set a suitable timeout to play around with */
    timeout.tv_sec = 1;
    timeout.tv_usec = 0;
    curl_multi_timeout(mcurl, &curl_timeo);
    if(curl_timeo >= 0) {
      timeout.tv_sec = curl_timeo / 1000;
      if(timeout.tv_sec > 1)
        timeout.tv_sec = 1;
      else
        timeout.tv_usec = (curl_timeo % 1000) * 1000;
    }
    /* get file descriptors from the transfers */
    mc = curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
    if(mc != CURLM_OK)
    {
      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
      break;
    }
    /* On success the value of maxfd is guaranteed to be >= -1. We call
       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
       to sleep 100ms, which is the minimum suggested value in the
       curl_multi_fdset() doc. */
    if(maxfd == -1) {
 #ifdef _WIN32
      Sleep(100);
      rc = 0;
 #else
      /* Portable sleep for platforms other than Windows. */
      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
      rc = select(0, NULL, NULL, NULL, &wait);
 #endif
    }
    else {
      /* Note that on some platforms 'timeout' may be modified by select().
         If you need access to the original value save a copy beforehand. */
      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
    }
    if(tvdiff(tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
      fprintf(stderr,
              "ABORTING: Since it seems that we would have run forever.\n");
      break;
    }
    switch(rc) {
    case -1:  /* select error */
      break;
    case 0:   /* timeout */
    default:  /* action */
      curl_multi_perform(mcurl, &still_running);
      break;
    }
  }
  /* Always cleanup */
  curl_multi_remove_handle(mcurl, curl);
  curl_multi_cleanup(mcurl);
  curl_easy_cleanup(curl);
  curl_global_cleanup();
  return 0;
 }
--- a/docs/examples/pop3-noop.c
+++ b/docs/examples/pop3-noop.c
@@ -0,0 +1,64 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to perform a noop using libcurl's POP3
 * capabilities.
 *
 * Note that this example requires libcurl 7.26.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is just the server URL */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com");
    /* Set the NOOP command */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "NOOP");
    /* Do not perform a transfer as NOOP returns no data */
    curl_easy_setopt(curl, CURLOPT_NOBODY, 1L);
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/pop3-retr.c
+++ b/docs/examples/pop3-retr.c
@@ -0,0 +1,58 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to retrieve mail using libcurl's POP3
 * capabilities.
 *
 * Note that this example requires libcurl 7.20.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This will retreive message 1 from the user's mailbox */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");
    /* Perform the retr */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/pop3-ssl.c
+++ b/docs/examples/pop3-ssl.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -22,52 +22,64 @@
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to retrieve mail using libcurl's POP3
 * capabilities. It builds on the pop3-retr.c example adding transport
 * security to protect the authentication details from being snooped.
 *
 * Note that this example requires libcurl 7.20.0 or above.
 */
 int main(void)
 {
  CURL *curl;
-  CURLcode res;
+  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
-    curl_easy_setopt(curl, CURLOPT_USERPWD, "user:password");
+    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
-    /* This will only fetch the message with ID "1" of the given mailbox */
+    /* This will retreive message 1 from the user's mailbox. Note the use of
-    curl_easy_setopt(curl, CURLOPT_URL, "pop3s://user@pop.example.com/1");
+     * pop3s:// rather than pop3:// to request a SSL based connection. */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3s://pop.example.com/1");
-#ifdef SKIP_PEER_VERIFICATION
+    /* If you want to connect to a site who isn't using a certificate that is
    /*
     * If you want to connect to a site who isn't using a certificate that is
     * signed by one of the certs in the CA bundle you have, you can skip the
     * verification of the server's certificate. This makes the connection
     * A LOT LESS SECURE.
     *
     * If you have a CA cert for the server stored someplace else than in the
     * default bundle, then the CURLOPT_CAPATH option might come handy for
-     * you.
+     * you. */
-     */
+#ifdef SKIP_PEER_VERIFICATION
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
 #endif
-#ifdef SKIP_HOSTNAME_VERFICATION
+    /* If the site you're connecting to uses a different host name that what
    /*
     * If the site you're connecting to uses a different host name that what
     * they have mentioned in their server certificate's commonName (or
     * subjectAltName) fields, libcurl will refuse to connect. You can skip
-     * this check, but this will make the connection less secure.
+     * this check, but this will make the connection less secure. */
-     */
+#ifdef SKIP_HOSTNAME_VERFICATION
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
 #endif
-    /* Perform the request, res will get the return code */
+    /* Since the traffic will be encrypted, it is very useful to turn on debug
     * information within libcurl to see what is happening during the
     * transfer */
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
    /* Perform the retr */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
-    /* always cleanup */
+    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
-  return 0;
+
  return (int)res;
 }
--- a/docs/examples/pop3-stat.c
+++ b/docs/examples/pop3-stat.c
@@ -0,0 +1,64 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to obtain message statistics using
 * libcurl's POP3 capabilities.
 *
 * Note that this example requires libcurl 7.26.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is just the server URL */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com");
    /* Set the STAT command */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "STAT");
    /* Do not perform a transfer as the data is in the response */
    curl_easy_setopt(curl, CURLOPT_NOBODY, 1L);
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/pop3-tls.c
+++ b/docs/examples/pop3-tls.c
@@ -0,0 +1,84 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to retrieve mail using libcurl's POP3
 * capabilities. It builds on the pop3-retr.c example adding transport
 * security to protect the authentication details from being snooped.
 *
 * Note that this example requires libcurl 7.20.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This will retreive message 1 from the user's mailbox */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");
    /* In this example, we'll start with a plain text connection, and upgrade
     * to Transport Layer Security (TLS) using the STLS command. Be careful of
     * using CURLUSESSL_TRY here, because if TLS upgrade fails, the transfer
     * will continue anyway - see the security discussion in the libcurl
     * tutorial for more details. */
    curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);
    /* If your server doesn't have a valid certificate, then you can disable
     * part of the Transport Layer Security protection by setting the
     * CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST options to 0 (false).
     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
     * That is, in general, a bad idea. It is still better than sending your
     * authentication details in plain text though.
     * Instead, you should get the issuer certificate (or the host certificate
     * if the certificate is self-signed) and add it to the set of certificates
     * that are known to libcurl using CURLOPT_CAINFO and/or CURLOPT_CAPATH. See
     * docs/SSLCERTS for more information. */
    curl_easy_setopt(curl, CURLOPT_CAINFO, "/path/to/certificate.pem");
    /* Since the traffic will be encrypted, it is very useful to turn on debug
     * information within libcurl to see what is happening during the
     * transfer */
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
    /* Perform the retr */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/pop3-top.c
+++ b/docs/examples/pop3-top.c
@@ -0,0 +1,61 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example showing how to retrieve only the headers of a mail
 * using libcurl's POP3 capabilities.
 *
 * Note that this example requires libcurl 7.26.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is just the server URL */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com");
    /* Set the TOP command for message 1 to only include the headers */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "TOP 1 0");
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/pop3-uidl.c
+++ b/docs/examples/pop3-uidl.c
@@ -0,0 +1,61 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <curl/curl.h>
 /* This is a simple example using libcurl's POP3 capabilities to list the
 * contents of a mailbox by unique ID.
 *
 * Note that this example requires libcurl 7.26.0 or above.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res = CURLE_OK;
  curl = curl_easy_init();
  if(curl) {
    /* Set username and password */
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
    /* This is just the server URL */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com");
    /* Set the UIDL command */
    curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "UIDL");
    /* Perform the custom request */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    /* Always cleanup */
    curl_easy_cleanup(curl);
  }
  return (int)res;
 }
--- a/docs/examples/postinmemory.c
+++ b/docs/examples/postinmemory.c
@@ -0,0 +1,111 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <curl/curl.h>
 struct MemoryStruct {
  char *memory;
  size_t size;
 };
 static size_t
 WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)
 {
  size_t realsize = size * nmemb;
  struct MemoryStruct *mem = (struct MemoryStruct *)userp;
  mem->memory = realloc(mem->memory, mem->size + realsize + 1);
  if(mem->memory == NULL) {
    /* out of memory! */
    printf("not enough memory (realloc returned NULL)\n");
    return 0;
  }
  memcpy(&(mem->memory[mem->size]), contents, realsize);
  mem->size += realsize;
  mem->memory[mem->size] = 0;
  return realsize;
 }
 int main(void)
 {
  CURL *curl;
  CURLcode res;
  struct MemoryStruct chunk;
  static const char *postthis="Field=1&Field=2&Field=3";
  chunk.memory = malloc(1);  /* will be grown as needed by realloc above */
  chunk.size = 0;    /* no data at this point */
  curl_global_init(CURL_GLOBAL_ALL);
  curl = curl_easy_init();
  if(curl) {
    curl_easy_setopt(curl, CURLOPT_URL, "http://www.example.org/");
    /* send all data to this function  */
    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
    /* we pass our 'chunk' struct to the callback function */
    curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&chunk);
    /* some servers don't like requests that are made without a user-agent
       field, so we provide one */
    curl_easy_setopt(curl, CURLOPT_USERAGENT, "libcurl-agent/1.0");
    curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postthis);
    /* if we don't provide POSTFIELDSIZE, libcurl will strlen() by
       itself */
    curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)strlen(postthis));
    /* Perform the request, res will get the return code */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK) {
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
    }
    else {
      /*
       * Now, our chunk.memory points to a memory block that is chunk.size
       * bytes big and contains the remote file.
       *
       * Do something nice with it!
       */
      printf("%s\n",chunk.memory);
    }
    /* always cleanup */
    curl_easy_cleanup(curl);
    if(chunk.memory)
      free(chunk.memory);
    /* we're done with libcurl, so clean it up */
    curl_global_cleanup();
  }
  return 0;
 }
--- a/docs/examples/rtsp.c
+++ b/docs/examples/rtsp.c
@@ -224,7 +224,7 @@ int main(int argc, char * const argv[])
      if (curl != NULL) {
        my_curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L);
        my_curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L);
-        my_curl_easy_setopt(curl, CURLOPT_WRITEHEADER, stdout);
+        my_curl_easy_setopt(curl, CURLOPT_HEADERDATA, stdout);
        my_curl_easy_setopt(curl, CURLOPT_URL, url);
        /* request server options */
--- a/docs/examples/sepheaders.c
+++ b/docs/examples/sepheaders.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -53,20 +53,23 @@ int main(void)
  /* send all data to this function  */
  curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, write_data);
-  /* open the files */
+  /* open the header file */
  headerfile = fopen(headerfilename, "wb");
-  if (headerfile == NULL) {
+  if(!headerfile) {
    curl_easy_cleanup(curl_handle);
    return -1;
  }
  bodyfile = fopen(bodyfilename,"wb");
  if (bodyfile == NULL) {
    curl_easy_cleanup(curl_handle);
    return -1;
  }
  /* open the body file */
  bodyfile = fopen(bodyfilename, "wb");
  if(!bodyfile) {
    curl_easy_cleanup(curl_handle);
    fclose(headerfile);
    return -1;
  }
  /* we want the headers be written to this file handle */
-  curl_easy_setopt(curl_handle,   CURLOPT_WRITEHEADER, headerfile);
+  curl_easy_setopt(curl_handle, CURLOPT_HEADERDATA, headerfile);
  /* we want the body be written to this file handle instead of stdout */
  curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, bodyfile);
--- a/Show More
+++ b/Show More