THANKS: 18 new contributors for 7.37.0

RELEASE-NOTES: synced with 85f4075bdb
Possibly the final update before release...
2014-05-20 23:42:47 +02:00 · 2014-05-20 23:10:58 +02:00 · 2014-05-20 20:02:21 +01:00 · 2014-05-20 16:50:24 +02:00 · 2014-05-20 12:57:56 +02:00 · 2014-05-20 00:46:28 +01:00
347 changed files with 41330 additions and 2249 deletions
--- a/Makefile.am
+++ b/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -30,28 +30,88 @@ CMake/CurlTests.c CMake/FindOpenSSL.cmake CMake/FindZLIB.cmake		\
 CMake/OtherTests.cmake CMake/Platforms/WindowsCache.cmake		\
 CMake/Utilities.cmake include/curl/curlbuild.h.cmake

-VC6LIBDSP = vs/vc6/lib/vc6libcurl.dsp
-VC6LIBDSPHEAD = vs/t/lib/vc6_libcurl_dsp.head
-VC6LIBDSPFOOT = vs/t/lib/vc6_libcurl_dsp.foot
+VC6_LIBTMPL = projects/Windows/VC6/lib/libcurl.tmpl
+VC6_LIBDSP = projects/Windows/VC6/lib/libcurl.dsp
+VC6_LIBDSP_DEPS = $(VC6_LIBTMPL) Makefile.am lib/Makefile.inc
+VC6_SRCTMPL = projects/Windows/VC6/src/curlsrc.tmpl
+VC6_SRCDSP = projects/Windows/VC6/src/curlsrc.dsp
+VC6_SRCDSP_DEPS = $(VC6_SRCTMPL) Makefile.am src/Makefile.inc

-VC8LIBPRJ = vs/vc8/lib/vc8libcurl.vcproj
-VC8LIBPRJHEAD = vs/t/lib/vc8_libcurl_prj.head
-VC8LIBPRJFOOT = vs/t/lib/vc8_libcurl_prj.foot
+VC7_LIBTMPL = projects/Windows/VC7/lib/libcurl.tmpl
+VC7_LIBVCPROJ = projects/Windows/VC7/lib/libcurl.vcproj
+VC7_LIBVCPROJ_DEPS = $(VC7_LIBTMPL) Makefile.am lib/Makefile.inc
+VC7_SRCTMPL = projects/Windows/VC7/src/curlsrc.tmpl
+VC7_SRCVCPROJ = projects/Windows/VC7/src/curlsrc.vcproj
+VC7_SRCVCPROJ_DEPS = $(VC7_SRCTMPL) Makefile.am src/Makefile.inc

-VC_DIST = \
- vs/t/README \
- $(VC6LIBDSP) $(VC6LIBDSPHEAD) $(VC6LIBDSPFOOT) \
- $(VC8LIBPRJ) $(VC8LIBPRJHEAD) $(VC8LIBPRJFOOT) \
- vs/vc6/vc6curl.dsw \
- vs/vc6/lib/vc6libcurl.dsw \
- vs/vc6/src/vc6curltool.dsw \
- vs/vc6/src/vc6curltool.dsp
+VC71_LIBTMPL = projects/Windows/VC7.1/lib/libcurl.tmpl
+VC71_LIBVCPROJ = projects/Windows/VC7.1/lib/libcurl.vcproj
+VC71_LIBVCPROJ_DEPS = $(VC71_LIBTMPL) Makefile.am lib/Makefile.inc
+VC71_SRCTMPL = projects/Windows/VC7.1/src/curlsrc.tmpl
+VC71_SRCVCPROJ = projects/Windows/VC7.1/src/curlsrc.vcproj
+VC71_SRCVCPROJ_DEPS = $(VC71_SRCTMPL) Makefile.am src/Makefile.inc

-VC6LIBDSP_DEPS = $(VC6LIBDSPHEAD) $(VC6LIBDSPFOOT) \
- Makefile.am lib/Makefile.inc
+VC8_LIBTMPL = projects/Windows/VC8/lib/libcurl.tmpl
+VC8_LIBVCPROJ = projects/Windows/VC8/lib/libcurl.vcproj
+VC8_LIBVCPROJ_DEPS = $(VC8_LIBTMPL) Makefile.am lib/Makefile.inc
+VC8_SRCTMPL = projects/Windows/VC8/src/curlsrc.tmpl
+VC8_SRCVCPROJ = projects/Windows/VC8/src/curlsrc.vcproj
+VC8_SRCVCPROJ_DEPS = $(VC8_SRCTMPL) Makefile.am src/Makefile.inc

-VC8LIBPRJ_DEPS = $(VC8LIBPRJHEAD) $(VC8LIBPRJFOOT) \
- Makefile.am lib/Makefile.inc
+VC9_LIBTMPL = projects/Windows/VC9/lib/libcurl.tmpl
+VC9_LIBVCPROJ = projects/Windows/VC9/lib/libcurl.vcproj
+VC9_LIBVCPROJ_DEPS = $(VC9_LIBTMPL) Makefile.am lib/Makefile.inc
+VC9_SRCTMPL = projects/Windows/VC9/src/curlsrc.tmpl
+VC9_SRCVCPROJ = projects/Windows/VC9/src/curlsrc.vcproj
+VC9_SRCVCPROJ_DEPS = $(VC9_SRCTMPL) Makefile.am src/Makefile.inc
+
+VC10_LIBTMPL = projects/Windows/VC10/lib/libcurl.tmpl
+VC10_LIBVCXPROJ = projects/Windows/VC10/lib/libcurl.vcxproj
+VC10_LIBVCXPROJ_DEPS = $(VC10_LIBTMPL) Makefile.am lib/Makefile.inc
+VC10_SRCTMPL = projects/Windows/VC10/src/curlsrc.tmpl
+VC10_SRCVCXPROJ = projects/Windows/VC10/src/curlsrc.vcxproj
+VC10_SRCVCXPROJ_DEPS = $(VC10_SRCTMPL) Makefile.am src/Makefile.inc
+
+VC11_LIBTMPL = projects/Windows/VC11/lib/libcurl.tmpl
+VC11_LIBVCXPROJ = projects/Windows/VC11/lib/libcurl.vcxproj
+VC11_LIBVCXPROJ_DEPS = $(VC11_LIBTMPL) Makefile.am lib/Makefile.inc
+VC11_SRCTMPL = projects/Windows/VC11/src/curlsrc.tmpl
+VC11_SRCVCXPROJ = projects/Windows/VC11/src/curlsrc.vcxproj
+VC11_SRCVCXPROJ_DEPS = $(VC11_SRCTMPL) Makefile.am src/Makefile.inc
+
+VC12_LIBTMPL = projects/Windows/VC12/lib/libcurl.tmpl
+VC12_LIBVCXPROJ = projects/Windows/VC12/lib/libcurl.vcxproj
+VC12_LIBVCXPROJ_DEPS = $(VC12_LIBTMPL) Makefile.am lib/Makefile.inc
+VC12_SRCTMPL = projects/Windows/VC12/src/curlsrc.tmpl
+VC12_SRCVCXPROJ = projects/Windows/VC12/src/curlsrc.vcxproj
+VC12_SRCVCXPROJ_DEPS = $(VC12_SRCTMPL) Makefile.am src/Makefile.inc
+
+VC_DIST = projects/README	\
+ projects/build-openssl.bat	\
+ projects/Windows/VC6/curl.dsw	\
+ projects/Windows/VC6/lib/libcurl.dsw $(VC6_LIBDSP)	\
+ projects/Windows/VC6/src/curlsrc.dsw $(VC6_SRCDSP)	\
+ projects/Windows/VC7/curl.sln	\
+ projects/Windows/VC7/lib/libcurl.sln $(VC7_LIBVCPROJ)	\
+ projects/Windows/VC7/src/curlsrc.sln $(VC7_SRCVCPROJ)	\
+ projects/Windows/VC7.1/curl.sln	\
+ projects/Windows/VC7.1/lib/libcurl.sln $(VC71_LIBVCPROJ)	\
+ projects/Windows/VC7.1/src/curlsrc.sln $(VC71_SRCVCPROJ)	\
+ projects/Windows/VC8/curl.sln	\
+ projects/Windows/VC8/lib/libcurl.sln $(VC8_LIBVCPROJ)	\
+ projects/Windows/VC8/src/curlsrc.sln $(VC8_SRCVCPROJ)	\
+ projects/Windows/VC9/curl.sln	\
+ projects/Windows/VC9/lib/libcurl.sln $(VC9_LIBVCPROJ)	\
+ projects/Windows/VC9/src/curlsrc.sln $(VC9_SRCVCPROJ)	\
+ projects/Windows/VC10/curl.sln	\
+ projects/Windows/VC10/lib/libcurl.sln $(VC10_LIBVCXPROJ)	\
+ projects/Windows/VC10/src/curlsrc.sln $(VC10_SRCVCXPROJ)	\
+ projects/Windows/VC11/curl.sln	\
+ projects/Windows/VC11/lib/libcurl.sln $(VC11_LIBVCXPROJ)	\
+ projects/Windows/VC11/src/curlsrc.sln $(VC11_SRCVCXPROJ)	\
+ projects/Windows/VC12/curl.sln	\
+ projects/Windows/VC12/lib/libcurl.sln $(VC12_LIBVCXPROJ)	\
+ projects/Windows/VC12/src/curlsrc.sln $(VC12_SRCVCXPROJ)

 WINBUILD_DIST = winbuild/BUILD.WINDOWS.txt winbuild/gen_resp_file.bat	\
 winbuild/MakefileBuild.vc winbuild/Makefile.vc				\
@@ -61,7 +121,10 @@ EXTRA_DIST = CHANGES COPYING maketgz Makefile.dist curl-config.in	\
 RELEASE-NOTES buildconf libcurl.pc.in MacOSX-Framework	\
 $(CMAKE_DIST) $(VC_DIST) $(WINBUILD_DIST) lib/libcurl.vers.in

-CLEANFILES = $(VC6LIBDSP) $(VC8LIBPRJ)
+CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ)	\
+ $(VC71_LIBVCPROJ) $(VC71_SRCVCPROJ) $(VC8_LIBVCPROJ) $(VC8_SRCVCPROJ)	\
+ $(VC9_LIBVCPROJ) $(VC9_SRCVCPROJ) $(VC10_LIBVCXPROJ) $(VC10_SRCVCXPROJ)	\
+ $(VC11_LIBVCXPROJ) $(VC11_SRCVCXPROJ) $(VC12_LIBVCXPROJ) $(VC12_SRCVCXPROJ)

 bin_SCRIPTS = curl-config

@@ -71,11 +134,9 @@ DIST_SUBDIRS = $(SUBDIRS) tests packages docs
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libcurl.pc

-# List of libcurl source files required to generate VC IDE dsp and prj files
+# List of files required to generate VC IDE .dsp, .vcproj and .vcxproj files
 include lib/Makefile.inc
-
-WIN32SOURCES = $(CSOURCES)
-WIN32HEADERS = $(HHEADERS) config-win32.h
+include src/Makefile.inc

 dist-hook:
 	rm -rf $(top_builddir)/tests/log
@@ -187,96 +248,249 @@ uninstall-hook:
 	cd docs && $(MAKE) uninstall

 ca-bundle: lib/mk-ca-bundle.pl
-	@echo "generate a fresh ca-bundle.crt"
+	@echo "generating a fresh ca-bundle.crt"
 	@perl $< -b -l -u lib/ca-bundle.crt

 ca-firefox: lib/firefox-db2pem.sh
-	@echo "generate a fresh ca-bundle.crt"
+	@echo "generating a fresh ca-bundle.crt"
 	./lib/firefox-db2pem.sh lib/ca-bundle.crt

 checksrc:
 	cd lib && $(MAKE) checksrc
 	cd src && $(MAKE) checksrc

-.PHONY: vc6-ide
+.PHONY: vc-ide

-vc6-ide:
-	$(MAKE) $(VC6LIBDSP)
-
-$(VC6LIBDSP): $(VC6LIBDSP_DEPS)
-	@(echo "generating '$(VC6LIBDSP)'"; \
+vc-ide: $(VC6_LIBDSP_DEPS) $(VC6_SRCDSP_DEPS) $(VC7_LIBVCPROJ_DEPS)	\
+ $(VC7_SRCVCPROJ_DEPS) $(VC71_LIBVCPROJ_DEPS) $(VC71_SRCVCPROJ_DEPS)	\
+ $(VC8_LIBVCPROJ_DEPS) $(VC8_SRCVCPROJ_DEPS) $(VC9_LIBVCPROJ_DEPS)	\
+ $(VC9_SRCVCPROJ_DEPS) $(VC10_LIBVCXPROJ_DEPS) $(VC10_SRCVCXPROJ_DEPS)	\
+ $(VC11_LIBVCXPROJ_DEPS) $(VC11_SRCVCXPROJ_DEPS) $(VC12_LIBVCXPROJ_DEPS)	\
+ $(VC12_SRCVCXPROJ_DEPS)
+	@(win32_lib_srcs='$(LIB_CFILES)'; \
+	win32_lib_hdrs='$(LIB_HFILES) config-win32.h'; \
+	win32_lib_rc='$(LIB_RCFILES)'; \
+	win32_lib_vtls_srcs='$(LIB_VTLS_CFILES)'; \
+	win32_lib_vtls_hdrs='$(LIB_VTLS_HFILES)'; \
+	win32_src_srcs='$(CURL_CFILES)'; \
+	win32_src_hdrs='$(CURL_HFILES)'; \
+	win32_src_rc='$(CURL_RCFILES)'; \
 	\
-	for dir in 'vs' 'vs/vc6' 'vs/vc6/lib'; do \
-	  test -d "$$dir" || mkdir "$$dir" || exit 1; \
-	done; \
+	sorted_lib_srcs=`for file in $$win32_lib_srcs; do echo $$file; done | sort`; \
+	sorted_lib_hdrs=`for file in $$win32_lib_hdrs; do echo $$file; done | sort`; \
+	sorted_lib_vtls_srcs=`for file in $$win32_lib_vtls_srcs; do echo $$file; done | sort`; \
+	sorted_lib_vtls_hdrs=`for file in $$win32_lib_vtls_hdrs; do echo $$file; done | sort`; \
+	sorted_src_srcs=`for file in $$win32_src_srcs; do echo $$file; done | sort`; \
+	sorted_src_hdrs=`for file in $$win32_src_hdrs; do echo $$file; done | sort`; \
 	\
-	dir='..\..\..\lib\'; \
-	body='$(VC6LIBDSP)'.body; \
-	win32_srcs='$(WIN32SOURCES)'; \
-	win32_hdrs='$(WIN32HEADERS)'; \
-	sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
-	sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
+	awk_code='\
+function gen_element(type, dir, file)\
+{\
+  sub(/vtls\//, "", file);\
+\
+  spaces="    ";\
+  if(dir == "lib\\vtls")\
+    tabs="				";\
+  else\
+    tabs="			";\
+\
+  if(type == "dsp") {\
+    printf("# Begin Source File\r\n");\
+    printf("\r\n");\
+    printf("SOURCE=..\\..\\..\\..\\%s\\%s\r\n", dir, file);\
+    printf("# End Source File\r\n");\
+  }\
+  else if(type == "vcproj1") {\
+    printf("%s<File\r\n", tabs);\
+    printf("%s	RelativePath=\"..\\..\\..\\..\\%s\\%s\">\r\n",\
+           tabs, dir, file);\
+    printf("%s</File>\r\n", tabs);\
+  }\
+  else if(type == "vcproj2") {\
+    printf("%s<File\r\n", tabs);\
+    printf("%s	RelativePath=\"..\\..\\..\\..\\%s\\%s\"\r\n",\
+           tabs, dir, file);\
+    printf("%s>\r\n", tabs);\
+    printf("%s</File>\r\n", tabs);\
+  }\
+  else if(type == "vcxproj") {\
+    i = index(file, ".");\
+    ext = substr(file, i == 0 ? 0 : i + 1);\
+\
+    if(ext == "c")\
+      printf("%s<ClCompile Include=\"..\\..\\..\\..\\%s\\%s\" />\r\n",\
+             spaces, dir, file);\
+    else if(ext == "h")\
+      printf("%s<ClInclude Include=\"..\\..\\..\\..\\%s\\%s\" />\r\n",\
+             spaces, dir, file);\
+    else if(ext == "rc")\
+      printf("%s<ResourceCompile Include=\"..\\..\\..\\..\\%s\\%s\" />\r\n",\
+      spaces, dir, file);\
+  }\
+}\
+\
+{\
+\
+  if($$0 == "CURL_LIB_C_FILES") {\
+    split(lib_srcs, arr);\
+    for(val in arr) gen_element(proj_type, "lib", arr[val]);\
+  }\
+  else if($$0 == "CURL_LIB_H_FILES") {\
+    split(lib_hdrs, arr);\
+    for(val in arr) gen_element(proj_type, "lib", arr[val]);\
+  }\
+  else if($$0 == "CURL_LIB_RC_FILES") {\
+    split(lib_rc, arr);\
+    for(val in arr) gen_element(proj_type, "lib", arr[val]);\
+  }\
+  else if($$0 == "CURL_LIB_VTLS_C_FILES") {\
+    split(lib_vtls_srcs, arr);\
+    for(val in arr) gen_element(proj_type, "lib\\vtls", arr[val]);\
+  }\
+  else if($$0 == "CURL_LIB_VTLS_H_FILES") {\
+    split(lib_vtls_hdrs, arr);\
+    for(val in arr) gen_element(proj_type, "lib\\vtls", arr[val]);\
+  }\
+  else if($$0 == "CURL_SRC_C_FILES") {\
+    split(src_srcs, arr);\
+    for(val in arr) gen_element(proj_type, "src", arr[val]);\
+  }\
+  else if($$0 == "CURL_SRC_H_FILES") {\
+    split(src_hdrs, arr);\
+    for(val in arr) gen_element(proj_type, "src", arr[val]);\
+  }\
+  else if($$0 == "CURL_SRC_RC_FILES") {\
+    split(src_rc, arr);\
+    for(val in arr) gen_element(proj_type, "src", arr[val]);\
+  }\
+  else\
+    printf("%s\r\n", $$0);\
+}';\
 	\
-	echo "# Begin Group \"Source Files\""  > $$body; \
-	echo ""                               >> $$body; \
-	echo "# PROP Default_Filter \"\""     >> $$body; \
-	for file in $$sorted_srcs; do \
-	  echo "# Begin Source File"          >> $$body; \
-	  echo ""                             >> $$body; \
-	  echo "SOURCE="$$dir$$file           >> $$body; \
-	  echo "# End Source File"            >> $$body; \
-	done; \
-	echo "# End Group"                    >> $$body; \
-	echo "# Begin Group \"Header Files\"" >> $$body; \
-	echo ""                               >> $$body; \
-	echo "# PROP Default_Filter \"\""     >> $$body; \
-	for file in $$sorted_hdrs; do \
-	  echo "# Begin Source File"          >> $$body; \
-	  echo ""                             >> $$body; \
-	  echo "SOURCE="$$dir$$file           >> $$body; \
-	  echo "# End Source File"            >> $$body; \
-	done; \
-	echo "# End Group"                    >> $$body; \
+	echo "generating '$(VC6_LIBDSP)'"; \
+	awk -v proj_type=dsp \
+		-v lib_srcs="$$sorted_lib_srcs" \
+		-v lib_hdrs="$$sorted_lib_hdrs" \
+		-v lib_rc="$$win32_lib_rc" \
+		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
+		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
+		"$$awk_code" $(srcdir)/$(VC6_LIBTMPL) > $(VC6_LIBDSP) || { exit 1; }; \
 	\
-	awk '{ printf("%s\r\n", $$0); }' \
-	  $(srcdir)/$(VC6LIBDSPHEAD) $$body $(srcdir)/$(VC6LIBDSPFOOT) \
-	  > $(VC6LIBDSP) || { rm -f $$body; exit 1; }; \
+	echo "generating '$(VC6_SRCDSP)'"; \
+	awk -v proj_type=dsp \
+		-v src_srcs="$$sorted_src_srcs" \
+		-v src_hdrs="$$sorted_src_hdrs" \
+		-v src_rc="$$win32_src_rc" \
+		"$$awk_code" $(srcdir)/$(VC6_SRCTMPL) > $(VC6_SRCDSP) || { exit 1; }; \
 	\
-	rm -f $$body)
-
-.PHONY: vc8-ide
-
-vc8-ide:
-	$(MAKE) $(VC8LIBPRJ)
-
-$(VC8LIBPRJ): $(VC8LIBPRJ_DEPS)
-	@(echo "generating '$(VC8LIBPRJ)'"; \
+	echo "generating '$(VC7_LIBVCPROJ)'"; \
+	awk -v proj_type=vcproj1 \
+		-v lib_srcs="$$sorted_lib_srcs" \
+		-v lib_hdrs="$$sorted_lib_hdrs" \
+		-v lib_rc="$$win32_lib_rc" \
+		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
+		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
+		"$$awk_code" $(srcdir)/$(VC7_LIBTMPL) > $(VC7_LIBVCPROJ) || { exit 1; }; \
 	\
-	for dir in 'vs' 'vs/vc8' 'vs/vc8/lib'; do \
-	  test -d "$$dir" || mkdir "$$dir" || exit 1; \
-	done; \
+	echo "generating '$(VC7_SRCVCPROJ)'"; \
+	awk -v proj_type=vcproj1 \
+		-v src_srcs="$$sorted_src_srcs" \
+		-v src_hdrs="$$sorted_src_hdrs" \
+		-v src_rc="$$win32_src_rc" \
+		"$$awk_code" $(srcdir)/$(VC7_SRCTMPL) > $(VC7_SRCVCPROJ) || { exit 1; }; \
 	\
-	dir='..\..\..\lib\'; \
-	body='$(VC8LIBPRJ)'.body; \
-	win32_srcs='$(WIN32SOURCES)'; \
-	win32_hdrs='$(WIN32HEADERS)'; \
-	sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
-	sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
+	echo "generating '$(VC71_LIBVCPROJ)'"; \
+	awk -v proj_type=vcproj1 \
+		-v lib_srcs="$$sorted_lib_srcs" \
+		-v lib_hdrs="$$sorted_lib_hdrs" \
+		-v lib_rc="$$win32_lib_rc" \
+		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
+		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
+		"$$awk_code" $(srcdir)/$(VC71_LIBTMPL) > $(VC71_LIBVCPROJ) || { exit 1; }; \
 	\
-	echo "%tab%%tab%<Filter Name=\"Source Files\">"  > $$body; \
-	for file in $$sorted_srcs; do \
-	  echo "%tab%%tab%%tab%<File RelativePath=\""$$dir$$file"\"></File>" >> $$body; \
-	done; \
-	echo "%tab%%tab%</Filter>"                      >> $$body; \
-	echo "%tab%%tab%<Filter Name=\"Header Files\">" >> $$body; \
-	for file in $$sorted_hdrs; do \
-	  echo "%tab%%tab%%tab%<File RelativePath=\""$$dir$$file"\"></File>" >> $$body; \
-	done; \
-	echo "%tab%%tab%</Filter>"                      >> $$body; \
+	echo "generating '$(VC71_SRCVCPROJ)'"; \
+	awk -v proj_type=vcproj1 \
+		-v src_srcs="$$sorted_src_srcs" \
+		-v src_hdrs="$$sorted_src_hdrs" \
+		-v src_rc="$$win32_src_rc" \
+		"$$awk_code" $(srcdir)/$(VC71_SRCTMPL) > $(VC71_SRCVCPROJ) || { exit 1; }; \
 	\
-	awk '{ gsub(/%tab%/, "\t"); printf("%s\r\n", $$0); }' \
-	  $(srcdir)/$(VC8LIBPRJHEAD) $$body $(srcdir)/$(VC8LIBPRJFOOT) \
-	  > $(VC8LIBPRJ) || { rm -f $$body; exit 1; }; \
+	echo "generating '$(VC8_LIBVCPROJ)'"; \
+	awk -v proj_type=vcproj2 \
+		-v lib_srcs="$$sorted_lib_srcs" \
+		-v lib_hdrs="$$sorted_lib_hdrs" \
+		-v lib_rc="$$win32_lib_rc" \
+		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
+		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
+		"$$awk_code" $(srcdir)/$(VC8_LIBTMPL) > $(VC8_LIBVCPROJ) || { exit 1; }; \
 	\
-	rm -f $$body)
-
+	echo "generating '$(VC8_SRCVCPROJ)'"; \
+	awk -v proj_type=vcproj2 \
+		-v src_srcs="$$sorted_src_srcs" \
+		-v src_hdrs="$$sorted_src_hdrs" \
+		-v src_rc="$$win32_src_rc" \
+		"$$awk_code" $(srcdir)/$(VC8_SRCTMPL) > $(VC8_SRCVCPROJ) || { exit 1; }; \
+	\
+	echo "generating '$(VC9_LIBVCPROJ)'"; \
+	awk -v proj_type=vcproj2 \
+		-v lib_srcs="$$sorted_lib_srcs" \
+		-v lib_hdrs="$$sorted_lib_hdrs" \
+		-v lib_rc="$$win32_lib_rc" \
+		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
+		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
+		"$$awk_code" $(srcdir)/$(VC9_LIBTMPL) > $(VC9_LIBVCPROJ) || { exit 1; }; \
+	\
+	echo "generating '$(VC9_SRCVCPROJ)'"; \
+	awk -v proj_type=vcproj2 \
+		-v src_srcs="$$sorted_src_srcs" \
+		-v src_hdrs="$$sorted_src_hdrs" \
+		-v src_rc="$$win32_src_rc" \
+		"$$awk_code" $(srcdir)/$(VC9_SRCTMPL) > $(VC9_SRCVCPROJ) || { exit 1; }; \
+	\
+	echo "generating '$(VC10_LIBVCXPROJ)'"; \
+	awk -v proj_type=vcxproj \
+		-v lib_srcs="$$sorted_lib_srcs" \
+		-v lib_hdrs="$$sorted_lib_hdrs" \
+		-v lib_rc="$$win32_lib_rc" \
+		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
+		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
+		"$$awk_code" $(srcdir)/$(VC10_LIBTMPL) > $(VC10_LIBVCXPROJ) || { exit 1; }; \
+	\
+	echo "generating '$(VC10_SRCVCXPROJ)'"; \
+	awk -v proj_type=vcxproj \
+		-v src_srcs="$$sorted_src_srcs" \
+		-v src_hdrs="$$sorted_src_hdrs" \
+		-v src_rc="$$win32_src_rc" \
+		"$$awk_code" $(srcdir)/$(VC10_SRCTMPL) > $(VC10_SRCVCXPROJ) || { exit 1; }; \
+	\
+	echo "generating '$(VC11_LIBVCXPROJ)'"; \
+	awk -v proj_type=vcxproj \
+		-v lib_srcs="$$sorted_lib_srcs" \
+		-v lib_hdrs="$$sorted_lib_hdrs" \
+		-v lib_rc="$$win32_lib_rc" \
+		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
+		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
+		"$$awk_code" $(srcdir)/$(VC11_LIBTMPL) > $(VC11_LIBVCXPROJ) || { exit 1; }; \
+	\
+	echo "generating '$(VC11_SRCVCXPROJ)'"; \
+	awk -v proj_type=vcxproj \
+		-v src_srcs="$$sorted_src_srcs" \
+		-v src_hdrs="$$sorted_src_hdrs" \
+		-v src_rc="$$win32_src_rc" \
+		"$$awk_code" $(srcdir)/$(VC11_SRCTMPL) > $(VC11_SRCVCXPROJ) || { exit 1; }; \
+	\
+	echo "generating '$(VC12_LIBVCXPROJ)'"; \
+	awk -v proj_type=vcxproj \
+		-v lib_srcs="$$sorted_lib_srcs" \
+		-v lib_hdrs="$$sorted_lib_hdrs" \
+		-v lib_rc="$$win32_lib_rc" \
+		-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
+		-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
+		"$$awk_code" $(srcdir)/$(VC12_LIBTMPL) > $(VC12_LIBVCXPROJ) || { exit 1; }; \
+	\
+	echo "generating '$(VC12_SRCVCXPROJ)'"; \
+	awk -v proj_type=vcxproj \
+		-v src_srcs="$$sorted_src_srcs" \
+		-v src_hdrs="$$sorted_src_hdrs" \
+		-v src_rc="$$win32_src_rc" \
+		"$$awk_code" $(srcdir)/$(VC12_SRCTMPL) > $(VC12_SRCVCXPROJ) || { exit 1; };)
--- a/205
+++ b/205
@@ -1,86 +1,87 @@
-Curl and libcurl 7.36.0
+Curl and libcurl 7.37.0

- Public curl releases:         138
+ Public curl releases:         139
 Command line options:         161
 curl_easy_setopt() options:   206
 Public functions in libcurl:  58
- Known libcurl bindings:       42
- Contributors:                 1123
-
-This release includes the following SECURITY ADVISORIES:
-
- o wrong re-use of connections [16]
- o IP address wildcard certificate validation [17]
- o not verifying certs for TLS to IP address / Darwinssl [18]
- o not verifying certs for TLS to IP address / Winssl [19]
+ Contributors:                 1137

 This release includes the following changes:

- o ntlm: Added support for NTLMv2 [2]
- o tool: Added support for URL specific options [3]
- o openssl: add ALPN support
- o gtls: add ALPN support
- o nss: add ALPN and NPN support
- o added CURLOPT_EXPECT_100_TIMEOUT_MS [7]
- o tool: add --no-alpn and --no-npn
- o added CURLOPT_SSL_ENABLE_NPN and CURLOPT_SSL_ENABLE_ALPN
- o winssl: enable TLSv1.1 and TLSv1.2 by default
- o winssl: TLSv1.2 disables certificate signatures using MD5 hash
- o winssl: enable hostname verification of IP address using SAN or CN [11]
- o darwinssl: Don't omit CN verification when an IP address is used [12]
- o http2: build with current nghttp2 version
- o polarssl: dropped support for PolarSSL < 1.3.0
- o openssl: info message with SSL version used
+ o URL parser: IPv6 zone identifiers are now supported
+ o CURLOPT_PROXYHEADER: set headers for proxy-only
+ o CURLOPT_HEADEROPT: added
+ o curl: add --proxy-header
+ o sasl: Added support for DIGEST-MD5 via Windows SSPI
+ o sasl: Added DIGEST-MD5 qop-option validation in native challange handling
+ o imap: Expanded mailbox SEARCH support to use URL query strings [7]
+ o imap: Extended FETCH support to include PARTIAL URL specifier [7]
+ o nss: implement non-blocking SSL handshake
+ o build: Reworked Visual Studio project files
+ o poll: enable poll on darwin13
+ o mk-ca-bundle: added -p
+ o libtests: add a wait_ms() function

 This release includes the following bugfixes:

- o nss: allow to use ECC ciphers if NSS implements them [1]
- o netrc: Fixed a memory leak in an OOM condition
- o ftp: fixed a memory leak on wildcard error path
- o pipeline: Fixed a NULL pointer dereference on OOM
- o nss: prefer highest available TLS version
- o 100-continue: fix timeout condition [4]
- o ssh: Fixed a NULL pointer dereference on OOM condition
- o formpost: use semicolon in multipart/mixed [5]
- o --help: add missing --tlsv1.x options
- o formdata: Fixed memory leak on OOM condition
- o ConnectionExists: reusing possible HTTP+NTLM connections better [6]
- o mingw32: fix compilation
- o chunked decoder: track overflows correctly [8]
- o curl_easy_setopt.3: add CURL_HTTP_VERSION_2_0
- o dict: fix memory leak in OOM exit path
- o valgrind: added suppression on optimized code
- o curl: output protocol headers using binary mode
- o tool: Added URL index to password prompt for multiple operations
- o ConnectionExists: re-use non-NTLM connections better [9]
- o axtls: call ssl_read repeatedly
- o multi: make MAXCONNECTS default 4 x number of easy handles function
- o configure: Fix the --disable-crypto-auth option
- o multi: ignore SIGPIPE internally
- o curl.1: update the description of --tlsv1
- o SFTP: skip reading the dir when NOBODY=1 [10]
- o easy: Fixed a memory leak on OOM condition
- o tool: Fixed incorrect return code when setting HTTP request fails
- o configure: Tiny fix to honor POSIX
- o tool: Do not output libcurl source for the information only parameters
- o Rework Open Watcom make files to use standard Wmake features
- o x509asn: moved out Curl_verifyhost from NSS builds
- o configure: call it GSS-API
- o hostcheck: Curl_cert_hostcheck is not used by NSS builds
- o multi_runsingle: move timestamp into INIT [13]
- o remote_port: allow connect to port 0
- o parse_remote_port: error out on illegal port numbers better
- o ssh: Pass errors from libssh2_sftp_read up the stack
- o docs: remove documentation on setting up krb4 support
- o polarssl: build fixes to work with PolarSSL 1.3.x
- o polarssl: fix possible handshake timeout issue in multi
- o nss: allow to enable/disable cipher-suites better
- o ssh: prevent a logic error that could result in an infinite loop
- o http2: free resources on disconnect
- o polarssl: avoid extra newlines in debug messages
- o rtsp: parse "Session:" header properly [14]
- o trynextip: don't store 'ai' on failed connects
- o Curl_cert_hostcheck: strip trailing dots in host name and wildcard
+ o mkhelp: generate code for --disable-manual as well [1]
+ o hostcheck: added a system include to define struct in_addr
+ o winbuild: added warnless.c to fix build
+ o Makefile.vc6: added warnless.c to fix build
+ o smtp: Fixed login denied when server doesn't support AUTH capability [2]
+ o smtp: Fixed login denied with a RFC-821 based server [2]
+ o curl: stop interpreting IPv6 literals as glob patterns
+ o http2: remove _DRAFT09 from the NPN_HTTP2 enum
+ o http2: let openssl mention the exact protocol negotiated
+ o http2+openssl: fix compiler warnings in ALPN using code
+ o ftp: in passive data connect wait for happy eyeballs sockets [3]
+ o HTTP: don't send Content-Length: 0 _and_ Expect: 100-continue [4]
+ o http2: Compile with current nghttp2, which supports h2-11 [5]
+ o http_negotiate_sspi: Fixed compilation when USE_HTTP_NEGOTIATE not defined
+ o strerror: fix comment about vxworks' strerror_r buffer size [6]
+ o url: only use if_nametoindex() if IFNAMSIZ is available
+ o imap: Fixed untagged response detection when no data after command
+ o various: fix possible dereference of null pointer
+ o various: fix use of uninitialized variable
+ o various: fix use of non-null terminated strings
+ o telnet.c: check sscanf results before passing them to snprintf
+ o parsedate.c: check sscanf result before passing it to strlen
+ o sockfilt.c: free memory in case of memory allocation errors
+ o sockfilt.c: ignore non-key-events and continue waiting for input
+ o sockfilt.c: properly handle disk files, pipes and character input
+ o sockfilt.c: fixed getting stuck waiting for MinGW stdin pipe
+ o sockfilt.c: clean up threaded approach and add documentation
+ o configure: use the nghttp2 path correctly with pkg-config [8]
+ o curl_global_init_mem: bump initialized even if already initialized [9]
+ o gtls: fix NULL pointer dereference [10]
+ o cyassl: Use error-ssl.h when available
+ o handler: make 'protocol' always specified as a single bit [11]
+ o INFILESIZE: fields in UserDefined must not be changed run-time
+ o openssl: biomem->data is not zero terminated
+ o config-win32.h: Fixed HAVE_LONGLONG for Visual Studio .NET 2003 and up
+ o curl_ntlm_core: Fixed use of long long for VC6 and VC7
+ o SNI: strip off a single trailing dot from host name [12]
+ o curl: bail on cookie use when built with disabled cookies
+ o curl_easy_setopt.3: added the proto for CURLOPT_SSH_KNOWNHOSTS
+ o curl_multi_cleanup: ignore SIGPIPE better [13]
+ o schannel: don't use the connect-timeout during send [14]
+ o mprintf: allow %.s with data not being zero terminated
+ o tool_help: Fixed missing --login-options option
+ o configure: Don't set LD_LIBRARY_PATH when cross-compiling
+ o http: auth failure on duplicated 'WWW-Authenticate: Negotiate' header [15]
+ o cacertinmem: fix memory leak [16]
+ o lib1506: make sure the transfers are not within the same ms [17]
+ o Makefile.b32: Fixed for vtls changes [18]
+ o sasl: Fixed missing qop in the client's challenge-response message
+ o openssl: unbreak PKCS12 support [19]
+ o darwinssl: fix potential crash with a P12 file [20]
+ o timers: fix timer regression involving redirects / reconnects [21]
+ o CURLINFO_SSL_VERIFYRESULT: made more reliable [22]
+ o HTTP: fixed connection re-use [23]
+ o configure: add SPNEGO to supported features [24]
+ o configure: add GSS-API to supported features [25]
+ o ALPN: fix typo in http/1.1 identifier
+ o http2: make connection re-use work [26]

 This release includes the following known bugs:

@@ -89,33 +90,41 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:

-  Adam Sampson, Arvid Norberg, Brad Spencer, Colin Hogben, Dan Fandrich,
-  Daniel Stenberg, David Ryskalczyk, Fabian Frank, Gaël PORTAY, Gisle Vanem,
-  Hubert Kario, Jeff King, Jiri Malak, Kamil Dudka, Maks Naumov, Marc Hoersken,
-  Michael Osipov, Mike Hasselberg, Nick Zitzmann, Patrick Monnerat, Prash Dush,
-  Remi Gacogne, Rob Davies, Romulo A. Ceccon, Shao Shuchao, Steve Holme,
-  Tatsuhiro Tsujikawa, Thomas Braun, Tiit Pikma, Yehezkel Horowitz,
+  Aaro Koskinen, Cody Mack, Damian Dixon, Dan Fandrich, Daniel Johnson,
+  Daniel Stenberg, David Woodhouse, Dilyan Palauzov, Fabian Frank,
+  Ivo Bellin Salarin, Jeff King, Jeroen Koekkoek, Jon Torrey, Kamil Dudka,
+  Larry Lin, Leon Winter, Maciej Puzio, Marc Hoersken, Michael Osipov,
+  Nick Zitzmann, Patrick Watson, Paul Marks, Radu Simionescu, Remi Gacogne,
+  Ryan Braud, Steve Holme, Tatsuhiro Tsujikawa, Till Maas, Tom Sparrow,
+  Török Edwin, Vijay Panghal,

        Thanks! (and sorry if I forgot to mention someone)

 References to bug reports and discussions on issues:

- [1] = https://bugzilla.redhat.com/1058776
- [2] = http://curl.haxx.se/mail/lib-2014-01/0183.html
- [3] = http://curl.haxx.se/mail/archive-2013-11/0006.html
- [4] = http://curl.haxx.se/bug/view.cgi?id=1334
- [5] = http://curl.haxx.se/bug/view.cgi?id=1333
- [6] = http://curl.haxx.se/mail/lib-2014-02/0100.html
- [7] = http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTEXPECT100TIMEOUTMS
- [8] = http://curl.haxx.se/mail/lib-2014-02/0097.html
- [9] = http://thread.gmane.org/gmane.comp.version-control.git/242213
- [10] = http://curl.haxx.se/mail/lib-2014-02/0155.html
- [11] = http://curl.haxx.se/mail/lib-2014-02/0243.html
- [12] = https://github.com/bagder/curl/pull/93
- [13] = http://curl.haxx.se/mail/lib-2014-02/0036.html
- [14] = http://curl.haxx.se/mail/lib-2014-03/0134.html
- [15] = http://curl.haxx.se/bug/view.cgi?id=1337
- [16] = http://curl.haxx.se/docs/adv_20140326A.html
- [17] = http://curl.haxx.se/docs/adv_20140326B.html
- [18] = http://curl.haxx.se/docs/adv_20140326C.html
- [19] = http://curl.haxx.se/docs/adv_20140326D.html
+ [1] = http://curl.haxx.se/bug/view.cgi?id=1350
+ [2] = http://curl.haxx.se/mail/lib-2014-03/0173.html
+ [3] = http://curl.haxx.se/mail/lib-2014-02/0135.html (ruined)
+ [4] = http://curl.haxx.se/bug/view.cgi?id=1349
+ [5] = http://curl.haxx.se/mail/lib-2014-04/0053.html
+ [6] = http://curl.haxx.se/mail/lib-2014-04/0063.html
+ [7] = http://curl.haxx.se/mail/lib-2014-04/0067.html
+ [8] = http://curl.haxx.se/mail/lib-2014-04/0159.html
+ [9] = http://curl.haxx.se/bug/view.cgi?id=1362
+ [10] = http://curl.haxx.se/mail/lib-2014-04/0145.html
+ [11] = https://github.com/bagder/curl/pull/97
+ [12] = http://curl.haxx.se/mail/lib-2014-04/0161.html
+ [13] = http://thread.gmane.org/gmane.comp.version-control.git/238242
+ [14] = http://curl.haxx.se/bug/view.cgi?id=1352
+ [15] = https://bugzilla.redhat.com/1093348
+ [16] = http://curl.haxx.se/bug/view.cgi?id=1368
+ [17] = http://curl.haxx.se/mail/lib-2014-05/0081.html
+ [18] = http://curl.haxx.se/mail/lib-2014-05/0025.html
+ [19] = http://curl.haxx.se/bug/view.cgi?id=1371
+ [20] = http://curl.haxx.se/bug/view.cgi?id=1369
+ [21] = http://curl.haxx.se/mail/lib-2014-05/0147.html
+ [22] = http://curl.haxx.se/mail/lib-2014-04/0203.html
+ [23] = http://curl.haxx.se/mail/lib-2014-05/0127.html
+ [24] = http://curl.haxx.se/bug/view.cgi?id=1343
+ [25] = http://curl.haxx.se/bug/view.cgi?id=1344
+ [26] = http://curl.haxx.se/bug/view.cgi?id=1374
--- a/configure.ac
+++ b/configure.ac
@@ -2003,6 +2003,9 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
      dnl cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined!
      AC_CHECK_SIZEOF(long long)

+      dnl Versions since at least 2.9.4 renamed error.h to error-ssl.h
+      AC_CHECK_HEADERS(cyassl/error-ssl.h)
+
      LIBS="-lcyassl -lm $LIBS"

      if test -n "$cyassllib"; then
@@ -2164,10 +2167,11 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
      USE_AXTLS="yes"
      curl_ssl_msg="enabled (axTLS)"

-
+      if test "x$cross_compiling" != "xyes"; then
        LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$LIB_AXTLS"
        export LD_LIBRARY_PATH
        AC_MSG_NOTICE([Added $LIB_AXTLS to LD_LIBRARY_PATH])
+      fi
      ],[
      LDFLAGS="$CLEANLDFLAGS"
      CPPFLAGS="$CLEANCPPFLAGS"
@@ -2699,7 +2703,7 @@ if test "$want_idn" = "yes"; then
    if test "x$ac_cv_header_tld_h" = "xyes"; then
      AC_SUBST([IDN_ENABLED], [1])
      curl_idn_msg="enabled"
-      if test -n "$IDN_DIR"; then
+      if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
        LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
        export LD_LIBRARY_PATH
        AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
@@ -2737,13 +2741,12 @@ AC_HELP_STRING([--without-nghttp2],[Disable nghttp2 usage]),
 case "$OPT_H2" in
  no)
    dnl --without-nghttp2 option used
-    want_idn="no"
+    want_h2="no"
    AC_MSG_RESULT([no])
    ;;
  default)
    dnl configure option not specified
    want_h2="no"
-    want_h2_path="default"
    AC_MSG_RESULT([no])
    ;;
  yes)
@@ -2755,31 +2758,30 @@ case "$OPT_H2" in
  *)
    dnl --with-nghttp2 option used with path
    want_h2="yes"
-    want_h2_path="$withval"
+    want_h2_path="$withval/lib/pkgconfig"
    AC_MSG_RESULT([yes ($withval)])
    ;;
 esac

 curl_h2_msg="disabled (--with-nghttp2)"
-if test X"$OPT_H2" != Xno; then
-  dnl backup the pre-librtmp variables
+if test X"$want_h2" != Xno; then
+  dnl backup the pre-nghttp2 variables
  CLEANLDFLAGS="$LDFLAGS"
  CLEANCPPFLAGS="$CPPFLAGS"
  CLEANLIBS="$LIBS"

-  h2pcdir=${want_h2_path}/lib/pkgconfig
-  CURL_CHECK_PKGCONFIG(libnghttp2, $h2pcdir)
+  CURL_CHECK_PKGCONFIG(libnghttp2, $want_h2_path)

  if test "$PKGCONFIG" != "no" ; then
-    LIB_H2=`CURL_EXPORT_PCDIR([$h2pcdir])
+    LIB_H2=`CURL_EXPORT_PCDIR([$want_h2_path])
      $PKGCONFIG --libs-only-l libnghttp2`
    AC_MSG_NOTICE([-l is $LIB_H2])

-    CPP_H2=`CURL_EXPORT_PCDIR([$h2pcdir]) dnl
+    CPP_H2=`CURL_EXPORT_PCDIR([$want_h2_path]) dnl
      $PKGCONFIG --cflags-only-I libnghttp2`
    AC_MSG_NOTICE([-I is $CPP_H2])

-    LD_H2=`CURL_EXPORT_PCDIR([$h2pcdir])
+    LD_H2=`CURL_EXPORT_PCDIR([$want_h2_path])
      $PKGCONFIG --libs-only-L libnghttp2`
    AC_MSG_NOTICE([-L is $LD_H2])

@@ -3401,6 +3403,12 @@ fi
 if test "x$USE_NGHTTP2" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES HTTP2"
 fi
+if test "x$curl_spnego_msg" = "xenabled"; then
+  SUPPORT_FEATURES="$SUPPORT_FEATURES SPNEGO"
+fi
+if test "x$want_gss" = "xyes"; then
+  SUPPORT_FEATURES="$SUPPORT_FEATURES GSS-API"
+fi

 AC_SUBST(SUPPORT_FEATURES)

--- a/docs/CONTRIBUTE
+++ b/docs/CONTRIBUTE
@@ -278,6 +278,10 @@
      [full description, no wider than 72 columns that describe as much as
      possible as to why this change is made, and possibly what things
      it fixes and everything else that is related]
+
+      [Bug: link to source of the report or more related discussion]
+      [Reported-by: John Doe - credit the reporter]
+      [whatever-else-by: credit all helpers, finders, doers]
      ---- stop ----

 Don't forget to use commit --author="" if you commit someone else's work,
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -99,6 +99,7 @@ FAQ
  5.15 How do I get an FTP directory listing?
  5.16 I want a different time-out!
  5.17 Can I write a server with libcurl?
+  5.18 Does libcurl use threads?

 6. License Issues
  6.1 I have a GPL program, can I use the libcurl library?
@@ -1365,6 +1366,19 @@ FAQ
  server for. And there are really good stand-alone ones that have been tested
  and proven for many years. There's no need for you to reinvent them!

+  5.18 Does libcurl use threads?
+
+  Put simply: no, libcurl will execute in the same thread you call it in. All
+  callbacks will be called in the same thread as the one you call libcurl in.
+
+  If you want to avoid your thread to be blocked by the libcurl call, you make
+  sure you use the non-blocking API which will do transfers asynchronously -
+  but still in the same single thread.
+
+  libcurl will potentially internally use threads for name resolving, if it
+  was built to work like that, but in those cases it'll create the child
+  threads by itself and they will only be used and then killed internally by
+  libcurl and never exposed to the outside.

 6. License Issues

--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -252,8 +252,10 @@ Win32
   MSVC 6 caveats
   --------------

-   If you use MSVC 6 it is required that you use the February 2003 edition PSDK:
-   http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm
+   If you use MSVC 6 it is required that you use the February 2003 edition of
+   the 'Platform SDK' which can be downloaded from:
+
+   http://www.microsoft.com/en-us/download/details.aspx?id=12261

   Building any software with MSVC 6 without having PSDK installed is just
   asking for trouble down the road once you have released it, you might notice
@@ -261,8 +263,6 @@ Win32
   choice of static vs dynamic runtime and third party libraries. Anyone using
   software built in such way will at some point regret having done so.

-   When someone uses MSVC 6 without PSDK he is using a compiler back from 1998.
-
   If the compiler has been updated with the installation of a service pack as
   those mentioned in http://support.microsoft.com/kb/194022 the compiler can be
   safely used to read source code, translate and make it object code.
@@ -272,13 +272,6 @@ Win32
   header files and libraries with bugs and security issues which have already
   been addressed and fixed long time ago.

-   In order to make use of the updated system headers and fixed libraries
-   for MSVC 6, it is required that 'Platform SDK', PSDK from now onwards,
-   is installed. The specific PSDK that must be installed for MSVC 6 is the
-   February 2003 edition, which is the latest one supporting the MSVC 6 compiler,
-   this PSDK is also known as 'Windows Server 2003 PSDK' and can be downloaded
-   from http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm
-
   So, building curl and libcurl with MSVC 6 without PSDK is absolutely
   discouraged for the benefit of anyone using software built in such
   environment. And it will not be supported in any way, as we could just
@@ -340,39 +333,18 @@ Win32
   at runtime.
   Run 'nmake vc-ssl-zlib' to build with both ssl and zlib support.

-   MSVC 6 IDE
-   ----------
+   MSVC IDE
+   --------

-   A minimal VC++ 6.0 reference workspace (vc6curl.dsw) is available with the
-   source distribution archive to allow proper building of the two included
-   projects, the libcurl library and the curl tool.
+   A fairly comprehensive set of Visual Studio project files are available for
+   v6.0 through v12.0 and are located in the projects folder to allow proper
+   building of both the libcurl library as well as the curl tool.

-   1) Open the vs/vc6/vc6curl.dsw workspace with MSVC6's IDE.
-   2) Select 'Build' from top menu.
-   3) Select 'Batch Build' from dropdown menu.
-   4) Make sure that the eight project configurations are 'checked'.
-   5) Click on the 'Build' button.
-   6) Once the eight project configurations are built you are done.
-
-   Dynamic and static libcurl libraries are built in debug and release flavours,
-   and can be located each one in its own subdirectory, dll-debug, dll-release,
-   lib-debug and lib-release, all of them below the 'vs/vc6/lib' subdirectory.
-
-   In the same way four curl executables are created, each using its respective
-   library. The resulting curl executables are located in its own subdirectory,
-   dll-debug, dll-release, lib-debug and lib-release, below 'vs/vc6/src' subdir.
-
-   These reference VC++ 6.0 configurations are generated using the dynamic CRT.
-
-   Intentionally, these reference VC++ 6.0 projects and configurations don't use
-   third party libraries, such as OpenSSL or Zlib, to allow proper compilation
-   and configuration for all new users without further requirements.
-
-   If you need something more 'involved' you might adjust them for your own use,
-   or explore the world of makefiles described above 'MSVC from command line'.
+   For more information about these projects and building via Visual Studio
+   please see the README file located in the projects folder.

   Borland C++ compiler
-   ---------------------
+   --------------------

   Ensure that your build environment is properly set up to use the compiler
   and associated tools. PATH environment variable must include the path to
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -180,16 +180,7 @@ may have been fixed since this was written!
  --cflags suffers from the same effects with CFLAGS/CPPFLAGS.

 30. You need to use -g to the command line tool in order to use RFC2732-style
-  IPv6 numerical addresses in URLs.
-
-29. IPv6 URLs with zone ID is not nicely supported.
-  http://www.ietf.org/internet-drafts/draft-fenner-literal-zone-02.txt (expired)
-  specifies the use of a plus sign instead of a percent when specifying zone
-  IDs in URLs to get around the problem of percent signs being
-  special. According to the reporter, Firefox deals with the URL _with_ a
-  percent letter (which seems like a blatant URL spec violation).
-  libcurl supports zone IDs where the percent sign is URL-escaped (i.e. %25):
-  http://curl.haxx.se/bug/view.cgi?id=555
+  or RFC6874-style IPv6 numerical addresses in URLs.

 26. NTLM authentication using SSPI (on Windows) when (lib)curl is running in
  "system context" will make it use wrong(?) user name - at least when compared
--- a/docs/MANUAL
+++ b/docs/MANUAL
@@ -50,7 +50,7 @@ SIMPLE USAGE

  Get the main page from an IPv6 web server:

-        curl -g "http://[2001:1890:1112:1::20]/"
+        curl "http://[2001:1890:1112:1::20]/"

 DOWNLOAD TO A FILE

@@ -956,9 +956,9 @@ IPv6
  When this style is used, the -g option must be given to stop curl from
  interpreting the square brackets as special globbing characters.  Link local
  and site local addresses including a scope identifier, such as fe80::1234%1,
-  may also be used, but the scope portion must be numeric and the percent
-  character must be URL escaped. The previous example in an SFTP URL might
-  look like:
+  may also be used, but the scope portion must be numeric or match an existing
+  network interface on Linux and the percent character must be URL escaped. The
+  previous example in an SFTP URL might look like:

    sftp://[fe80::1234%251]/

--- a/docs/THANKS
+++ b/docs/THANKS
@@ -4,6 +4,7 @@

 If you have contributed but are missing here, please let us know!

+Aaro Koskinen
 Aaron Oneal
 Aaron Orenstein
 Abram Pousada
@@ -192,6 +193,7 @@ Clarence Gardner
 Clemens Gruber
 Clifford Wolf
 Cody Jones
+Cody Mack
 Colby Ranger
 Colin Hogben
 Colin Watson
@@ -209,6 +211,7 @@ Cédric Deltheil
 D. Flinkmann
 Dag Ekengren
 Dagobert Michelsen
+Damian Dixon
 Damien Adant
 Dan Becker
 Dan C
@@ -260,6 +263,7 @@ David Strauss
 David Tarendash
 David Thiel
 David Walser
+David Woodhouse
 David Wright
 David Yan
 Dengminwen
@@ -267,6 +271,7 @@ Derek Higgins
 Detlef Schmier
 Didier Brisebourg
 Diego Casorran
+Dilyan Palauzov
 Dima Barsky
 Dima Tisnek
 Dimitre Dimitrov
@@ -446,6 +451,7 @@ Ingmar Runge
 Ingo Ralf Blum
 Ingo Wilken
 Ishan SinghLevett
+Ivo Bellin Salarin
 Jack Zhang
 Jacky Lam
 Jacob Meuser
@@ -497,6 +503,7 @@ Jeff Weber
 Jeffrey Pohlmeyer
 Jeremy Friesner
 Jeremy Huddleston
+Jeroen Koekkoek
 Jerome Muffat-Meridol
 Jerome Vouillon
 Jerry Krinock
@@ -543,6 +550,7 @@ Johnny Luong
 Jon Grubbs
 Jon Nelson
 Jon Sargeant
+Jon Torrey
 Jon Travis
 Jon Turner
 Jonas Forsman
@@ -615,6 +623,7 @@ Kyle Sallee
 Lachlan O'Dea
 Larry Campbell
 Larry Fahnoe
+Larry Lin
 Lars Buitinck
 Lars Gustafsson
 Lars J. Aas
@@ -629,6 +638,7 @@ Leif W
 Len Krause
 Lenaic Lefever
 Lenny Rachitsky
+Leon Winter
 Liam Healy
 Lijo Antony
 Linas Vepstas
@@ -649,6 +659,7 @@ Luke Call
 Luke Dashjr
 Luong Dinh Dung
 Maciej Karpiuk
+Maciej Puzio
 Maciej W. Rozycki
 Maks Naumov
 Mamoru Tasaka
@@ -814,6 +825,7 @@ Patrick Bihan-Faou
 Patrick Monnerat
 Patrick Scott
 Patrick Smith
+Patrick Watson
 Patrik Thunstrom
 Pau Garcia i Quiles
 Paul Donohue
@@ -874,6 +886,7 @@ Puneet Pawaia
 Quagmire
 Quanah Gibson-Mount
 Quinn Slack
+Radu Simionescu
 Rafa Muyo
 Rafael Sagula
 Rainer Canavan
@@ -945,6 +958,7 @@ Roy Shan
 Rune Kleveland
 Ruslan Gazizov
 Rutger Hofman
+Ryan Braud
 Ryan Chan
 Ryan Nelson
 Ryan Schmidt
@@ -1040,6 +1054,7 @@ Thomas Lopatic
 Thomas Schwinge
 Thomas Tonino
 Tiit Pikma
+Till Maas
 Tim Ansell
 Tim Baker
 Tim Bartley
@@ -1066,6 +1081,7 @@ Tom Mattison
 Tom Moers
 Tom Mueller
 Tom Regner
+Tom Sparrow
 Tom Wright
 Tom Zerucha
 Tomas Hoger
@@ -1087,12 +1103,14 @@ Troels Walsted Hansen
 Troy Engel
 Tupone Alfredo
 Tyler Hall
+Török Edwin
 Ulf Härnhammar
 Ulf Samuelsson
 Ulrich Doehner
 Ulrich Zadow
 Venkat Akella
 Victor Snezhko
+Vijay Panghal
 Vikram Saxena
 Viktor Szakáts
 Vilmos Nebehaj
--- a/docs/TODO
+++ b/docs/TODO
@@ -17,7 +17,7 @@
 1.4 signal-based resolver timeouts
 1.5 get rid of PATH_MAX
 1.6 Modified buffer size approach
- 1.7 Detect when called from witin callbacks
+ 1.7 Detect when called from within callbacks
 1.8 Allow SSL (HTTPS) to proxy

 2. libcurl - multi interface
@@ -25,7 +25,7 @@
 2.2 Fix HTTP Pipelining for PUT

 3. Documentation
- 3.1  More and better
+ 3.1 Update date and version in man pages

 4. FTP
 4.1 HOST
@@ -88,7 +88,6 @@
 15.4 simultaneous parallel transfers
 15.5 provide formpost headers
 15.6 warning when setting an option
- 15.7 IPv6 addresses with globbing

 16. Build
 16.1 roffit
@@ -98,9 +97,10 @@
 17.2 nicer lacking perl message
 17.3 more protocols supported
 17.4 more platforms supported
+ 17.5 Add support for concurrent connections

 18. Next SONAME bump
- 18.1 http-style HEAD output for ftp
+ 18.1 http-style HEAD output for FTP
 18.2 combine error codes
 18.3 extend CURLOPT_SOCKOPTFUNCTION prototype

@@ -174,7 +174,7 @@
 Dynamically allocate buffer size depending on protocol in use in combination
 with freeing it after each individual transfer? Other suggestions?

-1.7 Detect when called from witin callbacks
+1.7 Detect when called from within callbacks

 We should set a state variable before calling callbacks, so that we
 subsequently can add code within libcurl that returns error if called within
@@ -186,6 +186,8 @@
 by Chrome already:
 http://www.chromium.org/developers/design-documents/secure-web-proxy

+ ...and by Firefox soon:
+ https://bugzilla.mozilla.org/show_bug.cgi?id=378637

 2. libcurl - multi interface

@@ -211,18 +213,20 @@

 3. Documentation

-3.1  More and better
+3.1 Update date and version in man pages

- Exactly
+ 'maketgz' or another suitable script could update the .TH sections of the man
+ pages at release time to use the current date and curl/libcurl version
+ number.

 4. FTP

 4.1 HOST

- HOST is a suggested command in the works for a client to tell which host name
- to use, to offer FTP servers named-based virtual hosting:
+ HOST is a command for a client to tell which host name to use, to offer FTP
+ servers named-based virtual hosting:

- http://tools.ietf.org/html/draft-hethmon-mcmurray-ftp-hosts-11
+ http://tools.ietf.org/html/rfc7151

 4.2 Alter passive/active on failure and retry

@@ -233,7 +237,7 @@

 4.3 Earlier bad letter detection

- Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in the
+ Make the detection of (bad) %0d and %0a codes in FTP URL parts earlier in the
 process to avoid doing a resolve and connect in vain.

 4.4 REST for large files
@@ -287,7 +291,7 @@

 For example:

- http://test:pass;auth=NTLM@example.com would be equivalent to specifing --user
+ http://test:pass;auth=NTLM@example.com would be equivalent to specifying --user
 test:pass;auth=NTLM or --user test:pass --ntlm from the command line. 

 Additionally this should be implemented for proxy base URLs as well.
@@ -352,7 +356,7 @@ to provide the data to send.
 Currently the LDAP module only supports ldap_simple_bind_s() in order to bind
 to an LDAP server. However, this function sends username and password details
 using the simple authentication mechanism (as clear text). However, it should
- be possible to use ldap_bind_s() instead specifing the security context
+ be possible to use ldap_bind_s() instead specifying the security context
 information ourselves.

 11. New protocols
@@ -383,7 +387,7 @@ to provide the data to send.
 12.4 Cache OpenSSL contexts

 "Look at SSL cafile - quick traces look to me like these are done on every
- request as well, when they should only be necessary once per ssl context (or
+ request as well, when they should only be necessary once per SSL context (or
 once per handle)". The major improvement we can rather easily do is to make
 sure we don't create and kill a new SSL "context" for every request, but
 instead make one for every connection and re-use that SSL context in the same
@@ -489,13 +493,6 @@ to provide the data to send.
  This can be useful to tell when support for a particular feature hasn't been
  compiled into the library.

-15.7 IPv6 addresses with globbing
-
-  Currently the command line client needs to get url globbing disabled (with
-  -g) for it to support IPv6 numerical addresses. This is a rather silly flaw
-  that should be corrected. It probably involves a smarter detection of the
-  '[' and ']' letters.
-
 16. Build

 16.1 roffit
@@ -518,7 +515,7 @@ to provide the data to send.

 17.3 more protocols supported

- Extend the test suite to include more protocols. The telnet could just do ftp
+ Extend the test suite to include more protocols. The telnet could just do FTP
 or http operations (for which we have test servers).

 17.4 more platforms supported
@@ -526,12 +523,26 @@ to provide the data to send.
 Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
 fork()s and it should become even more portable.

+17.5 Add support for concurrent connections
+
+ Tests 836, 882 and 938 were designed to verify that separate connections aren't
+ used when using different login credentials in protocols that shouldn't re-use
+ a connection under such circumstances.
+
+ Unfortunately, ftpserver.pl doesn't appear to support multiple concurrent
+ connections. The read while() loop seems to loop until it receives a disconnect
+ from the client, where it then enters the waiting for connections loop. When
+ the client opens a second connection to the server, the first connection hasn't
+ been dropped (unless it has been forced - which we shouldn't do in these tests)
+ and thus the wait for connections loop is never entered to receive the second
+ connection.
+
 18. Next SONAME bump

-18.1 http-style HEAD output for ftp
+18.1 http-style HEAD output for FTP

 #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
- from being output in NOBODY requests over ftp
+ from being output in NOBODY requests over FTP

 18.2 combine error codes

@@ -629,7 +640,7 @@ to provide the data to send.
 but instead often restricts how the form functions can or can't be modified.

 Changing them to return a private handle will benefit the implementation and
- allow us much greater freedoms while still maintining a solid API and ABI.
+ allow us much greater freedoms while still maintaining a solid API and ABI.

 19.9 have form functions use CURL handle argument

@@ -643,7 +654,7 @@ to provide the data to send.

 Rather than use the URL to specify the mail client string to present in the
 HELO and EHLO commands, libcurl should support a new CURLOPT specifically for
- specifing this data as the URL is non-standard and to be honest a bit of a
+ specifying this data as the URL is non-standard and to be honest a bit of a
 hack ;-)

 Please see the following thread for more information:
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -678,16 +678,16 @@ If this option is used several times, only the first one is used. This is
 because undoing a GET doesn't make sense, but you should then instead enforce
 the alternative method you prefer.
 .IP "-H, --header <header>"
-(HTTP) Extra header to use when getting a web page. You may specify any number
-of extra headers. Note that if you should add a custom header that has the
-same name as one of the internal ones curl would use, your externally set
-header will be used instead of the internal one. This allows you to make even
-trickier stuff than curl would normally do. You should not replace internally
-set headers without knowing perfectly well what you're doing. Remove an
-internal header by giving a replacement without content on the right side of
-the colon, as in: -H \&"Host:". If you send the custom header with no-value
-then its header must be terminated with a semicolon, such as \-H
-\&"X-Custom-Header;" to send "X-Custom-Header:".
+(HTTP) Extra header to include in the request when sending HTTP to a
+server. You may specify any number of extra headers. Note that if you should
+add a custom header that has the same name as one of the internal ones curl
+would use, your externally set header will be used instead of the internal
+one. This allows you to make even trickier stuff than curl would normally
+do. You should not replace internally set headers without knowing perfectly
+well what you're doing. Remove an internal header by giving a replacement
+without content on the right side of the colon, as in: -H \&"Host:". If you
+send the custom header with no-value then its header must be terminated with a
+semicolon, such as \-H \&"X-Custom-Header;" to send "X-Custom-Header:".

 curl will make sure that each header you add/replace is sent with the proper
 end-of-line marker, you should thus \fBnot\fP add that as a part of the header
@@ -696,6 +696,9 @@ for you.

 See also the \fI-A, --user-agent\fP and \fI-e, --referer\fP options.

+Starting in 7.37.0, you need \fI--proxy-header\fP to send custom headers
+intended for a proxy.
+
 This option can be used multiple times to add/replace/remove multiple headers.
 .IP "--hostpubmd5 <md5>"
 (SCP/SFTP) Pass a string containing 32 hexadecimal digits. The string should
@@ -907,6 +910,16 @@ values, but the actual timeout will decrease in accuracy as the specified
 timeout increases in decimal precision.  See also the \fI--connect-timeout\fP
 option.

+If this option is used several times, the last one will be used.
+.IP "--login-options <options>"
+Specify the login options to use during server authentication.
+
+You can use the login options to specify protocol specific options that may
+be used during authentication. At present only IMAP, POP3 and SMTP support
+login options. For more information about the login options please see
+RFC 2384, RFC 5092 and IETF draft draft-earhart-url-smtp-00.txt (Added in
+7.34.0).
+
 If this option is used several times, the last one will be used.
 .IP "--mail-auth <address>"
 (SMTP) Specify a single address. This will be used to specify the
@@ -1107,6 +1120,24 @@ is used in conjunction with the user name which can be specified as part of the
 The Bearer Token and user name are formatted according to RFC 6750.

 If this option is used several times, the last one will be used.
+.IP "--proxy-header <header>"
+(HTTP) Extra header to include in the request when sending HTTP to a
+proxy. You may specify any number of extra headers. This is the equivalent
+option to \fI-H, --header\fP but is for proxy communication only like in
+CONNECT requests when you want a separate header sent to the proxy to what is
+sent to the actual remote host.
+
+curl will make sure that each header you add/replace is sent with the proper
+end-of-line marker, you should thus \fBnot\fP add that as a part of the header
+content: do not add newlines or carriage returns, they will only mess things
+up for you.
+
+Headers specified with this option will not be included in requests that curl
+knows will not be sent to a proxy.
+
+This option can be used multiple times to add/replace/remove multiple headers.
+
+(Added in 7.37.0)
 .IP "-p, --proxytunnel"
 When an HTTP proxy is used (\fI-x, --proxy\fP), this option will cause non-HTTP
 protocols to attempt to tunnel through the proxy instead of merely using it to
@@ -1592,23 +1623,15 @@ If this option is used several times, the last one will be used.
 .IP "--trace-time"
 Prepends a time stamp to each trace or verbose line that curl displays.
 (Added in 7.14.0)
-.IP "-u, --user <user:password;options>"
-Specify the user name, password and optional login options to use for server
-authentication. Overrides \fI-n, --netrc\fP and \fI--netrc-optional\fP.
+.IP "-u, --user <user:password>"
+Specify the user name and password to use for server authentication. Overrides
+\fI-n, --netrc\fP and \fI--netrc-optional\fP.

-If you simply specify the user name, with or without the login options, curl
-will prompt for a password.
+If you simply specify the user name, curl will prompt for a password.

 If you use an SSPI-enabled curl binary and perform NTLM authentication, you
 can force curl to select the user name and password from your environment by
-simply specifying a single colon with this option: "-u :" or by specifying the
-login options on their own, for example "-u ;auth=NTLM".
-
-You can use the optional login options part to specify protocol specific
-options that may be used during authentication. At present only IMAP, POP3 and
-SMTP support login options as part of the user login information. For more
-information about the login options please see RFC 2384, RFC 5092 and IETF
-draft draft-earhart-url-smtp-00.txt (Added in 7.31.0). 
+specifying a single colon with this option: "-u :".

 If this option is used several times, the last one will be used.
 .IP "-U, --proxy-user <user:password>"
--- a/docs/examples/cacertinmem.c
+++ b/docs/examples/cacertinmem.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -103,6 +103,10 @@ static CURLcode sslctx_function(CURL * curl, void * sslctx, void * parm)
  if (X509_STORE_add_cert(store, cert)==0)
    printf("error adding certificate\n");

+  /* decrease reference counts */
+  X509_free(cert);
+  BIO_free(bio);
+
  /* all set to go */
  return CURLE_OK ;
 }
--- a/docs/examples/imap-append.c
+++ b/docs/examples/imap-append.c
@@ -20,6 +20,7 @@
 *
 ***************************************************************************/
 #include <stdio.h>
+#include <string.h>
 #include <curl/curl.h>

 /* This is a simple example showing how to send mail using libcurl's IMAP
--- a/docs/libcurl/curl_easy_getinfo.3
+++ b/docs/libcurl/curl_easy_getinfo.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -109,7 +109,9 @@ uploaded.
 .IP CURLINFO_SIZE_DOWNLOAD
 Pass a pointer to a double to receive the total amount of bytes that were
 downloaded. The amount is only for the latest transfer and will be reset again
-for each new transfer.
+for each new transfer. This counts actual payload data, what's also commonly
+called body. All meta and header data are excluded and will not be counted in
+this number.
 .IP CURLINFO_SPEED_DOWNLOAD
 Pass a pointer to a double to receive the average download speed that curl
 measured for the complete download. Measured in bytes/second.
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -347,6 +347,8 @@ Pass a pointer to a function that matches the following prototype:
 \fBint function(void *clientp, double dltotal, double dlnow, double ultotal,
 double ulnow);\fP

+We encourage users to use \fICURLOPT_XFERINFOFUNCTION\fP instead, if you can.
+
 This function gets called by libcurl instead of its internal equivalent with a
 frequent interval. While data is being transferred it will be called very
 frequently, and during slow periods like when nothing is being transferred it
@@ -821,8 +823,9 @@ the user

 The path part of an IMAP request not only specifies the mailbox to list (Added
 in 7.30.0) or select, but can also be used to check the UIDVALIDITY of the
-mailbox and to specify the UID and SECTION of the message to fetch (Added in
-7.30.0).
+mailbox, to specify the UID, SECTION (Added in 7.30.0) and PARTIAL octets
+(Added in 7.37.0) of the message to fetch and to specify what nessages to
+search for (Added in 7.37.0).

 imap://user:password@mail.example.com - Performs a top level folder list

@@ -837,7 +840,17 @@ the user's inbox, checks the UIDVALIDITY of the mailbox is 50 and fetches
 message 2 if it is

 imap://user:password@mail.example.com/INBOX/;UID=3/;SECTION=TEXT - Selects the
-user's inbox and fetches message 3 with only the text portion of the message
+user's inbox and fetches the text portial of message 3
+
+imap://user:password@mail.example.com/INBOX/;UID=4/;PARTIAL=0.1024 - Selects
+the user's inbox and fetches the first 1024 octets of message 4
+
+imap://user:password@mail.example.com/INBOX?NEW - Selects the user's inbox and
+checks for NEW messages
+
+imap://user:password@mail.example.com/INBOX?SUBJECT%20shadows - Selects the
+user's inbox and searches for messages containing "shadows" in the subject
+line

 For more information about the individual components of an IMAP URL please
 see RFC5092.
@@ -1515,17 +1528,20 @@ set the User-Agent: header in the http request sent to the remote server. This
 can be used to fool servers or scripts. You can also set any custom header
 with \fICURLOPT_HTTPHEADER\fP.
 .IP CURLOPT_HTTPHEADER
-Pass a pointer to a linked list of HTTP headers to pass to the server in your
-HTTP request. The linked list should be a fully valid list of \fBstruct
-curl_slist\fP structs properly filled in. Use \fIcurl_slist_append(3)\fP to
-create the list and \fIcurl_slist_free_all(3)\fP to clean up an entire
-list. If you add a header that is otherwise generated and used by libcurl
-internally, your added one will be used instead. If you add a header with no
-content as in 'Accept:' (no data on the right side of the colon), the
-internally used header will get disabled. Thus, using this option you can add
-new headers, replace internal headers and remove internal headers. To add a
-header with no content (nothing to the right side of the colon), use the
-form 'MyHeader;' (note the ending semicolon).
+Pass a pointer to a linked list of HTTP headers to pass to the server and/or
+proxy in your HTTP request. The same list is used for both host and proxy
+requests!
+
+The linked list should be a fully valid list of \fBstruct curl_slist\fP
+structs properly filled in. Use \fIcurl_slist_append(3)\fP to create the list
+and \fIcurl_slist_free_all(3)\fP to clean up an entire list. If you add a
+header that is otherwise generated and used by libcurl internally, your added
+one will be used instead. If you add a header with no content as in 'Accept:'
+(no data on the right side of the colon), the internally used header will get
+disabled. With this option you can add new headers, replace internal headers
+and remove internal headers. To add a header with no content (nothing to the
+right side of the colon), use the form 'MyHeader;' (note the ending
+semicolon).

 The headers included in the linked list must not be CRLF-terminated, because
 curl adds CRLF after each header item. Failure to comply with this will result
@@ -1541,6 +1557,42 @@ Pass a NULL to this to reset back to no custom headers.

 The most commonly replaced headers have "shortcuts" in the options
 \fICURLOPT_COOKIE\fP, \fICURLOPT_USERAGENT\fP and \fICURLOPT_REFERER\fP.
+
+There's an alternative option that sets or replaces headers only for requests
+that are sent with CONNECT to a proxy: \fICURLOPT_PROXYHEADER\fP. Use
+\fICURLOPT_HEADEROPT\fP to control the behavior.
+.IP CURLOPT_HEADEROPT
+Pass a long that is a bitmask of options of how to deal with headers. The two
+mutually exclusive options are:
+
+CURLHEADER_UNIFIED - keep working as before. This means CURLOPT_HTTPHEADER
+headers will be used in requests both to servers and proxies. With this option
+enabled, \fICURLOPT_PROXYHEADER\fP will not have any effect.
+
+CURLHEADER_SEPARATE - makes \fICURLOPT_HTTPHEADER\fP headers only get sent to
+a server and not to a proxy. Proxy headers must be set with
+\fICURLOPT_PROXYHEADER\fP to get used. Note that if a non-CONNECT request is
+sent to a proxy, libcurl will send both server headers and proxy headers. When
+doing CONNECT, libcurl will send \fICURLOPT_PROXYHEADER\fP headers only do the
+proxy and then \fICURLOPT_HTTPHEADER\fP headers only to the server.
+
+(Added in 7.37.0)
+.IP CURLOPT_PROXYHEADER
+Pass a pointer to a linked list of HTTP headers to pass in your HTTP request
+sent to a proxy. The rules for this list is identical to the
+\fICURLOPT_HTTPHEADER\fP option's.
+
+The headers set with this option is only ever used in requests sent to a proxy
+- when there's also a request sent to a host.
+
+The first line in a request (containing the method, usually a GET or POST) is
+NOT a header and cannot be replaced using this option. Only the lines
+following the request-line are headers. Adding this method line in this list
+of headers will only cause your request to send an invalid header.
+
+Pass a NULL to this to reset back to no custom headers.
+
+This option was added in libcurl 7.37.0.
 .IP CURLOPT_HTTP200ALIASES
 Pass a pointer to a linked list of aliases to be treated as valid HTTP 200
 responses.  Some servers respond with a custom header response line.  For
@@ -2743,6 +2795,14 @@ known_host matching has been done, to allow the application to act and decide
 for libcurl how to proceed. The callback will only be called if
 \fICURLOPT_SSH_KNOWNHOSTS\fP is also set.

+.nf
+int curl_sshkeycallback (CURL *easy,     /* easy handle */
+                         const struct curl_khkey *knownkey, /* known */
+                         const struct curl_khkey *foundkey, /* found */
+                         enum curl_khmatch, /* libcurl's view on the keys */
+                         void *clientp);
+.fi
+
 The curl_sshkeycallback function gets passed the CURL handle, the key from the
 known_hosts file, the key from the remote site, info from libcurl on the
 matching status and a custom pointer (set with \fICURLOPT_SSH_KEYDATA\fP). It
--- a/docs/libcurl/symbols-in-versions
+++ b/docs/libcurl/symbols-in-versions
@@ -193,6 +193,8 @@ CURLFTP_CREATE_DIR_RETRY        7.19.4
 CURLGSSAPI_DELEGATION_FLAG      7.22.0
 CURLGSSAPI_DELEGATION_NONE      7.22.0
 CURLGSSAPI_DELEGATION_POLICY_FLAG 7.22.0
+CURLHEADER_SEPARATE             7.37.0
+CURLHEADER_UNIFIED              7.37.0
 CURLINFO_APPCONNECT_TIME        7.19.0
 CURLINFO_CERTINFO               7.19.1
 CURLINFO_CONDITION_UNMET        7.19.4
@@ -370,6 +372,7 @@ CURLOPT_GSSAPI_DELEGATION       7.22.0
 CURLOPT_HEADER                  7.1
 CURLOPT_HEADERDATA              7.10
 CURLOPT_HEADERFUNCTION          7.7.2
+CURLOPT_HEADEROPT               7.37.0
 CURLOPT_HTTP200ALIASES          7.10.3
 CURLOPT_HTTPAUTH                7.10.6
 CURLOPT_HTTPGET                 7.8.1
@@ -439,6 +442,7 @@ CURLOPT_PROGRESSFUNCTION        7.1           7.32.0
 CURLOPT_PROTOCOLS               7.19.4
 CURLOPT_PROXY                   7.1
 CURLOPT_PROXYAUTH               7.10.7
+CURLOPT_PROXYHEADER             7.37.0
 CURLOPT_PROXYPASSWORD           7.19.1
 CURLOPT_PROXYPORT               7.1
 CURLOPT_PROXYTYPE               7.10
@@ -496,11 +500,11 @@ CURLOPT_SSLKEY                  7.9.3
 CURLOPT_SSLKEYPASSWD            7.9.3         7.17.0
 CURLOPT_SSLKEYTYPE              7.9.3
 CURLOPT_SSLVERSION              7.1
-CURLOPT_SSL_ENABLE_ALPN         7.36.0
-CURLOPT_SSL_ENABLE_NPN          7.36.0
 CURLOPT_SSL_CIPHER_LIST         7.9
 CURLOPT_SSL_CTX_DATA            7.10.6
 CURLOPT_SSL_CTX_FUNCTION        7.10.6
+CURLOPT_SSL_ENABLE_ALPN         7.36.0
+CURLOPT_SSL_ENABLE_NPN          7.36.0
 CURLOPT_SSL_OPTIONS             7.25.0
 CURLOPT_SSL_SESSIONID_CACHE     7.16.0
 CURLOPT_SSL_VERIFYHOST          7.8.1
--- a/docs/mk-ca-bundle.1
+++ b/docs/mk-ca-bundle.1
@@ -24,13 +24,14 @@
 .SH NAME
 mk-ca-bundle \- convert mozilla's certdata.txt to PEM format
 .SH SYNOPSIS
-mk-ca-bundle [bilnqtuv]
+mk-ca-bundle [bilnpqstuv]
 .I [outputfile]
 .SH DESCRIPTION
 The mk-ca-bundle tool downloads the certdata.txt file from Mozilla's source
-tree over HTTP, then parses certdata.txt and extracts CA Root Certificates
-into PEM format.  These are then processed with the OpenSSL commandline tool
-to produce the final ca-bundle file.
+tree over HTTP, then parses certdata.txt and extracts certificates
+into PEM format.  By default, only CA root certificates trusted to issue SSL
+server authentication certificates are extracted. These are then processed with
+the OpenSSL commandline tool to produce the final ca-bundle file.

 The default \fIoutputfile\fP name is \fBca-bundle.crt\fP. By setting it to '-'
 (a single dash) you will get the output sent to STDOUT instead of a file.
@@ -54,10 +55,40 @@ print version info about used modules
 print license info about certdata.txt
 .IP -n
 no download of certdata.txt (to use existing)
+.IP "-p [purposes]:[levels]"
+list of Mozilla trust purposes and levels for certificates to include in output.
+Takes the form of a comma separated list of purposes, a colon, and a comma
+separated list of levels. The default is to include all certificates trusted
+to issue SSL Server certificates (SERVER_AUTH:TRUSTED_DELEGATOR).
+
+(Added in version 1.21, Perl only)
+
+Valid purposes are:
+.RS
+ALL, DIGITAL_SIGNATURE, NON_REPUDIATION, KEY_ENCIPHERMENT,
+DATA_ENCIPHERMENT, KEY_AGREEMENT, KEY_CERT_SIGN, CRL_SIGN,
+SERVER_AUTH (default), CLIENT_AUTH, CODE_SIGNING, EMAIL_PROTECTION,
+IPSEC_END_SYSTEM, IPSEC_TUNNEL, IPSEC_USER, TIME_STAMPING, STEP_UP_APPROVED
+.RE
+
+Valid trust levels are:
+.RS
+ALL, TRUSTED_DELEGATOR (default), NOT_TRUSTED, MUST_VERIFY_TRUST, TRUSTED
+.RE
 .IP -q
 be really quiet (no progress output at all)
 .IP -t
 include plain text listing of certificates
+.IP "-s [algorithms]"
+comma separated list of signature algorithms with which to hash/fingerprint
+each certificate and output when run in plain text mode.
+
+(Added in version 1.21, Perl only)
+
+Valid algorithms are:
+.RS
+ALL, NONE, MD5 (default), SHA1, SHA256, SHA512
+.RE
 .IP -u
 unlink (remove) certdata.txt after processing
 .IP -v
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -754,6 +754,10 @@ typedef enum {
  CURLFTPMETHOD_LAST       /* not an option, never use */
 } curl_ftpmethod;

+/* bitmask defines for CURLOPT_HEADEROPT */
+#define CURLHEADER_UNIFIED  0
+#define CURLHEADER_SEPARATE (1<<0)
+
 /* CURLPROTO_ defines are for the CURLOPT_*PROTOCOLS options */
 #define CURLPROTO_HTTP   (1<<0)
 #define CURLPROTO_HTTPS  (1<<1)
@@ -903,7 +907,8 @@ typedef enum {
  /* Set cookie in request: */
  CINIT(COOKIE, OBJECTPOINT, 22),

-  /* This points to a linked list of headers, struct curl_slist kind */
+  /* This points to a linked list of headers, struct curl_slist kind. This
+     list is also used for RTSP (in spite of its name) */
  CINIT(HTTPHEADER, OBJECTPOINT, 23),

  /* This points to a linked list of post entries, struct curl_httppost */
@@ -1581,6 +1586,13 @@ typedef enum {
   * Expect: 100-continue header before sending the data anyway. */
  CINIT(EXPECT_100_TIMEOUT_MS, LONG, 227),

+  /* This points to a linked list of headers used for proxy requests only,
+     struct curl_slist kind */
+  CINIT(PROXYHEADER, OBJECTPOINT, 228),
+
+  /* Pass in a bitmask of "header options" */
+  CINIT(HEADEROPT, LONG, 229),
+
  CURLOPT_LASTENTRY /* the last unused */
 } CURLoption;

--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -30,12 +30,12 @@

 /* This is the version number of the libcurl package from which this header
   file origins: */
-#define LIBCURL_VERSION "7.36.0-DEV"
+#define LIBCURL_VERSION "7.37.0-DEV"

 /* The numeric version number is also available "in parts" by using these
   defines: */
 #define LIBCURL_VERSION_MAJOR 7
-#define LIBCURL_VERSION_MINOR 36
+#define LIBCURL_VERSION_MINOR 37
 #define LIBCURL_VERSION_PATCH 0

 /* This is the numeric version of the libcurl version number, meant for easier
@@ -53,7 +53,7 @@
   and it is always a greater number in a more recent release. It makes
   comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x072400
+#define LIBCURL_VERSION_NUM 0x072500

 /*
 * This is the date and time when the full source package was created. The
--- a/lib/Makefile.b32
+++ b/lib/Makefile.b32
@@ -49,9 +49,9 @@ CC_FLAGS = -5 -O2 -tWM -w -w-aus -w-ccc -w-dup -w-prc -w-pro -w-rch -w-sig -w-sp
 LIBFLAGS = /C /P32
 LDFLAGS  = -q -lq -laa -tWD

-SRCDIR   = .
+SRCDIR   = .;.\vtls
 OBJDIR   = .\BCC_objs
-INCDIRS  = -I.;..\include
+INCDIRS  = -I.;.\lib;..\include
 LINKLIB  = $(BCCDIR)\lib\cw32mt.lib $(BCCDIR)\lib\ws2_32.lib
 DEFINES  = -DNDEBUG -DWIN32 -DBUILDING_LIBCURL

@@ -94,10 +94,11 @@ LINKLIB  = $(LINKLIB) $(OPENSSL_PATH)\out32\ssleay32.lib $(OPENSSL_PATH)\out32\l
 # build source files with hyphens in their name as objects with underscores
 # using explicit compilation build rules instead of implicit ones.

-NOHYPHEN = $(CSOURCES:-=_)
+NOHYPHEN1 = $(CSOURCES:-=_)
+NOHYPHEN2 = $(NOHYPHEN1:vtls/=)

-OBJECTS = $(NOHYPHEN:.c=.obj)
-PREPROCESSED = $(NOHYPHEN:.c=.int)
+OBJECTS = $(NOHYPHEN2:.c=.obj)
+PREPROCESSED = $(NOHYPHEN2:.c=.int)

 # Borland's command line compiler (BCC32) version 5.5.1 integrated
 # preprocessor has a bug which results in silently generating wrong
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -20,14 +20,15 @@
 #
 ###########################################################################

-VSOURCES=vtls/openssl.c vtls/gtls.c vtls/vtls.c vtls/nss.c vtls/qssl.c	\
-  vtls/polarssl.c vtls/polarssl_threadlock.c vtls/axtls.c vtls/cyassl.c	\
-  vtls/curl_schannel.c vtls/curl_darwinssl.c vtls/gskit.c
-VHEADERS= vtls/qssl.h vtls/openssl.h vtls/vtls.h vtls/gtls.h		\
+LIB_VTLS_CFILES = vtls/openssl.c vtls/gtls.c vtls/vtls.c vtls/nss.c	\
+  vtls/qssl.c vtls/polarssl.c vtls/polarssl_threadlock.c vtls/axtls.c	\
+  vtls/cyassl.c vtls/curl_schannel.c vtls/curl_darwinssl.c vtls/gskit.c
+
+LIB_VTLS_HFILES = vtls/qssl.h vtls/openssl.h vtls/vtls.h vtls/gtls.h	\
  vtls/nssg.h vtls/polarssl.h vtls/polarssl_threadlock.h vtls/axtls.h	\
  vtls/cyassl.h vtls/curl_schannel.h vtls/curl_darwinssl.h vtls/gskit.h

-CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c	\
+LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c	\
  cookie.c http.c sendf.c ftp.c url.c dict.c if2ip.c speedcheck.c	\
  ldap.c version.c getenv.c escape.c mprintf.c telnet.c netrc.c		\
  getinfo.c transfer.c strequal.c easy.c security.c curl_fnmatch.c	\
@@ -44,9 +45,9 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c	\
  asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c		\
  curl_ntlm_core.c curl_ntlm_msgs.c curl_sasl.c curl_multibyte.c	\
  hostcheck.c bundles.c conncache.c pipeline.c dotdot.c x509asn1.c	\
-  http2.c $(VSOURCES)
+  http2.c curl_sasl_sspi.c

-HHEADERS = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h	\
+LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h	\
  formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h if2ip.h		\
  speedcheck.h urldata.h curl_ldap.h escape.h telnet.h getinfo.h	\
  strequal.h curl_sec.h memdebug.h http_chunks.h curl_fnmatch.h		\
@@ -62,4 +63,9 @@ HHEADERS = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h	\
  curl_ntlm.h curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h		\
  curl_ntlm_msgs.h curl_sasl.h curl_multibyte.h hostcheck.h bundles.h	\
  conncache.h curl_setup_once.h multihandle.h setup-vms.h pipeline.h	\
-  dotdot.h x509asn1.h http2.h sigpipe.h $(VHEADERS)
+  dotdot.h x509asn1.h http2.h sigpipe.h
+
+LIB_RCFILES = libcurl.rc
+
+CSOURCES = $(LIB_CFILES) $(LIB_VTLS_CFILES)
+HHEADERS = $(LIB_HFILES) $(LIB_VTLS_HFILES)
--- a/lib/Makefile.vc6
+++ b/lib/Makefile.vc6
@@ -542,6 +542,7 @@ X_OBJS= \
 	$(DIROBJ)\curl_ntlm_wb.obj \
 	$(DIROBJ)\curl_rtmp.obj \
 	$(DIROBJ)\curl_sasl.obj \
+	$(DIROBJ)\curl_sasl_sspi.obj \
 	$(DIROBJ)\curl_schannel.obj \
 	$(DIROBJ)\curl_sspi.obj \
 	$(DIROBJ)\curl_threads.obj \
--- a/lib/README.http2
+++ b/lib/README.http2
@@ -50,6 +50,16 @@ SSL libs
    NSS:     ALPN and NPN
    GnuTLS:  ALPN

+Alt-Svc
+
+  Alt-Svc is a suggested new header with a corresponding frame (ALTSVC) in
+  http2 that tells the client about an alternative "route" to the same content
+  for the same origin server that you get the response from. A browser or
+  long-living client can use that hint to create a new connection
+  asynchronously.  For libcurl, we may introduce a way to bring such clues to
+  the applicaton and/or let a subsequent request use the alternate route
+  automatically.
+
 Applications

  We hide http2's binary nature and convert received http2 traffic to headers
--- a/lib/config-win32.h
+++ b/lib/config-win32.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -465,7 +465,8 @@
 #endif

 /* Define if the compiler supports the 'long long' data type. */
-#if defined(__MINGW32__) || defined(__WATCOMC__)
+#if defined(__MINGW32__) || defined(__WATCOMC__) || \
+    (defined(_MSC_VER) && (_MSC_VER >= 1310))
 #define HAVE_LONGLONG 1
 #endif

--- a/lib/connect.c
+++ b/lib/connect.c
@@ -224,7 +224,12 @@ long Curl_timeleft(struct SessionHandle *data,
  }

  /* subtract elapsed time */
+  if(duringconnect)
+    /* since this most recent connect started */
    timeout_ms -= Curl_tvdiff(*nowp, data->progress.t_startsingle);
+  else
+    /* since the entire operation started */
+    timeout_ms -= Curl_tvdiff(*nowp, data->progress.t_startop);
  if(!timeout_ms)
    /* avoid returning 0 as that means no timeout! */
    return -1;
@@ -545,7 +550,7 @@ static CURLcode trynextip(struct connectdata *conn,
  conn->tempsock[tempindex] = CURL_SOCKET_BAD;

  if(sockindex == FIRSTSOCKET) {
-    Curl_addrinfo *ai;
+    Curl_addrinfo *ai = NULL;
    int family;

    if(conn->tempaddr[tempindex]) {
@@ -553,7 +558,7 @@ static CURLcode trynextip(struct connectdata *conn,
      family = conn->tempaddr[tempindex]->ai_family;
      ai = conn->tempaddr[tempindex]->ai_next;
    }
-    else {
+    else if(conn->tempaddr[0]) {
      /* happy eyeballs - try the other protocol family */
      int firstfamily = conn->tempaddr[0]->ai_family;
 #ifdef ENABLE_IPV6
@@ -811,6 +816,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
      char ipaddress[MAX_IPADR_LEN];
      data->state.os_errno = error;
      SET_SOCKERRNO(error);
+      if(conn->tempaddr[i]) {
        Curl_printable_address(conn->tempaddr[i], ipaddress, MAX_IPADR_LEN);
        infof(data, "connect to %s port %ld failed: %s\n",
              ipaddress, conn->port, Curl_strerror(conn, error));
@@ -821,6 +827,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
        code = trynextip(conn, sockindex, i);
      }
    }
+  }

  if(code) {
    /* no more addresses to try */
--- a/lib/curl_ntlm_core.c
+++ b/lib/curl_ntlm_core.c
@@ -402,7 +402,11 @@ static void write32_le(const int value, unsigned char *buffer)
  buffer[3] = (char)((value & 0xFF000000) >> 24);
 }

+#if defined(HAVE_LONGLONG)
 static void write64_le(const long long value, unsigned char *buffer)
+#else
+static void write64_le(const __int64 value, unsigned char *buffer)
+#endif
 {
  write32_le((int)value, buffer);
  write32_le((int)(value >> 32), buffer + 4);
@@ -550,16 +554,27 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash,
  unsigned int len = 0;
  unsigned char *ptr = NULL;
  unsigned char hmac_output[NTLM_HMAC_MD5_LEN];
+#if defined(HAVE_LONGLONG)
  long long tw;
+#else
+  __int64 tw;
+#endif
  CURLcode res = CURLE_OK;

  /* Calculate the timestamp */
+#if defined(HAVE_LONGLONG)
 #if defined(DEBUGBUILD)
  tw = 11644473600ULL * 10000000ULL;
 #else
  tw = ((long long)time(NULL) + 11644473600ULL) * 10000000ULL;
 #endif
-
+#else
+#if defined(DEBUGBUILD)
+  tw = 11644473600ui64 * 10000000ui64;
+#else
+  tw = ((__int64)time(NULL) + 11644473600ui64) * 10000000ui64;
+#endif
+#endif
  /* Calculate the response len */
  len = NTLM_HMAC_MD5_LEN + NTLMv2_BLOB_LEN;

--- a/lib/curl_ntlm_msgs.c
+++ b/lib/curl_ntlm_msgs.c
@@ -346,17 +346,15 @@ CURLcode Curl_ntlm_decode_type2_message(struct SessionHandle *data,
 void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm)
 {
  Curl_safefree(ntlm->type_2);
+
  if(ntlm->has_handles) {
    s_pSecFn->DeleteSecurityContext(&ntlm->c_handle);
    s_pSecFn->FreeCredentialsHandle(&ntlm->handle);
    ntlm->has_handles = 0;
  }
-  if(ntlm->p_identity) {
-    Curl_safefree(ntlm->identity.User);
-    Curl_safefree(ntlm->identity.Password);
-    Curl_safefree(ntlm->identity.Domain);
+
+  Curl_sspi_free_identity(ntlm->p_identity);
  ntlm->p_identity = NULL;
-  }
 }
 #endif

@@ -416,92 +414,30 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,

 #ifdef USE_WINDOWS_SSPI

-  SecBuffer buf;
-  SecBufferDesc desc;
+  SecBuffer type_1_buf;
+  SecBufferDesc type_1_desc;
  SECURITY_STATUS status;
  unsigned long attrs;
-  xcharp_u useranddomain;
-  xcharp_u user, dup_user;
-  xcharp_u domain, dup_domain;
-  xcharp_u passwd, dup_passwd;
-  size_t domlen = 0;
  TimeStamp tsDummy; /* For Windows 9x compatibility of SSPI calls */

-  domain.const_tchar_ptr = TEXT("");
-
  Curl_ntlm_sspi_cleanup(ntlm);

  if(userp && *userp) {
+    CURLcode result;

-    /* null initialize ntlm identity's data to allow proper cleanup */
+    /* Populate our identity structure */
+    result = Curl_create_sspi_identity(userp, passwdp, &ntlm->identity);
+    if(result)
+      return result;
+
+    /* Allow proper cleanup of the identity structure */
    ntlm->p_identity = &ntlm->identity;
-    memset(ntlm->p_identity, 0, sizeof(*ntlm->p_identity));
-
-    useranddomain.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)userp);
-    if(!useranddomain.tchar_ptr)
-      return CURLE_OUT_OF_MEMORY;
-
-    user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('\\'));
-    if(!user.const_tchar_ptr)
-      user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('/'));
-
-    if(user.tchar_ptr) {
-      domain.tchar_ptr = useranddomain.tchar_ptr;
-      domlen = user.tchar_ptr - useranddomain.tchar_ptr;
-      user.tchar_ptr++;
-    }
-    else {
-      user.tchar_ptr = useranddomain.tchar_ptr;
-      domain.const_tchar_ptr = TEXT("");
-      domlen = 0;
-    }
-
-    /* setup ntlm identity's user and length */
-    dup_user.tchar_ptr = _tcsdup(user.tchar_ptr);
-    if(!dup_user.tchar_ptr) {
-      Curl_unicodefree(useranddomain.tchar_ptr);
-      return CURLE_OUT_OF_MEMORY;
-    }
-    ntlm->identity.User = dup_user.tbyte_ptr;
-    ntlm->identity.UserLength = curlx_uztoul(_tcslen(dup_user.tchar_ptr));
-    dup_user.tchar_ptr = NULL;
-
-    /* setup ntlm identity's domain and length */
-    dup_domain.tchar_ptr = malloc(sizeof(TCHAR) * (domlen + 1));
-    if(!dup_domain.tchar_ptr) {
-      Curl_unicodefree(useranddomain.tchar_ptr);
-      return CURLE_OUT_OF_MEMORY;
-    }
-    _tcsncpy(dup_domain.tchar_ptr, domain.tchar_ptr, domlen);
-    *(dup_domain.tchar_ptr + domlen) = TEXT('\0');
-    ntlm->identity.Domain = dup_domain.tbyte_ptr;
-    ntlm->identity.DomainLength = curlx_uztoul(domlen);
-    dup_domain.tchar_ptr = NULL;
-
-    Curl_unicodefree(useranddomain.tchar_ptr);
-
-    /* setup ntlm identity's password and length */
-    passwd.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)passwdp);
-    if(!passwd.tchar_ptr)
-      return CURLE_OUT_OF_MEMORY;
-    dup_passwd.tchar_ptr = _tcsdup(passwd.tchar_ptr);
-    if(!dup_passwd.tchar_ptr) {
-      Curl_unicodefree(passwd.tchar_ptr);
-      return CURLE_OUT_OF_MEMORY;
-    }
-    ntlm->identity.Password = dup_passwd.tbyte_ptr;
-    ntlm->identity.PasswordLength =
-      curlx_uztoul(_tcslen(dup_passwd.tchar_ptr));
-    dup_passwd.tchar_ptr = NULL;
-
-    Curl_unicodefree(passwd.tchar_ptr);
-
-    /* setup ntlm identity's flags */
-    ntlm->identity.Flags = SECFLAG_WINNT_AUTH_IDENTITY;
  }
  else
+    /* Use the current Windows user */
    ntlm->p_identity = NULL;

+  /* Acquire our credientials handle */
  status = s_pSecFn->AcquireCredentialsHandle(NULL,
                                              (TCHAR *) TEXT("NTLM"),
                                              SECPKG_CRED_OUTBOUND, NULL,
@@ -510,13 +446,15 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
  if(status != SEC_E_OK)
    return CURLE_OUT_OF_MEMORY;

-  desc.ulVersion = SECBUFFER_VERSION;
-  desc.cBuffers  = 1;
-  desc.pBuffers  = &buf;
-  buf.cbBuffer   = NTLM_BUFSIZE;
-  buf.BufferType = SECBUFFER_TOKEN;
-  buf.pvBuffer   = ntlmbuf;
+  /* Setup the type-1 "output" security buffer */
+  type_1_desc.ulVersion = SECBUFFER_VERSION;
+  type_1_desc.cBuffers  = 1;
+  type_1_desc.pBuffers  = &type_1_buf;
+  type_1_buf.cbBuffer   = NTLM_BUFSIZE;
+  type_1_buf.BufferType = SECBUFFER_TOKEN;
+  type_1_buf.pvBuffer   = ntlmbuf;

+  /* Generate our type-1 message */
  status = s_pSecFn->InitializeSecurityContext(&ntlm->handle, NULL,
                                               (TCHAR *) TEXT(""),
                                               ISC_REQ_CONFIDENTIALITY |
@@ -524,19 +462,19 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
                                               ISC_REQ_CONNECTION,
                                               0, SECURITY_NETWORK_DREP,
                                               NULL, 0,
-                                               &ntlm->c_handle, &desc,
+                                               &ntlm->c_handle, &type_1_desc,
                                               &attrs, &tsDummy);

  if(status == SEC_I_COMPLETE_AND_CONTINUE ||
     status == SEC_I_CONTINUE_NEEDED)
-    s_pSecFn->CompleteAuthToken(&ntlm->c_handle, &desc);
+    s_pSecFn->CompleteAuthToken(&ntlm->c_handle, &type_1_desc);
  else if(status != SEC_E_OK) {
    s_pSecFn->FreeCredentialsHandle(&ntlm->handle);
    return CURLE_RECV_ERROR;
  }

  ntlm->has_handles = 1;
-  size = buf.cbBuffer;
+  size = type_1_buf.cbBuffer;

 #else

@@ -668,8 +606,8 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
  size_t size;

 #ifdef USE_WINDOWS_SSPI
-  SecBuffer type_2;
-  SecBuffer type_3;
+  SecBuffer type_2_buf;
+  SecBuffer type_3_buf;
  SecBufferDesc type_2_desc;
  SecBufferDesc type_3_desc;
  SECURITY_STATUS status;
@@ -680,18 +618,23 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
  (void)userp;
  (void)data;

-  type_2_desc.ulVersion = type_3_desc.ulVersion  = SECBUFFER_VERSION;
-  type_2_desc.cBuffers  = type_3_desc.cBuffers   = 1;
-  type_2_desc.pBuffers  = &type_2;
-  type_3_desc.pBuffers  = &type_3;
+  /* Setup the type-2 "input" security buffer */
+  type_2_desc.ulVersion = SECBUFFER_VERSION;
+  type_2_desc.cBuffers  = 1;
+  type_2_desc.pBuffers  = &type_2_buf;
+  type_2_buf.BufferType = SECBUFFER_TOKEN;
+  type_2_buf.pvBuffer   = ntlm->type_2;
+  type_2_buf.cbBuffer   = ntlm->n_type_2;

-  type_2.BufferType = SECBUFFER_TOKEN;
-  type_2.pvBuffer   = ntlm->type_2;
-  type_2.cbBuffer   = ntlm->n_type_2;
-  type_3.BufferType = SECBUFFER_TOKEN;
-  type_3.pvBuffer   = ntlmbuf;
-  type_3.cbBuffer   = NTLM_BUFSIZE;
+  /* Setup the type-3 "output" security buffer */
+  type_3_desc.ulVersion = SECBUFFER_VERSION;
+  type_3_desc.cBuffers  = 1;
+  type_3_desc.pBuffers  = &type_3_buf;
+  type_3_buf.BufferType = SECBUFFER_TOKEN;
+  type_3_buf.pvBuffer   = ntlmbuf;
+  type_3_buf.cbBuffer   = NTLM_BUFSIZE;

+  /* Generate our type-3 message */
  status = s_pSecFn->InitializeSecurityContext(&ntlm->handle,
                                               &ntlm->c_handle,
                                               (TCHAR *) TEXT(""),
@@ -706,7 +649,7 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
  if(status != SEC_E_OK)
    return CURLE_RECV_ERROR;

-  size = type_3.cbBuffer;
+  size = type_3_buf.cbBuffer;

  Curl_ntlm_sspi_cleanup(ntlm);

--- a/lib/curl_ntlm_msgs.h
+++ b/lib/curl_ntlm_msgs.h
@@ -170,14 +170,6 @@ void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm);
 #define NTLMFLAG_NEGOTIATE_56                    (1<<31)
 /* Indicates that 56-bit encryption is supported. */

-#ifdef UNICODE
-#  define SECFLAG_WINNT_AUTH_IDENTITY \
-     (unsigned long)SEC_WINNT_AUTH_IDENTITY_UNICODE
-#else
-#  define SECFLAG_WINNT_AUTH_IDENTITY \
-     (unsigned long)SEC_WINNT_AUTH_IDENTITY_ANSI
-#endif
-
 #endif /* BUILDING_CURL_NTLM_MSGS_C */

 #endif /* USE_NTLM */
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -5,6 +5,7 @@
 *                | (__| |_| |  _ <| |___
 *                 \___|\___/|_| \_\_____|
 *
+ * Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 * Copyright (C) 2010, Howard Chu, <hyc@highlandsun.com>
 *
 * This software is licensed as described in the file COPYING, which
@@ -240,7 +241,7 @@ static CURLcode rtmp_do(struct connectdata *conn, bool *done)
    return CURLE_FAILED_INIT;

  if(conn->data->set.upload) {
-    Curl_pgrsSetUploadSize(conn->data, conn->data->set.infilesize);
+    Curl_pgrsSetUploadSize(conn->data, conn->data->state.infilesize);
    Curl_setup_transfer(conn, -1, -1, FALSE, NULL, FIRSTSOCKET, NULL);
  }
  else
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -40,6 +40,8 @@
 #include "curl_sasl.h"
 #include "warnless.h"
 #include "curl_memory.h"
+#include "strtok.h"
+#include "rawstr.h"

 #ifdef USE_NSS
 #include "vtls/nssg.h" /* for Curl_nss_force_init() */
@@ -51,7 +53,15 @@
 /* The last #include file should be: */
 #include "memdebug.h"

-#ifndef CURL_DISABLE_CRYPTO_AUTH
+#if !defined(CURL_DISABLE_CRYPTO_AUTH) && !defined(USE_WINDOWS_SSPI)
+#define DIGEST_QOP_VALUE_AUTH             (1 << 0)
+#define DIGEST_QOP_VALUE_AUTH_INT         (1 << 1)
+#define DIGEST_QOP_VALUE_AUTH_CONF        (1 << 2)
+
+#define DIGEST_QOP_VALUE_STRING_AUTH      "auth"
+#define DIGEST_QOP_VALUE_STRING_AUTH_INT  "auth-int"
+#define DIGEST_QOP_VALUE_STRING_AUTH_CONF "auth-conf"
+
 /* Retrieves the value for a corresponding key from the challenge string
 * returns TRUE if the key could be found, FALSE if it does not exists
 */
@@ -76,6 +86,38 @@ static bool sasl_digest_get_key_value(const char *chlg,

  return TRUE;
 }
+
+static CURLcode sasl_digest_get_qop_values(const char *options, int *value)
+{
+  char *tmp;
+  char *token;
+  char *tok_buf;
+
+  /* Initialise the output */
+  *value = 0;
+
+  /* Tokenise the list of qop values. Use a temporary clone of the buffer since
+     strtok_r() ruins it. */
+  tmp = strdup(options);
+  if(!tmp)
+    return CURLE_OUT_OF_MEMORY;
+
+  token = strtok_r(tmp, ",", &tok_buf);
+  while(token != NULL) {
+    if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH))
+      *value |= DIGEST_QOP_VALUE_AUTH;
+    else if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH_INT))
+      *value |= DIGEST_QOP_VALUE_AUTH_INT;
+    else if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH_CONF))
+      *value |= DIGEST_QOP_VALUE_AUTH_CONF;
+
+    token = strtok_r(NULL, ",", &tok_buf);
+  }
+
+  Curl_safefree(tmp);
+
+  return CURLE_OK;
+}
 #endif

 /*
@@ -263,10 +305,12 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
  return result;
 }

+#ifndef USE_WINDOWS_SSPI
 /*
- * Curl_sasl_decode_digest_md5_message()
+ * sasl_decode_digest_md5_message()
 *
- * This is used to decode an already encoded DIGEST-MD5 challenge message.
+ * This is used internally to decode an already encoded DIGEST-MD5 challenge
+ * message into the seperate attributes.
 *
 * Parameters:
 *
@@ -277,19 +321,23 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
 * rlen    [in]     - The length of the realm buffer.
 * alg     [in/out] - The buffer where the algorithm will be stored.
 * alen    [in]     - The length of the algorithm buffer.
+ * qop     [in/out] - The buffer where the qop-options will be stored.
+ * qlen    [in]     - The length of the qop buffer.
 *
 * Returns CURLE_OK on success.
 */
-CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64,
+static CURLcode sasl_decode_digest_md5_message(const char *chlg64,
                                               char *nonce, size_t nlen,
                                               char *realm, size_t rlen,
-                                             char *alg, size_t alen)
+                                               char *alg, size_t alen,
+                                               char *qop, size_t qlen)
 {
  CURLcode result = CURLE_OK;
  unsigned char *chlg = NULL;
  size_t chlglen = 0;
  size_t chlg64len = strlen(chlg64);

+  /* Decode the base-64 encoded challenge message */
  if(chlg64len && *chlg64 != '=') {
    result = Curl_base64_decode(chlg64, &chlg, &chlglen);
    if(result)
@@ -318,6 +366,12 @@ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64,
    return CURLE_BAD_CONTENT_ENCODING;
  }

+  /* Retrieve qop-options string from the challenge */
+  if(!sasl_digest_get_key_value((char *)chlg, "qop=\"", qop, qlen, '\"')) {
+    Curl_safefree(chlg);
+    return CURLE_BAD_CONTENT_ENCODING;
+  }
+
  Curl_safefree(chlg);

  return CURLE_OK;
@@ -332,8 +386,7 @@ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64,
 * Parameters:
 *
 * data    [in]     - The session handle.
- * nonce   [in]     - The nonce.
- * realm   [in]     - The realm.
+ * chlg64  [in]     - Pointer to the base64 encoded challenge message.
 * userp   [in]     - The user name.
 * passdwp [in]     - The user's password.
 * service [in]     - The service type such as www, smtp, pop or imap.
@@ -344,8 +397,7 @@ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64,
 * Returns CURLE_OK on success.
 */
 CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
-                                             const char *nonce,
-                                             const char *realm,
+                                             const char *chlg64,
                                             const char *userp,
                                             const char *passwdp,
                                             const char *service,
@@ -363,12 +415,39 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
  char HA2_hex[2 * MD5_DIGEST_LEN + 1];
  char resp_hash_hex[2 * MD5_DIGEST_LEN + 1];

+  char nonce[64];
+  char realm[128];
+  char algorithm[64];
+  char qop_options[64];
+  int qop_values;
+
  char nonceCount[] = "00000001";
  char cnonce[]     = "12345678"; /* will be changed */
  char method[]     = "AUTHENTICATE";
-  char qop[]        = "auth";
+  char qop[]        = DIGEST_QOP_VALUE_STRING_AUTH;
  char uri[128];

+  /* Decode the challange message */
+  result = sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce),
+                                          realm, sizeof(realm),
+                                          algorithm, sizeof(algorithm),
+                                          qop_options, sizeof(qop_options));
+  if(result)
+    return result;
+
+  /* We only support md5 sessions */
+  if(strcmp(algorithm, "md5-sess") != 0)
+    return CURLE_BAD_CONTENT_ENCODING;
+
+  /* Get the qop-values from the qop-options */
+  result = sasl_digest_get_qop_values(qop_options, &qop_values);
+  if(result)
+    return result;
+
+  /* We only support auth quality-of-protection */
+  if(!(qop_values & DIGEST_QOP_VALUE_AUTH))
+    return CURLE_BAD_CONTENT_ENCODING;
+
 #ifndef DEBUGBUILD
  /* Generate 64 bits of random data */
  for(i = 0; i < 8; i++)
@@ -454,9 +533,11 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,

  /* Generate the response */
  response = aprintf("username=\"%s\",realm=\"%s\",nonce=\"%s\","
-                     "cnonce=\"%s\",nc=\"%s\",digest-uri=\"%s\",response=%s",
+                     "cnonce=\"%s\",nc=\"%s\",digest-uri=\"%s\",response=%s,"
+                     "qop=%s",
                     userp, realm, nonce,
-                     cnonce, nonceCount, uri, resp_hash_hex);
+                     cnonce, nonceCount, uri, resp_hash_hex,
+                     qop);
  if(!response)
    return CURLE_OUT_OF_MEMORY;

@@ -467,7 +548,9 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,

  return result;
 }
-#endif
+#endif  /* USE_WINDOWS_SSPI */
+
+#endif  /* CURL_DISABLE_CRYPTO_AUTH */

 #ifdef USE_NTLM
 /*
--- a/lib/curl_sasl.h
+++ b/lib/curl_sasl.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 2012 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -22,7 +22,11 @@
 *
 ***************************************************************************/

-#include "pingpong.h"
+#include <curl/curl.h>
+
+struct SessionHandle;
+struct connectdata;
+struct ntlmdata;

 /* Authentication mechanism values */
 #define SASL_AUTH_NONE          0
@@ -77,17 +81,10 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
                                           const char *passwdp,
                                           char **outptr, size_t *outlen);

-/* This is used to decode a base64 encoded DIGEST-MD5 challange message */
-CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64,
-                                             char *nonce, size_t nlen,
-                                             char *realm, size_t rlen,
-                                             char *alg, size_t alen);
-
 /* This is used to generate a base64 encoded DIGEST-MD5 response message */
 CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
-                                             const char *nonce,
-                                             const char *realm,
-                                             const char *user,
+                                             const char *chlg64,
+                                             const char *userp,
                                             const char *passwdp,
                                             const char *service,
                                             char **outptr, size_t *outlen);
--- a/lib/curl_sasl_sspi.c
+++ b/lib/curl_sasl_sspi.c
@@ -0,0 +1,200 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * RFC2831 DIGEST-MD5 authentication
+ * RFC4422 Simple Authentication and Security Layer (SASL)
+ *
+ ***************************************************************************/
+
+#include "curl_setup.h"
+
+#if defined(USE_WINDOWS_SSPI) && !defined(CURL_DISABLE_CRYPTO_AUTH)
+
+#include <curl/curl.h>
+
+#include "curl_sasl.h"
+#include "urldata.h"
+#include "curl_base64.h"
+#include "warnless.h"
+#include "curl_memory.h"
+
+#define _MPRINTF_REPLACE /* use our functions only */
+#include <curl/mprintf.h>
+
+/* The last #include file should be: */
+#include "memdebug.h"
+
+/*
+ * Curl_sasl_create_digest_md5_message()
+ *
+ * This is used to generate an already encoded DIGEST-MD5 response message
+ * ready for sending to the recipient.
+ *
+ * Parameters:
+ *
+ * data    [in]     - The session handle.
+ * chlg64  [in]     - Pointer to the base64 encoded challenge message.
+ * userp   [in]     - The user name.
+ * passdwp [in]     - The user's password.
+ * service [in]     - The service type such as www, smtp, pop or imap.
+ * outptr  [in/out] - The address where a pointer to newly allocated memory
+ *                    holding the result will be stored upon completion.
+ * outlen  [out]    - The length of the output message.
+ *
+ * Returns CURLE_OK on success.
+ */
+CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
+                                             const char *chlg64,
+                                             const char *userp,
+                                             const char *passwdp,
+                                             const char *service,
+                                             char **outptr, size_t *outlen)
+{
+  CURLcode result = CURLE_OK;
+  char *spn = NULL;
+  size_t chlglen = 0;
+  unsigned char *chlg = NULL;
+  unsigned char resp[1024];
+  CredHandle handle;
+  CtxtHandle ctx;
+  PSecPkgInfo SecurityPackage;
+  SEC_WINNT_AUTH_IDENTITY identity;
+  SecBuffer chlg_buf;
+  SecBuffer resp_buf;
+  SecBufferDesc chlg_desc;
+  SecBufferDesc resp_desc;
+  SECURITY_STATUS status;
+  unsigned long attrs;
+  TimeStamp tsDummy; /* For Windows 9x compatibility of SSPI calls */
+
+  /* Decode the base-64 encoded challenge message */
+  if(strlen(chlg64) && *chlg64 != '=') {
+    result = Curl_base64_decode(chlg64, &chlg, &chlglen);
+    if(result)
+      return result;
+  }
+
+  /* Ensure we have a valid challenge message */
+  if(!chlg)
+    return CURLE_BAD_CONTENT_ENCODING;
+
+  /* Ensure we have some login credientials as DigestSSP cannot use the current
+     Windows user like NTLMSSP can */
+  if(!userp || !*userp) {
+    Curl_safefree(chlg);
+    return CURLE_LOGIN_DENIED;
+  }
+
+  /* Query the security package for DigestSSP */
+  status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT("WDigest"),
+                                              &SecurityPackage);
+  if(status != SEC_E_OK) {
+    Curl_safefree(chlg);
+    return CURLE_NOT_BUILT_IN;
+  }
+
+  /* Calculate our SPN */
+  spn = aprintf("%s/%s", service, data->easy_conn->host);
+  if(!spn)
+    return CURLE_OUT_OF_MEMORY;
+
+  /* Populate our identity structure */
+  result = Curl_create_sspi_identity(userp, passwdp, &identity);
+  if(result) {
+    Curl_safefree(spn);
+    Curl_safefree(chlg);
+
+    return result;
+  }
+
+  /* Acquire our credientials handle */
+  status = s_pSecFn->AcquireCredentialsHandle(NULL,
+                                              (TCHAR *) TEXT("WDigest"),
+                                              SECPKG_CRED_OUTBOUND, NULL,
+                                              &identity, NULL, NULL,
+                                              &handle, &tsDummy);
+
+  if(status != SEC_E_OK) {
+    Curl_sspi_free_identity(&identity);
+    Curl_safefree(spn);
+    Curl_safefree(chlg);
+
+    return CURLE_OUT_OF_MEMORY;
+  }
+
+  /* Setup the challenge "input" security buffer */
+  chlg_desc.ulVersion = SECBUFFER_VERSION;
+  chlg_desc.cBuffers  = 1;
+  chlg_desc.pBuffers  = &chlg_buf;
+  chlg_buf.BufferType = SECBUFFER_TOKEN;
+  chlg_buf.pvBuffer   = chlg;
+  chlg_buf.cbBuffer   = curlx_uztoul(chlglen);
+
+  /* Setup the response "output" security buffer */
+  resp_desc.ulVersion = SECBUFFER_VERSION;
+  resp_desc.cBuffers  = 1;
+  resp_desc.pBuffers  = &resp_buf;
+  resp_buf.BufferType = SECBUFFER_TOKEN;
+  resp_buf.pvBuffer   = resp;
+  resp_buf.cbBuffer   = sizeof(resp);
+
+  /* Generate our challenge-response message */
+  status = s_pSecFn->InitializeSecurityContext(&handle,
+                                               NULL,
+                                               (TCHAR *) spn,
+                                               0, 0, 0,
+                                               &chlg_desc,
+                                               0, &ctx,
+                                               &resp_desc,
+                                               &attrs, &tsDummy);
+
+  if(status == SEC_I_COMPLETE_AND_CONTINUE ||
+     status == SEC_I_CONTINUE_NEEDED)
+    s_pSecFn->CompleteAuthToken(&handle, &resp_desc);
+  else if(status != SEC_E_OK) {
+    s_pSecFn->FreeCredentialsHandle(&handle);
+    Curl_sspi_free_identity(&identity);
+    Curl_safefree(spn);
+    Curl_safefree(chlg);
+
+    return CURLE_RECV_ERROR;
+  }
+
+  /* Base64 encode the response */
+  result = Curl_base64_encode(data, (char *)resp, resp_buf.cbBuffer, outptr,
+                              outlen);
+
+  /* Free our handles */
+  s_pSecFn->DeleteSecurityContext(&ctx);
+  s_pSecFn->FreeCredentialsHandle(&handle);
+
+  /* Free the identity structure */
+  Curl_sspi_free_identity(&identity);
+
+  /* Free the SPN */
+  Curl_safefree(spn);
+
+  /* Free the decoeded challenge message */
+  Curl_safefree(chlg);
+
+  return result;
+}
+
+#endif /* USE_WINDOWS_SSPI && !CURL_DISABLE_CRYPTO_AUTH */
--- a/lib/curl_sspi.c
+++ b/lib/curl_sspi.c
@@ -32,6 +32,9 @@
 #include <curl/mprintf.h>

 #include "curl_memory.h"
+#include "curl_multibyte.h"
+#include "warnless.h"
+
 /* The last #include file should be: */
 #include "memdebug.h"

@@ -150,4 +153,105 @@ void Curl_sspi_global_cleanup(void)
  }
 }

+/*
+ * Curl_create_sspi_identity()
+ *
+ * This is used to populate a SSPI identity structure based on the supplied
+ * username and password.
+ *
+ * Parameters:
+ *
+ * userp    [in]     - The user name in the format User or Domain\User.
+ * passdwp  [in]     - The user's password.
+ * identity [in/out] - The identity structure.
+ *
+ * Returns CURLE_OK on success.
+ */
+CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
+                                   SEC_WINNT_AUTH_IDENTITY *identity)
+{
+  xcharp_u useranddomain;
+  xcharp_u user, dup_user;
+  xcharp_u domain, dup_domain;
+  xcharp_u passwd, dup_passwd;
+  size_t domlen = 0;
+
+  domain.const_tchar_ptr = TEXT("");
+
+  /* Initialize the identity */
+  memset(identity, 0, sizeof(*identity));
+
+  useranddomain.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)userp);
+  if(!useranddomain.tchar_ptr)
+    return CURLE_OUT_OF_MEMORY;
+
+  user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('\\'));
+  if(!user.const_tchar_ptr)
+    user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('/'));
+
+  if(user.tchar_ptr) {
+    domain.tchar_ptr = useranddomain.tchar_ptr;
+    domlen = user.tchar_ptr - useranddomain.tchar_ptr;
+    user.tchar_ptr++;
+  }
+  else {
+    user.tchar_ptr = useranddomain.tchar_ptr;
+    domain.const_tchar_ptr = TEXT("");
+    domlen = 0;
+  }
+
+  /* Setup the identity's user and length */
+  dup_user.tchar_ptr = _tcsdup(user.tchar_ptr);
+  if(!dup_user.tchar_ptr) {
+    Curl_unicodefree(useranddomain.tchar_ptr);
+    return CURLE_OUT_OF_MEMORY;
+  }
+  identity->User = dup_user.tbyte_ptr;
+  identity->UserLength = curlx_uztoul(_tcslen(dup_user.tchar_ptr));
+  dup_user.tchar_ptr = NULL;
+
+  /* Setup the identity's domain and length */
+  dup_domain.tchar_ptr = malloc(sizeof(TCHAR) * (domlen + 1));
+  if(!dup_domain.tchar_ptr) {
+    Curl_unicodefree(useranddomain.tchar_ptr);
+    return CURLE_OUT_OF_MEMORY;
+  }
+  _tcsncpy(dup_domain.tchar_ptr, domain.tchar_ptr, domlen);
+  *(dup_domain.tchar_ptr + domlen) = TEXT('\0');
+  identity->Domain = dup_domain.tbyte_ptr;
+  identity->DomainLength = curlx_uztoul(domlen);
+  dup_domain.tchar_ptr = NULL;
+
+  Curl_unicodefree(useranddomain.tchar_ptr);
+
+  /* Setup ntlm identity's password and length */
+  passwd.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)passwdp);
+  if(!passwd.tchar_ptr)
+    return CURLE_OUT_OF_MEMORY;
+  dup_passwd.tchar_ptr = _tcsdup(passwd.tchar_ptr);
+  if(!dup_passwd.tchar_ptr) {
+    Curl_unicodefree(passwd.tchar_ptr);
+    return CURLE_OUT_OF_MEMORY;
+  }
+  identity->Password = dup_passwd.tbyte_ptr;
+  identity->PasswordLength = curlx_uztoul(_tcslen(dup_passwd.tchar_ptr));
+  dup_passwd.tchar_ptr = NULL;
+
+  Curl_unicodefree(passwd.tchar_ptr);
+
+  /* Setup the identity's flags */
+  identity->Flags = SECFLAG_WINNT_AUTH_IDENTITY;
+
+  return CURLE_OK;
+}
+
+void Curl_sspi_free_identity(SEC_WINNT_AUTH_IDENTITY *identity)
+{
+  if(identity) {
+    Curl_safefree(identity->User);
+    Curl_safefree(identity->Password);
+    Curl_safefree(identity->Domain);
+  }
+}
+
 #endif /* USE_WINDOWS_SSPI */
--- a/lib/curl_sspi.h
+++ b/lib/curl_sspi.h
@@ -43,6 +43,13 @@
 CURLcode Curl_sspi_global_init(void);
 void Curl_sspi_global_cleanup(void);

+/* This is used to generate an SSPI identity structure */
+CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
+                                   SEC_WINNT_AUTH_IDENTITY *identity);
+
+/* This is used to free an SSPI identity structure */
+void Curl_sspi_free_identity(SEC_WINNT_AUTH_IDENTITY *identity);
+
 /* Forward-declaration of global variables defined in curl_sspi.c */

 extern HMODULE s_hSecDll;
@@ -289,5 +296,13 @@ extern PSecurityFunctionTable s_pSecFn;
 # define SEC_I_SIGNATURE_NEEDED                ((HRESULT)0x0009035CL)
 #endif

+#ifdef UNICODE
+#  define SECFLAG_WINNT_AUTH_IDENTITY \
+     (unsigned long)SEC_WINNT_AUTH_IDENTITY_UNICODE
+#else
+#  define SECFLAG_WINNT_AUTH_IDENTITY \
+     (unsigned long)SEC_WINNT_AUTH_IDENTITY_ANSI
+#endif
+
 #endif /* USE_WINDOWS_SSPI */
 #endif /* HEADER_CURL_SSPI_H */
--- a/lib/dotdot.c
+++ b/lib/dotdot.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -47,7 +47,7 @@
 *
 * an allocated dedotdotified output string
 */
-char *Curl_dedotdotify(char *input)
+char *Curl_dedotdotify(const char *input)
 {
  size_t inlen = strlen(input);
  char *clone;
--- a/lib/dotdot.h
+++ b/lib/dotdot.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -21,5 +21,5 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
-char *Curl_dedotdotify(char *input);
+char *Curl_dedotdotify(const char *input);
 #endif
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -299,9 +299,13 @@ CURLcode curl_global_init_mem(long flags, curl_malloc_callback m,
  if(!m || !f || !r || !s || !c)
    return CURLE_FAILED_INIT;

-  /* Already initialized, don't do it again */
-  if(initialized)
+  if(initialized) {
+    /* Already initialized, don't do it again, but bump the variable anyway to
+       work like curl_global_init() and require the same amount of cleanup
+       calls. */
+    initialized++;
    return CURLE_OK;
+  }

  /* Call the actual init function first */
  code = curl_global_init(flags);
@@ -756,7 +760,7 @@ static CURLcode easy_perform(struct SessionHandle *data, bool events)
    return CURLE_BAD_FUNCTION_ARGUMENT;

  if(data->multi) {
-    failf(data, "easy handled already used in multi handle");
+    failf(data, "easy handle already used in multi handle");
    return CURLE_FAILED_INIT;
  }

--- a/lib/file.c
+++ b/lib/file.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -336,9 +336,9 @@ static CURLcode file_upload(struct connectdata *conn)
    return CURLE_WRITE_ERROR;
  }

-  if(-1 != data->set.infilesize)
+  if(-1 != data->state.infilesize)
    /* known size of data to "upload" */
-    Curl_pgrsSetUploadSize(data, data->set.infilesize);
+    Curl_pgrsSetUploadSize(data, data->state.infilesize);

  /* treat the negative resume offset value as the case of "-" */
  if(data->state.resume_from < 0) {
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -208,7 +208,7 @@ const struct Curl_handler Curl_handler_ftps = {
  ftp_disconnect,                  /* disconnect */
  ZERO_NULL,                       /* readwrite */
  PORT_FTPS,                       /* defport */
-  CURLPROTO_FTP | CURLPROTO_FTPS,  /* protocol */
+  CURLPROTO_FTPS,                  /* protocol */
  PROTOPT_SSL | PROTOPT_DUAL | PROTOPT_CLOSEACTION |
  PROTOPT_NEEDSPWD | PROTOPT_NOURLQUERY /* flags */
 };
@@ -507,7 +507,7 @@ static CURLcode InitiateTransfer(struct connectdata *conn)
    /* When we know we're uploading a specified file, we can get the file
       size prior to the actual upload. */

-    Curl_pgrsSetUploadSize(data, data->set.infilesize);
+    Curl_pgrsSetUploadSize(data, data->state.infilesize);

    /* set the SO_SNDBUF for the secondary socket for those who need it */
    Curl_sndbufset(conn->sock[SECONDARYSOCKET]);
@@ -877,13 +877,30 @@ static int ftp_domore_getsock(struct connectdata *conn, curl_socket_t *socks,
   */

  if(FTP_STOP == ftpc->state) {
+    int bits = GETSOCK_READSOCK(0);
+
    /* if stopped and still in this state, then we're also waiting for a
       connect on the secondary connection */
    socks[0] = conn->sock[FIRSTSOCKET];
-    socks[1] = conn->sock[SECONDARYSOCKET];

-    return GETSOCK_READSOCK(FIRSTSOCKET) |
-      GETSOCK_WRITESOCK(SECONDARYSOCKET);
+    if(!conn->data->set.ftp_use_port) {
+      int s;
+      int i;
+      /* PORT is used to tell the server to connect to us, and during that we
+         don't do happy eyeballs, but we do if we connect to the server */
+      for(s=1, i=0; i<2; i++) {
+        if(conn->tempsock[i] != CURL_SOCKET_BAD) {
+          socks[s] = conn->tempsock[i];
+          bits |= GETSOCK_WRITESOCK(s++);
+        }
+      }
+    }
+    else {
+      socks[1] = conn->sock[SECONDARYSOCKET];
+      bits |= GETSOCK_WRITESOCK(1);
+    }
+
+    return bits;
  }
  else
    return Curl_pp_getsock(&conn->proto.ftpc.pp, socks, numsocks);
@@ -1666,10 +1683,10 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
      }
    }
    /* now, decrease the size of the read */
-    if(data->set.infilesize>0) {
-      data->set.infilesize -= data->state.resume_from;
+    if(data->state.infilesize>0) {
+      data->state.infilesize -= data->state.resume_from;

-      if(data->set.infilesize <= 0) {
+      if(data->state.infilesize <= 0) {
        infof(data, "File already completely uploaded\n");

        /* no data to transfer */
@@ -3365,13 +3382,13 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
       use checking further */
    ;
  else if(data->set.upload) {
-    if((-1 != data->set.infilesize) &&
-       (data->set.infilesize != *ftp->bytecountp) &&
+    if((-1 != data->state.infilesize) &&
+       (data->state.infilesize != *ftp->bytecountp) &&
       !data->set.crlf &&
       (ftp->transfer == FTPTRANSFER_BODY)) {
      failf(data, "Uploaded unaligned file size (%" CURL_FORMAT_CURL_OFF_T
            " out of %" CURL_FORMAT_CURL_OFF_T " bytes)",
-            *ftp->bytecountp, data->set.infilesize);
+            *ftp->bytecountp, data->state.infilesize);
      result = CURLE_PARTIAL_FILE;
    }
  }
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -325,7 +325,6 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info,
         to return from 'struct ssl_connect_data'; thus, for now we keep the
         backend as CURLSSLBACKEND_NONE in those cases, which should be
         interpreted as "not supported" */
-      break;
    }
    break;
  default:
--- a/lib/hostcheck.c
+++ b/lib/hostcheck.c
@@ -26,6 +26,10 @@
    defined(USE_GSKIT)
 /* these backends use functions from this file */

+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+
 #include "hostcheck.h"
 #include "rawstr.h"
 #include "inet_pton.h"
--- a/lib/http.c
+++ b/lib/http.c
@@ -121,7 +121,7 @@ const struct Curl_handler Curl_handler_http = {
  ZERO_NULL,                            /* readwrite */
  PORT_HTTP,                            /* defport */
  CURLPROTO_HTTP,                       /* protocol */
-  PROTOPT_NONE                          /* flags */
+  PROTOPT_CREDSPERREQUEST               /* flags */
 };

 #ifdef USE_SSL
@@ -144,7 +144,7 @@ const struct Curl_handler Curl_handler_https = {
  ZERO_NULL,                            /* disconnect */
  ZERO_NULL,                            /* readwrite */
  PORT_HTTPS,                           /* defport */
-  CURLPROTO_HTTP | CURLPROTO_HTTPS,     /* protocol */
+  CURLPROTO_HTTPS,                      /* protocol */
  PROTOPT_SSL | PROTOPT_CREDSPERREQUEST /* flags */
 };
 #endif
@@ -169,12 +169,40 @@ CURLcode Curl_http_setup_conn(struct connectdata *conn)
 *
 * Returns a pointer to the first matching header or NULL if none matched.
 */
-char *Curl_checkheaders(struct SessionHandle *data, const char *thisheader)
+char *Curl_checkheaders(const struct connectdata *conn,
+                        const char *thisheader)
 {
  struct curl_slist *head;
  size_t thislen = strlen(thisheader);
+  struct SessionHandle *data = conn->data;

-  for(head = data->set.headers; head; head=head->next) {
+  for(head = data->set.headers;head; head=head->next) {
+    if(Curl_raw_nequal(head->data, thisheader, thislen))
+      return head->data;
+  }
+  return NULL;
+}
+
+/*
+ * checkProxyHeaders() checks the linked list of custom proxy headers
+ * if proxy headers are not available, then it will lookup into http header
+ * link list
+ *
+ * It takes a connectdata struct as input instead of the SessionHandle simply
+ * to know if this is a proxy request or not, as it then might check a
+ * different header list.
+ *
+ */
+char *Curl_checkProxyheaders(const struct connectdata *conn,
+                             const char *thisheader)
+{
+  struct curl_slist *head;
+  size_t thislen = strlen(thisheader);
+  struct SessionHandle *data = conn->data;
+
+  for(head = (conn->bits.proxy && data->set.sep_headers)?
+        data->set.proxyheaders:data->set.headers;
+      head; head=head->next) {
    if(Curl_raw_nequal(head->data, thisheader, thislen))
      return head->data;
  }
@@ -377,8 +405,8 @@ static CURLcode http_perhapsrewind(struct connectdata *conn)
        expectsend = (curl_off_t)strlen(data->set.postfields);
      break;
    case HTTPREQ_PUT:
-      if(data->set.infilesize != -1)
-        expectsend = data->set.infilesize;
+      if(data->state.infilesize != -1)
+        expectsend = data->state.infilesize;
      break;
    case HTTPREQ_POST_FORM:
      expectsend = http->postsize;
@@ -584,9 +612,9 @@ output_auth_headers(struct connectdata *conn,
  if(authstatus->picked == CURLAUTH_BASIC) {
    /* Basic */
    if((proxy && conn->bits.proxy_user_passwd &&
-       !Curl_checkheaders(data, "Proxy-authorization:")) ||
+        !Curl_checkProxyheaders(conn, "Proxy-authorization:")) ||
       (!proxy && conn->bits.user_passwd &&
-       !Curl_checkheaders(data, "Authorization:"))) {
+        !Curl_checkheaders(conn, "Authorization:"))) {
      auth="Basic";
      result = http_output_basic(conn, proxy);
      if(result)
@@ -752,7 +780,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
          infof(data, "Authentication problem. Ignoring this.\n");
          data->state.authproblem = TRUE;
        }
-        else {
+        else if(data->state.negotiate.state == GSS_AUTHNONE) {
          neg = Curl_input_negotiate(conn, proxy, auth);
          if(neg == 0) {
            DEBUGASSERT(!data->req.newurl);
@@ -1361,7 +1389,7 @@ static CURLcode https_connecting(struct connectdata *conn, bool *done)
 #endif

 #if defined(USE_SSLEAY) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
-    defined(USE_DARWINSSL) || defined(USE_POLARSSL)
+    defined(USE_DARWINSSL) || defined(USE_POLARSSL) || defined(USE_NSS)
 /* This function is for OpenSSL, GnuTLS, darwinssl, schannel and polarssl only.
   It should be made to query the generic SSL layer instead. */
 static int https_getsock(struct connectdata *conn,
@@ -1501,7 +1529,7 @@ static CURLcode expect100(struct SessionHandle *data,
    /* if not doing HTTP 1.0 or disabled explicitly, we add a Expect:
       100-continue to the headers which actually speeds up post operations
       (as there is one packet coming back from the web server) */
-    ptr = Curl_checkheaders(data, "Expect:");
+    ptr = Curl_checkheaders(conn, "Expect:");
    if(ptr) {
      data->state.expect100header =
        Curl_compareheader(ptr, "Expect:", "100-continue");
@@ -1516,11 +1544,53 @@ static CURLcode expect100(struct SessionHandle *data,
  return result;
 }

+enum proxy_use {
+  HEADER_SERVER,  /* direct to server */
+  HEADER_PROXY,   /* regular request to proxy */
+  HEADER_CONNECT  /* sending CONNECT to a proxy */
+};
+
 CURLcode Curl_add_custom_headers(struct connectdata *conn,
+                                 bool is_connect,
                                 Curl_send_buffer *req_buffer)
 {
  char *ptr;
-  struct curl_slist *headers=conn->data->set.headers;
+  struct curl_slist *h[2];
+  struct curl_slist *headers;
+  int numlists=1; /* by default */
+  struct SessionHandle *data = conn->data;
+  int i;
+
+  enum proxy_use proxy;
+
+  if(is_connect)
+    proxy = HEADER_CONNECT;
+  else
+    proxy = conn->bits.httpproxy && !conn->bits.tunnel_proxy?
+      HEADER_PROXY:HEADER_SERVER;
+
+  switch(proxy) {
+  case HEADER_SERVER:
+    h[0] = data->set.headers;
+    break;
+  case HEADER_PROXY:
+    h[0] = data->set.headers;
+    if(data->set.sep_headers) {
+      h[1] = data->set.proxyheaders;
+      numlists++;
+    }
+    break;
+  case HEADER_CONNECT:
+    if(data->set.sep_headers)
+      h[0] = data->set.proxyheaders;
+    else
+      h[0] = data->set.headers;
+    break;
+  }
+
+  /* loop through one or two lists */
+  for(i=0; i < numlists; i++) {
+    headers = h[i];

    while(headers) {
      ptr = strchr(headers->data, ':');
@@ -1539,7 +1609,7 @@ CURLcode Curl_add_custom_headers(struct connectdata *conn,
                header as that will produce *two* in the same request! */
             checkprefix("Host:", headers->data))
            ;
-        else if(conn->data->set.httpreq == HTTPREQ_POST_FORM &&
+          else if(data->set.httpreq == HTTPREQ_POST_FORM &&
                  /* this header (extended by formdata.c) is sent later */
                  checkprefix("Content-Type:", headers->data))
            ;
@@ -1588,6 +1658,7 @@ CURLcode Curl_add_custom_headers(struct connectdata *conn,
      }
      headers = headers->next;
    }
+  }
  return CURLE_OK;
 }

@@ -1673,10 +1744,12 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
     the rest of the request in the PERFORM phase. */
  *done = TRUE;

+  if(conn->httpversion < 20) { /* unless the connection is re-used and already
+                                  http2 */
    switch (conn->negnpn) {
-    case NPN_HTTP2_DRAFT09:
-      infof(data, "http, we have to use HTTP-draft-09/2\n");
+    case NPN_HTTP2:
      Curl_http2_init(conn);
+      Curl_http2_setup(conn);
      Curl_http2_switched(conn);
      break;
    case NPN_HTTP1_1:
@@ -1686,6 +1759,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
      /* and as fallback */
      break;
    }
+  }
+  else
+    /* prepare for a http2 request */
+    Curl_http2_setup(conn);

  http = data->req.protop;

@@ -1701,7 +1778,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
  }
  http->writebytecount = http->readbytecount = 0;

-  if((conn->handler->protocol&(CURLPROTO_HTTP|CURLPROTO_FTP)) &&
+  if((conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_FTP)) &&
     data->set.upload) {
    httpreq = HTTPREQ_PUT;
  }
@@ -1737,7 +1814,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
     it might have been used in the proxy connect, but if we have got a header
     with the user-agent string specified, we erase the previously made string
     here. */
-  if(Curl_checkheaders(data, "User-Agent:") && conn->allocptr.uagent) {
+  if(Curl_checkheaders(conn, "User-Agent:") && conn->allocptr.uagent) {
    free(conn->allocptr.uagent);
    conn->allocptr.uagent=NULL;
  }
@@ -1758,7 +1835,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
    conn->bits.authneg = FALSE;

  Curl_safefree(conn->allocptr.ref);
-  if(data->change.referer && !Curl_checkheaders(data, "Referer:")) {
+  if(data->change.referer && !Curl_checkheaders(conn, "Referer:")) {
    conn->allocptr.ref = aprintf("Referer: %s\r\n", data->change.referer);
    if(!conn->allocptr.ref)
      return CURLE_OUT_OF_MEMORY;
@@ -1766,10 +1843,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
  else
    conn->allocptr.ref = NULL;

-  if(data->set.str[STRING_COOKIE] && !Curl_checkheaders(data, "Cookie:"))
+  if(data->set.str[STRING_COOKIE] && !Curl_checkheaders(conn, "Cookie:"))
    addcookies = data->set.str[STRING_COOKIE];

-  if(!Curl_checkheaders(data, "Accept-Encoding:") &&
+  if(!Curl_checkheaders(conn, "Accept-Encoding:") &&
     data->set.str[STRING_ENCODING]) {
    Curl_safefree(conn->allocptr.accept_encoding);
    conn->allocptr.accept_encoding =
@@ -1781,13 +1858,14 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
 #ifdef HAVE_LIBZ
  /* we only consider transfer-encoding magic if libz support is built-in */

-  if(!Curl_checkheaders(data, "TE:") && data->set.http_transfer_encoding) {
+  if(!Curl_checkheaders(conn, "TE:") &&
+     data->set.http_transfer_encoding) {
    /* When we are to insert a TE: header in the request, we must also insert
       TE in a Connection: header, so we need to merge the custom provided
       Connection: header and prevent the original to get sent. Note that if
       the user has inserted his/hers own TE: header we don't do this magic
       but then assume that the user will handle it all! */
-    char *cptr = Curl_checkheaders(data, "Connection:");
+    char *cptr = Curl_checkheaders(conn, "Connection:");
 #define TE_HEADER "TE: gzip\r\n"

    Curl_safefree(conn->allocptr.te);
@@ -1805,16 +1883,16 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
    /* In HTTP2 forbids Transfer-Encoding: chunked */
    ptr = NULL;
  else {
-    ptr = Curl_checkheaders(data, "Transfer-Encoding:");
+    ptr = Curl_checkheaders(conn, "Transfer-Encoding:");
    if(ptr) {
      /* Some kind of TE is requested, check if 'chunked' is chosen */
      data->req.upload_chunky =
        Curl_compareheader(ptr, "Transfer-Encoding:", "chunked");
    }
    else {
-      if((conn->handler->protocol&CURLPROTO_HTTP) &&
+      if((conn->handler->protocol&PROTO_FAMILY_HTTP) &&
         data->set.upload &&
-         (data->set.infilesize == -1)) {
+         (data->state.infilesize == -1)) {
        if(conn->bits.authneg)
          /* don't enable chunked during auth neg */
          ;
@@ -1839,7 +1917,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)

  Curl_safefree(conn->allocptr.host);

-  ptr = Curl_checkheaders(data, "Host:");
+  ptr = Curl_checkheaders(conn, "Host:");
  if(ptr && (!data->state.this_is_a_follow ||
             Curl_raw_equal(data->state.first_host, conn->host.name))) {
 #if !defined(CURL_DISABLE_COOKIES)
@@ -1984,13 +2062,13 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
    /* we must build the whole post sequence first, so that we have a size of
       the whole transfer before we start to send it */
    result = Curl_getformdata(data, &http->sendit, data->set.httppost,
-                              Curl_checkheaders(data, "Content-Type:"),
+                              Curl_checkheaders(conn, "Content-Type:"),
                              &http->postsize);
    if(result)
      return result;
  }

-  http->p_accept = Curl_checkheaders(data, "Accept:")?NULL:"Accept: */*\r\n";
+  http->p_accept = Curl_checkheaders(conn, "Accept:")?NULL:"Accept: */*\r\n";

  if(( (HTTPREQ_POST == httpreq) ||
       (HTTPREQ_POST_FORM == httpreq) ||
@@ -2052,10 +2130,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
      }

      /* now, decrease the size of the read */
-      if(data->set.infilesize>0) {
-        data->set.infilesize -= data->state.resume_from;
+      if(data->state.infilesize>0) {
+        data->state.infilesize -= data->state.resume_from;

-        if(data->set.infilesize <= 0) {
+        if(data->state.infilesize <= 0) {
          failf(data, "File already completely uploaded");
          return CURLE_PARTIAL_FILE;
        }
@@ -2070,7 +2148,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
     * ones if any such are specified.
     */
    if(((httpreq == HTTPREQ_GET) || (httpreq == HTTPREQ_HEAD)) &&
-       !Curl_checkheaders(data, "Range:")) {
+       !Curl_checkheaders(conn, "Range:")) {
      /* if a line like this was already allocated, free the previous one */
      if(conn->allocptr.rangeline)
        free(conn->allocptr.rangeline);
@@ -2078,7 +2156,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
                                         data->state.range);
    }
    else if((httpreq != HTTPREQ_GET) &&
-            !Curl_checkheaders(data, "Content-Range:")) {
+            !Curl_checkheaders(conn, "Content-Range:")) {

      /* if a line like this was already allocated, free the previous one */
      if(conn->allocptr.rangeline)
@@ -2091,13 +2169,13 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
        conn->allocptr.rangeline =
          aprintf("Content-Range: bytes 0-%" CURL_FORMAT_CURL_OFF_T
                  "/%" CURL_FORMAT_CURL_OFF_T "\r\n",
-                  data->set.infilesize - 1, data->set.infilesize);
+                  data->state.infilesize - 1, data->state.infilesize);

      }
      else if(data->state.resume_from) {
        /* This is because "resume" was selected */
        curl_off_t total_expected_size=
-          data->state.resume_from + data->set.infilesize;
+          data->state.resume_from + data->state.infilesize;
        conn->allocptr.rangeline =
          aprintf("Content-Range: bytes %s%" CURL_FORMAT_CURL_OFF_T
                  "/%" CURL_FORMAT_CURL_OFF_T "\r\n",
@@ -2109,7 +2187,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
           append total size */
        conn->allocptr.rangeline =
          aprintf("Content-Range: bytes %s/%" CURL_FORMAT_CURL_OFF_T "\r\n",
-                  data->state.range, data->set.infilesize);
+                  data->state.range, data->state.infilesize);
      }
      if(!conn->allocptr.rangeline)
        return CURLE_OUT_OF_MEMORY;
@@ -2180,7 +2258,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
                     conn->allocptr.ref:"" /* Referer: <data> */,
                     (conn->bits.httpproxy &&
                      !conn->bits.tunnel_proxy &&
-                      !Curl_checkheaders(data, "Proxy-Connection:"))?
+                      !Curl_checkProxyheaders(conn, "Proxy-Connection:"))?
                     "Proxy-Connection: Keep-Alive\r\n":"",
                     te
      );
@@ -2265,7 +2343,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
      return result;
  }

-  result = Curl_add_custom_headers(conn, req_buffer);
+  result = Curl_add_custom_headers(conn, FALSE, req_buffer);
  if(result)
    return result;

@@ -2315,7 +2393,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
    http->sending = HTTPSEND_BODY;

    if(!data->req.upload_chunky &&
-       !Curl_checkheaders(data, "Content-Length:")) {
+       !Curl_checkheaders(conn, "Content-Length:")) {
      /* only add Content-Length if not uploading chunked */
      result = Curl_add_bufferf(req_buffer,
                                "Content-Length: %" CURL_FORMAT_CURL_OFF_T
@@ -2384,10 +2462,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
    if(conn->bits.authneg)
      postsize = 0;
    else
-      postsize = data->set.infilesize;
+      postsize = data->state.infilesize;

    if((postsize != -1) && !data->req.upload_chunky &&
-       !Curl_checkheaders(data, "Content-Length:")) {
+       !Curl_checkheaders(conn, "Content-Length:")) {
      /* only add Content-Length if not uploading chunked */
      result = Curl_add_bufferf(req_buffer,
                                "Content-Length: %" CURL_FORMAT_CURL_OFF_T
@@ -2396,9 +2474,11 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
        return result;
    }

+    if(postsize != 0) {
      result = expect100(data, conn, req_buffer);
      if(result)
        return result;
+    }

    result = Curl_add_buffer(req_buffer, "\r\n", 2); /* end of headers */
    if(result)
@@ -2437,7 +2517,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
       we don't upload data chunked, as RFC2616 forbids us to set both
       kinds of headers (Transfer-Encoding: chunked and Content-Length) */
    if((postsize != -1) && !data->req.upload_chunky &&
-       !Curl_checkheaders(data, "Content-Length:")) {
+       !Curl_checkheaders(conn, "Content-Length:")) {
      /* we allow replacing this header if not during auth negotiation,
         although it isn't very wise to actually set your own */
      result = Curl_add_bufferf(req_buffer,
@@ -2447,7 +2527,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
        return result;
    }

-    if(!Curl_checkheaders(data, "Content-Type:")) {
+    if(!Curl_checkheaders(conn, "Content-Type:")) {
      result = Curl_add_bufferf(req_buffer,
                                "Content-Type: application/"
                                "x-www-form-urlencoded\r\n");
@@ -2459,7 +2539,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
       the somewhat bigger ones we allow the app to disable it. Just make
       sure that the expect100header is always set to the preferred value
       here. */
-    ptr = Curl_checkheaders(data, "Expect:");
+    ptr = Curl_checkheaders(conn, "Expect:");
    if(ptr) {
      data->state.expect100header =
        Curl_compareheader(ptr, "Expect:", "100-continue");
@@ -2926,7 +3006,7 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data,
        k->header = FALSE; /* no more header to parse! */

        if((k->size == -1) && !k->chunk && !conn->bits.close &&
-           (conn->httpversion >= 11) &&
+           (conn->httpversion == 11) &&
           !(conn->handler->protocol & CURLPROTO_RTSP) &&
           data->set.httpreq != HTTPREQ_HEAD) {
          /* On HTTP 1.1, when connection is not to get closed, but no
@@ -3117,7 +3197,7 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data,
 #define HEADER1 k->p /* no conversion needed, just use k->p */
 #endif /* CURL_DOES_CONVERSIONS */

-      if(conn->handler->protocol & CURLPROTO_HTTP) {
+      if(conn->handler->protocol & PROTO_FAMILY_HTTP) {
        nc = sscanf(HEADER1,
                    " HTTP/%d.%d %3d",
                    &httpversion_major,
--- a/lib/http.h
+++ b/lib/http.h
@@ -39,9 +39,13 @@ extern const struct Curl_handler Curl_handler_https;
 bool Curl_compareheader(const char *headerline,  /* line to check */
                        const char *header,   /* header keyword _with_ colon */
                        const char *content); /* content string to find */
-char *Curl_checkheaders(struct SessionHandle *data, const char *thisheader);
+
+char *Curl_checkheaders(const struct connectdata *conn,
+                        const char *thisheader);
 char *Curl_copy_header_value(const char *header);

+char *Curl_checkProxyheaders(const struct connectdata *conn,
+                             const char *thisheader);
 /* ------------------------------------------------------------------------- */
 /*
 * The add_buffer series of functions are used to build one large memory chunk
@@ -67,6 +71,7 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer *in,
 CURLcode Curl_add_timecondition(struct SessionHandle *data,
                                Curl_send_buffer *buf);
 CURLcode Curl_add_custom_headers(struct connectdata *conn,
+                                 bool is_connect,
                                 Curl_send_buffer *req_buffer);

 /* protocol-specific functions set up to be called by the main engine */
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -103,8 +103,8 @@ static CURLcode http2_disconnect(struct connectdata *conn,
 const struct Curl_handler Curl_handler_http2 = {
  "HTTP2",                              /* scheme */
  ZERO_NULL,                            /* setup_connection */
-  ZERO_NULL,                            /* do_it */
-  ZERO_NULL     ,                       /* done */
+  Curl_http,                            /* do_it */
+  ZERO_NULL,                            /* done */
  ZERO_NULL,                            /* do_more */
  ZERO_NULL,                            /* connect_it */
  ZERO_NULL,                            /* connecting */
@@ -123,8 +123,8 @@ const struct Curl_handler Curl_handler_http2 = {
 const struct Curl_handler Curl_handler_http2_ssl = {
  "HTTP2",                              /* scheme */
  ZERO_NULL,                            /* setup_connection */
-  ZERO_NULL,                            /* do_it */
-  ZERO_NULL     ,                       /* done */
+  Curl_http,                            /* do_it */
+  ZERO_NULL,                            /* done */
  ZERO_NULL,                            /* do_more */
  ZERO_NULL,                            /* connect_it */
  ZERO_NULL,                            /* connecting */
@@ -136,7 +136,7 @@ const struct Curl_handler Curl_handler_http2_ssl = {
  http2_disconnect,                     /* disconnect */
  ZERO_NULL,                            /* readwrite */
  PORT_HTTP,                            /* defport */
-  CURLPROTO_HTTP | CURLPROTO_HTTPS,     /* protocol */
+  CURLPROTO_HTTPS,                      /* protocol */
  PROTOPT_SSL                           /* flags */
 };

@@ -270,15 +270,9 @@ static int before_frame_send(nghttp2_session *session,
                             void *userp)
 {
  struct connectdata *conn = (struct connectdata *)userp;
-  struct http_conn *c = &conn->proto.httpc;
  (void)session;
  (void)frame;
  infof(conn->data, "before_frame_send() was called\n");
-  if(frame->hd.type == NGHTTP2_HEADERS &&
-     frame->headers.cat == NGHTTP2_HCAT_REQUEST) {
-    /* Get stream ID of our request */
-    c->stream_id = frame->hd.stream_id;
-  }
  return 0;
 }
 static int on_frame_send(nghttp2_session *session,
@@ -351,12 +345,14 @@ static const char STATUS[] = ":status";
 static int on_header(nghttp2_session *session, const nghttp2_frame *frame,
                     const uint8_t *name, size_t namelen,
                     const uint8_t *value, size_t valuelen,
+                     uint8_t flags,
                     void *userp)
 {
  struct connectdata *conn = (struct connectdata *)userp;
  struct http_conn *c = &conn->proto.httpc;
  (void)session;
  (void)frame;
+  (void)flags;

  if(frame->hd.stream_id != c->stream_id) {
    return 0;
@@ -404,7 +400,7 @@ static const nghttp2_session_callbacks callbacks = {
 static ssize_t data_source_read_callback(nghttp2_session *session,
                                         int32_t stream_id,
                                         uint8_t *buf, size_t length,
-                                         int *eof,
+                                         uint32_t *data_flags,
                                         nghttp2_data_source *source,
                                         void *userp)
 {
@@ -413,7 +409,6 @@ static ssize_t data_source_read_callback(nghttp2_session *session,
  size_t nread;
  (void)session;
  (void)stream_id;
-  (void)eof;
  (void)source;

  nread = c->upload_len < length ? c->upload_len : length;
@@ -425,7 +420,7 @@ static ssize_t data_source_read_callback(nghttp2_session *session,
  }

  if(c->upload_left == 0)
-    *eof = 1;
+    *data_flags = 1;
  else if(nread == 0)
    return NGHTTP2_ERR_DEFERRED;

@@ -512,7 +507,7 @@ CURLcode Curl_http2_request_upgrade(Curl_send_buffer *req,
                            "Connection: Upgrade, HTTP2-Settings\r\n"
                            "Upgrade: %s\r\n"
                            "HTTP2-Settings: %s\r\n",
-                            NGHTTP2_PROTO_VERSION_ID, base64);
+                            NGHTTP2_CLEARTEXT_PROTO_VERSION_ID, base64);
  Curl_safefree(base64);

  k->upgr101 = UPGR101_REQUESTED;
@@ -620,12 +615,6 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex,
  return -1;
 }

-#define MAKE_NV(k, v)                                           \
-  { (uint8_t*)k, (uint8_t*)v, sizeof(k) - 1, sizeof(v) - 1 }
-
-#define MAKE_NV2(k, v, vlen)                            \
-  { (uint8_t*)k, (uint8_t*)v, sizeof(k) - 1, vlen }
-
 /* return number of received (decrypted) bytes */
 static ssize_t http2_send(struct connectdata *conn, int sockindex,
                          const void *mem, size_t len, CURLcode *err)
@@ -643,6 +632,8 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
  char *hdbuf = (char*)mem;
  char *end;
  nghttp2_data_provider data_prd;
+  int32_t stream_id;
+
  (void)sockindex;

  infof(conn->data, "http2_send len=%zu\n", len);
@@ -685,6 +676,7 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
  nva[0].namelen = (uint16_t)strlen((char *)nva[0].name);
  nva[0].value = (unsigned char *)hdbuf;
  nva[0].valuelen = (uint16_t)(end - hdbuf);
+  nva[0].flags = NGHTTP2_NV_FLAG_NONE;

  hdbuf = end + 1;

@@ -693,6 +685,7 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
  nva[1].namelen = (uint16_t)strlen((char *)nva[1].name);
  nva[1].value = (unsigned char *)hdbuf;
  nva[1].valuelen = (uint16_t)(end - hdbuf);
+  nva[1].flags = NGHTTP2_NV_FLAG_NONE;

  nva[2].name = (unsigned char *)":scheme";
  nva[2].namelen = (uint16_t)strlen((char *)nva[2].name);
@@ -701,6 +694,7 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
  else
    nva[2].value = (unsigned char *)"http";
  nva[2].valuelen = (uint16_t)strlen((char *)nva[2].value);
+  nva[2].flags = NGHTTP2_NV_FLAG_NONE;

  hdbuf = strchr(hdbuf, 0x0a);
  ++hdbuf;
@@ -722,6 +716,7 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
    assert(end);
    nva[i].value = (unsigned char *)hdbuf;
    nva[i].valuelen = (uint16_t)(end - hdbuf);
+    nva[i].flags = NGHTTP2_NV_FLAG_NONE;

    hdbuf = end + 2;
    /* Inspect Content-Length header field and retrieve the request
@@ -744,19 +739,23 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
  case HTTPREQ_PUT:
    data_prd.read_callback = data_source_read_callback;
    data_prd.source.ptr = NULL;
-    rv = nghttp2_submit_request(httpc->h2, 0, nva, nheader, &data_prd, NULL);
+    stream_id = nghttp2_submit_request(httpc->h2, NULL, nva, nheader,
+                                       &data_prd, NULL);
    break;
  default:
-    rv = nghttp2_submit_request(httpc->h2, 0, nva, nheader, NULL, NULL);
+    stream_id = nghttp2_submit_request(httpc->h2, NULL, nva, nheader,
+                                       NULL, NULL);
  }

  Curl_safefree(nva);

-  if(rv != 0) {
+  if(stream_id < 0) {
    *err = CURLE_SEND_ERROR;
    return -1;
  }

+  httpc->stream_id = stream_id;
+
  rv = nghttp2_session_send(httpc->h2);

  if(rv != 0) {
@@ -779,24 +778,15 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
  return len;
 }

-int Curl_http2_switched(struct connectdata *conn)
+void Curl_http2_setup(struct connectdata *conn)
 {
-  int rv;
-  CURLcode rc;
  struct http_conn *httpc = &conn->proto.httpc;
-  /* we are switched! */
-  /* Don't know this is needed here at this moment. Original
-     handler->flags is still useful. */
  if(conn->handler->flags & PROTOPT_SSL)
    conn->handler = &Curl_handler_http2_ssl;
  else
    conn->handler = &Curl_handler_http2;

-  httpc->recv_underlying = (recving)conn->recv[FIRSTSOCKET];
-  httpc->send_underlying = (sending)conn->send[FIRSTSOCKET];
-  conn->recv[FIRSTSOCKET] = http2_recv;
-  conn->send[FIRSTSOCKET] = http2_send;
-  infof(conn->data, "We have switched to HTTP2\n");
+  infof(conn->data, "Using HTTP2\n");
  httpc->bodystarted = FALSE;
  httpc->closed = FALSE;
  httpc->header_recvbuf = Curl_add_buffer_init();
@@ -806,17 +796,30 @@ int Curl_http2_switched(struct connectdata *conn)
  httpc->upload_left = 0;
  httpc->upload_mem = NULL;
  httpc->upload_len = 0;
+  httpc->stream_id = -1;

  conn->httpversion = 20;

  /* Put place holder for status line */
  Curl_add_buffer(httpc->header_recvbuf, "HTTP/2.0 200\r\n", 14);
+}

+int Curl_http2_switched(struct connectdata *conn)
+{
  /* TODO: May get CURLE_AGAIN */
+  CURLcode rc;
+  struct http_conn *httpc = &conn->proto.httpc;
+  int rv;
+
+  httpc->recv_underlying = (recving)conn->recv[FIRSTSOCKET];
+  httpc->send_underlying = (sending)conn->send[FIRSTSOCKET];
+  conn->recv[FIRSTSOCKET] = http2_recv;
+  conn->send[FIRSTSOCKET] = http2_send;
+
  rv = (int) ((Curl_send*)httpc->send_underlying)
    (conn, FIRSTSOCKET,
-     NGHTTP2_CLIENT_CONNECTION_HEADER,
-     NGHTTP2_CLIENT_CONNECTION_HEADER_LEN,
+     NGHTTP2_CLIENT_CONNECTION_PREFACE,
+     NGHTTP2_CLIENT_CONNECTION_PREFACE_LEN,
     &rc);
  assert(rv == 24);
  if(conn->data->req.upgr101 == UPGR101_RECEIVED) {
--- a/lib/http2.h
+++ b/lib/http2.h
@@ -36,12 +36,14 @@ CURLcode Curl_http2_init(struct connectdata *conn);
 CURLcode Curl_http2_send_request(struct connectdata *conn);
 CURLcode Curl_http2_request_upgrade(Curl_send_buffer *req,
                                    struct connectdata *conn);
+void Curl_http2_setup(struct connectdata *conn);
 int Curl_http2_switched(struct connectdata *conn);
 #else /* USE_NGHTTP2 */
 #define Curl_http2_init(x)
 #define Curl_http2_send_request(x)
 #define Curl_http2_request_upgrade(x,y) CURLE_OK
 #define Curl_http2_switched(x)
+#define Curl_http2_setup(x)
 #endif

 #endif /* HEADER_CURL_HTTP2_H */
--- a/lib/http_negotiate_sspi.c
+++ b/lib/http_negotiate_sspi.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -24,7 +24,7 @@

 #ifdef USE_WINDOWS_SSPI

-#ifndef CURL_DISABLE_HTTP
+#if !defined(CURL_DISABLE_HTTP) && defined(USE_HTTP_NEGOTIATE)

 #include "urldata.h"
 #include "sendf.h"
@@ -300,6 +300,6 @@ void Curl_cleanup_negotiate(struct SessionHandle *data)
  cleanup(&data->state.proxyneg);
 }

+#endif /* !CURL_DISABLE_HTTP && USE_HTTP_NEGOTIATE */

-#endif
-#endif
+#endif /* USE_WINDOWS_SSPI */
--- a/lib/http_proxy.c
+++ b/lib/http_proxy.c
@@ -165,7 +165,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
          return CURLE_OUT_OF_MEMORY;
        }

-        if(!Curl_checkheaders(data, "Host:")) {
+        if(!Curl_checkProxyheaders(conn, "Host:")) {
          host = aprintf("Host: %s\r\n", hostheader);
          if(!host) {
            free(hostheader);
@@ -173,10 +173,10 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
            return CURLE_OUT_OF_MEMORY;
          }
        }
-        if(!Curl_checkheaders(data, "Proxy-Connection:"))
+        if(!Curl_checkProxyheaders(conn, "Proxy-Connection:"))
          proxyconn = "Proxy-Connection: Keep-Alive\r\n";

-        if(!Curl_checkheaders(data, "User-Agent:") &&
+        if(!Curl_checkProxyheaders(conn, "User-Agent:") &&
           data->set.str[STRING_USERAGENT])
          useragent = conn->allocptr.uagent;

@@ -200,7 +200,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
        free(hostheader);

        if(CURLE_OK == result)
-          result = Curl_add_custom_headers(conn, req_buffer);
+          result = Curl_add_custom_headers(conn, TRUE, req_buffer);

        if(CURLE_OK == result)
          /* CRLF terminate the request */
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -131,8 +131,7 @@ const struct Curl_handler Curl_handler_imap = {
  ZERO_NULL,                        /* readwrite */
  PORT_IMAP,                        /* defport */
  CURLPROTO_IMAP,                   /* protocol */
-  PROTOPT_CLOSEACTION | PROTOPT_NEEDSPWD
-  | PROTOPT_NOURLQUERY              /* flags */
+  PROTOPT_CLOSEACTION | PROTOPT_NEEDSPWD  /* flags */
 };

 #ifdef USE_SSL
@@ -156,9 +155,9 @@ const struct Curl_handler Curl_handler_imaps = {
  imap_disconnect,                  /* disconnect */
  ZERO_NULL,                        /* readwrite */
  PORT_IMAPS,                       /* defport */
-  CURLPROTO_IMAP | CURLPROTO_IMAPS, /* protocol */
-  PROTOPT_CLOSEACTION | PROTOPT_SSL | PROTOPT_NEEDSPWD
-  | PROTOPT_NOURLQUERY              /* flags */
+  CURLPROTO_IMAPS,                  /* protocol */
+  PROTOPT_CLOSEACTION | PROTOPT_SSL |
+  PROTOPT_NEEDSPWD                  /* flags */
 };
 #endif

@@ -258,7 +257,7 @@ static bool imap_matchresp(const char *line, size_t len, const char *cmd)
  /* Does the command name match and is it followed by a space character or at
     the end of line? */
  if(line + cmd_len <= end && Curl_raw_nequal(line, cmd, cmd_len) &&
-     (line[cmd_len] == ' ' || line + cmd_len == end))
+     (line[cmd_len] == ' ' || line + cmd_len + 2 == end))
    return TRUE;

  return FALSE;
@@ -332,6 +331,11 @@ static bool imap_endofresp(struct connectdata *conn, char *line, size_t len,
          return FALSE;
        break;

+      case IMAP_SEARCH:
+        if(!imap_matchresp(line, len, "SEARCH"))
+          return FALSE;
+        break;
+
      /* Ignore other untagged responses */
      default:
        return FALSE;
@@ -439,6 +443,7 @@ static void state(struct connectdata *conn, imapstate newstate)
    "FETCH_FINAL",
    "APPEND",
    "APPEND_FINAL",
+    "SEARCH",
    "LOGOUT",
    /* LAST */
  };
@@ -735,6 +740,12 @@ static CURLcode imap_perform_fetch(struct connectdata *conn)
  }

  /* Send the FETCH command */
+  if(imap->partial)
+    result = imap_sendf(conn, "FETCH %s BODY[%s]<%s>",
+                        imap->uid,
+                        imap->section ? imap->section : "",
+                        imap->partial);
+  else
    result = imap_sendf(conn, "FETCH %s BODY[%s]",
                        imap->uid,
                        imap->section ? imap->section : "");
@@ -764,7 +775,7 @@ static CURLcode imap_perform_append(struct connectdata *conn)
  }

  /* Check we know the size of the upload */
-  if(conn->data->set.infilesize < 0) {
+  if(conn->data->state.infilesize < 0) {
    failf(conn->data, "Cannot APPEND with unknown input file size\n");
    return CURLE_UPLOAD_FAILED;
  }
@@ -776,7 +787,7 @@ static CURLcode imap_perform_append(struct connectdata *conn)

  /* Send the APPEND command */
  result = imap_sendf(conn, "APPEND %s (\\Seen) {%" CURL_FORMAT_CURL_OFF_T "}",
-                      mailbox, conn->data->set.infilesize);
+                      mailbox, conn->data->state.infilesize);

  Curl_safefree(mailbox);

@@ -786,6 +797,32 @@ static CURLcode imap_perform_append(struct connectdata *conn)
  return result;
 }

+/***********************************************************************
+ *
+ * imap_perform_search()
+ *
+ * Sends a SEARCH command.
+ */
+static CURLcode imap_perform_search(struct connectdata *conn)
+{
+  CURLcode result = CURLE_OK;
+  struct IMAP *imap = conn->data->req.protop;
+
+  /* Check we have a query string */
+  if(!imap->query) {
+    failf(conn->data, "Cannot SEARCH without a query string.");
+    return CURLE_URL_MALFORMAT;
+  }
+
+  /* Send the SEARCH command */
+  result = imap_sendf(conn, "SEARCH %s", imap->query);
+
+  if(!result)
+    state(conn, IMAP_SEARCH);
+
+  return result;
+}
+
 /***********************************************************************
 *
 * imap_perform_logout()
@@ -1110,10 +1147,6 @@ static CURLcode imap_state_auth_digest_resp(struct connectdata *conn,
  char *rplyb64 = NULL;
  size_t len = 0;

-  char nonce[64];
-  char realm[128];
-  char algorithm[64];
-
  (void)instate; /* no use for this yet */

  if(imapcode != '+') {
@@ -1124,30 +1157,26 @@ static CURLcode imap_state_auth_digest_resp(struct connectdata *conn,
  /* Get the challenge message */
  imap_get_message(data->state.buffer, &chlg64);

-  /* Decode the challange message */
-  result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce),
-                                               realm, sizeof(realm),
-                                               algorithm, sizeof(algorithm));
-  if(result || strcmp(algorithm, "md5-sess") != 0) {
+  /* Create the response message */
+  result = Curl_sasl_create_digest_md5_message(data, chlg64,
+                                               conn->user, conn->passwd,
+                                               "imap", &rplyb64, &len);
+  if(result) {
+    if(result == CURLE_BAD_CONTENT_ENCODING) {
      /* Send the cancellation */
      result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*");

      if(!result)
        state(conn, IMAP_AUTHENTICATE_CANCEL);
    }
+  }
  else {
-    /* Create the response message */
-    result = Curl_sasl_create_digest_md5_message(data, nonce, realm,
-                                                 conn->user, conn->passwd,
-                                                 "imap", &rplyb64, &len);
-    if(!result && rplyb64) {
    /* Send the response */
    result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64);

    if(!result)
      state(conn, IMAP_AUTHENTICATE_DIGESTMD5_RESP);
  }
-  }

  Curl_safefree(rplyb64);

@@ -1448,6 +1477,8 @@ static CURLcode imap_state_select_resp(struct connectdata *conn, int imapcode,

      if(imap->custom)
        result = imap_perform_list(conn);
+      else if(imap->query)
+        result = imap_perform_search(conn);
      else
        result = imap_perform_fetch(conn);
    }
@@ -1587,7 +1618,7 @@ static CURLcode imap_state_append_resp(struct connectdata *conn, int imapcode,
  }
  else {
    /* Set the progress upload size */
-    Curl_pgrsSetUploadSize(data, data->set.infilesize);
+    Curl_pgrsSetUploadSize(data, data->state.infilesize);

    /* IMAP upload */
    Curl_setup_transfer(conn, -1, -1, FALSE, NULL, FIRSTSOCKET, NULL);
@@ -1617,6 +1648,31 @@ static CURLcode imap_state_append_final_resp(struct connectdata *conn,
  return result;
 }

+/* For SEARCH responses */
+static CURLcode imap_state_search_resp(struct connectdata *conn, int imapcode,
+                                       imapstate instate)
+{
+  CURLcode result = CURLE_OK;
+  char *line = conn->data->state.buffer;
+  size_t len = strlen(line);
+
+  (void)instate; /* No use for this yet */
+
+  if(imapcode == '*') {
+    /* Temporarily add the LF character back and send as body to the client */
+    line[len] = '\n';
+    result = Curl_client_write(conn, CLIENTWRITE_BODY, line, len + 1);
+    line[len] = '\0';
+  }
+  else if(imapcode != 'O')
+    result = CURLE_QUOTE_ERROR; /* TODO: Fix error code */
+  else
+    /* End of DO phase */
+    state(conn, IMAP_STOP);
+
+  return result;
+}
+
 static CURLcode imap_statemach_act(struct connectdata *conn)
 {
  CURLcode result = CURLE_OK;
@@ -1739,6 +1795,10 @@ static CURLcode imap_statemach_act(struct connectdata *conn)
      result = imap_state_append_final_resp(conn, imapcode, imapc->state);
      break;

+    case IMAP_SEARCH:
+      result = imap_state_search_resp(conn, imapcode, imapc->state);
+      break;
+
    case IMAP_LOGOUT:
      /* fallthrough, just stop! */
    default:
@@ -1909,6 +1969,8 @@ static CURLcode imap_done(struct connectdata *conn, CURLcode status,
  Curl_safefree(imap->uidvalidity);
  Curl_safefree(imap->uid);
  Curl_safefree(imap->section);
+  Curl_safefree(imap->partial);
+  Curl_safefree(imap->query);
  Curl_safefree(imap->custom);
  Curl_safefree(imap->custom_params);

@@ -1962,7 +2024,11 @@ static CURLcode imap_perform(struct connectdata *conn, bool *connected,
  else if(!imap->custom && selected && imap->uid)
    /* FETCH from the same mailbox */
    result = imap_perform_fetch(conn);
-  else if(imap->mailbox && !selected && (imap->custom || imap->uid))
+  else if(!imap->custom && selected && imap->query)
+    /* SEARCH the current mailbox */
+    result = imap_perform_search(conn);
+  else if(imap->mailbox && !selected &&
+         (imap->custom || imap->uid || imap->query))
    /* SELECT the mailbox */
    result = imap_perform_select(conn);
  else
@@ -2447,8 +2513,8 @@ static CURLcode imap_parse_url_path(struct connectdata *conn)

    DEBUGF(infof(conn->data, "IMAP URL parameter '%s' = '%s'\n", name, value));

-    /* Process the known hierarchical parameters (UIDVALIDITY, UID and SECTION)
-       stripping of the trailing slash character if it is present.
+    /* Process the known hierarchical parameters (UIDVALIDITY, UID, SECTION and
+       PARTIAL) stripping of the trailing slash character if it is present.

       Note: Unknown parameters trigger a URL_MALFORMAT error. */
    if(Curl_raw_equal(name, "UIDVALIDITY") && !imap->uidvalidity) {
@@ -2472,6 +2538,13 @@ static CURLcode imap_parse_url_path(struct connectdata *conn)
      imap->section = value;
      value = NULL;
    }
+    else if(Curl_raw_equal(name, "PARTIAL") && !imap->partial) {
+      if(valuelen > 0 && value[valuelen - 1] == '/')
+        value[valuelen - 1] = '\0';
+
+      imap->partial = value;
+      value = NULL;
+    }
    else {
      Curl_safefree(name);
      Curl_safefree(value);
@@ -2483,6 +2556,21 @@ static CURLcode imap_parse_url_path(struct connectdata *conn)
    Curl_safefree(value);
  }

+  /* Does the URL contain a query parameter? Only valid when we have a mailbox
+     and no UID as per RFC-5092 */
+  if(imap->mailbox && !imap->uid && *ptr == '?') {
+    /* Find the length of the query parameter */
+    begin = ++ptr;
+    while(imap_is_bchar(*ptr))
+      ptr++;
+
+    /* Decode the query parameter */
+    result = Curl_urldecode(data, begin, ptr - begin, &imap->query, NULL,
+                            TRUE);
+    if(result)
+      return result;
+  }
+
  /* Any extra stuff at the end of the URL is an error */
  if(*ptr)
    return CURLE_URL_MALFORMAT;
--- a/lib/imap.h
+++ b/lib/imap.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 2009 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2009 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -53,6 +53,7 @@ typedef enum {
  IMAP_FETCH_FINAL,
  IMAP_APPEND,
  IMAP_APPEND_FINAL,
+  IMAP_SEARCH,
  IMAP_LOGOUT,
  IMAP_LAST          /* never used */
 } imapstate;
@@ -67,6 +68,8 @@ struct IMAP {
  char *uidvalidity;      /* UIDVALIDITY to check in select */
  char *uid;              /* Message UID to fetch */
  char *section;          /* Message SECTION to fetch */
+  char *partial;          /* Message PARTIAL to fetch */
+  char *query;            /* Query to search for */
  char *custom;           /* Custom request */
  char *custom_params;    /* Parameters for the custom request */
 };
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -5,7 +5,7 @@
 *                | (__| |_| |  _ <| |___
 *                 \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -159,7 +159,7 @@ const struct Curl_handler Curl_handler_ldaps = {
  ZERO_NULL,                            /* disconnect */
  ZERO_NULL,                            /* readwrite */
  PORT_LDAPS,                           /* defport */
-  CURLPROTO_LDAP | CURLPROTO_LDAPS,     /* protocol */
+  CURLPROTO_LDAPS,                      /* protocol */
  PROTOPT_SSL                           /* flags */
 };
 #endif
--- a/lib/md5.c
+++ b/lib/md5.c
@@ -147,7 +147,7 @@ static void MD5_Update(MD5_CTX *ctx,

 static void MD5_Final(unsigned char digest[16], MD5_CTX *ctx)
 {
-  unsigned long length;
+  unsigned long length = 0;
  CryptGetHashParam(ctx->hHash, HP_HASHVAL, NULL, &length, 0);
  if(length == 16)
    CryptGetHashParam(ctx->hHash, HP_HASHVAL, digest, &length, 0);
--- a/lib/mk-ca-bundle.pl
+++ b/lib/mk-ca-bundle.pl
@@ -34,7 +34,9 @@ use Getopt::Std;
 use MIME::Base64;
 use LWP::UserAgent;
 use strict;
-use vars qw($opt_b $opt_d $opt_f $opt_h $opt_i $opt_l $opt_n $opt_q $opt_t $opt_u $opt_v $opt_w);
+use vars qw($opt_b $opt_d $opt_f $opt_h $opt_i $opt_l $opt_n $opt_p $opt_q $opt_s $opt_t $opt_u $opt_v $opt_w);
+use List::Util;
+use Text::Wrap;

 my %urls = (
  'nss' =>
@@ -56,13 +58,53 @@ $opt_d = 'release';
 # If the OpenSSL commandline is not in search path you can configure it here!
 my $openssl = 'openssl';

-my $version = '1.20';
+my $version = '1.21';

 $opt_w = 76; # default base64 encoded lines length

+# default cert types to include in the output (default is to include CAs which may issue SSL server certs)
+my $default_mozilla_trust_purposes = "SERVER_AUTH";
+my $default_mozilla_trust_levels = "TRUSTED_DELEGATOR";
+$opt_p = $default_mozilla_trust_purposes . ":" . $default_mozilla_trust_levels;
+
+my @valid_mozilla_trust_purposes = (
+  "DIGITAL_SIGNATURE",
+  "NON_REPUDIATION",
+  "KEY_ENCIPHERMENT",
+  "DATA_ENCIPHERMENT",
+  "KEY_AGREEMENT",
+  "KEY_CERT_SIGN",
+  "CRL_SIGN",
+  "SERVER_AUTH",
+  "CLIENT_AUTH",
+  "CODE_SIGNING",
+  "EMAIL_PROTECTION",
+  "IPSEC_END_SYSTEM",
+  "IPSEC_TUNNEL",
+  "IPSEC_USER",
+  "TIME_STAMPING",
+  "STEP_UP_APPROVED"
+);
+
+my @valid_mozilla_trust_levels = (
+  "TRUSTED_DELEGATOR",    # CAs
+  "NOT_TRUSTED",          # Don't trust these certs.
+  "MUST_VERIFY_TRUST",    # This explicitly tells us that it ISN'T a CA but is otherwise ok. In other words, this should tell the app to ignore any other sources that claim this is a CA.
+  "TRUSTED"               # This cert is trusted, but only for itself and not for delegates (i.e. it is not a CA).
+);
+
+my $default_signature_algorithms = $opt_s = "MD5";
+
+my @valid_signature_algorithms = (
+  "MD5",
+  "SHA1",
+  "SHA256",
+  "SHA512"  
+);
+
 $0 =~ s@.*(/|\\)@@;
 $Getopt::Std::STANDARD_HELP_VERSION = 1;
-getopts('bd:fhilnqtuvw:');
+getopts('bd:fhilnp:qs:tuvw:');

 if(!defined($opt_d)) {
    # to make plain "-d" use not cause warnings, and actually still work
@@ -102,7 +144,7 @@ sub WARNING_MESSAGE() {
 }

 sub HELP_MESSAGE() {
-  print "Usage:\t${0} [-b] [-d<certdata>] [-f] [-i] [-l] [-n] [-q] [-t] [-u] [-v] [-w<l>] [<outputfile>]\n";
+  print "Usage:\t${0} [-b] [-d<certdata>] [-f] [-i] [-l] [-n] [-p<purposes:levels>] [-q] [-s<algorithms>] [-t] [-u] [-v] [-w<l>] [<outputfile>]\n";
  print "\t-b\tbackup an existing version of ca-bundle.crt\n";
  print "\t-d\tspecify Mozilla tree to pull certdata.txt or custom URL\n";
  print "\t\t  Valid names are:\n";
@@ -111,7 +153,15 @@ sub HELP_MESSAGE() {
  print "\t-i\tprint version info about used modules\n";
  print "\t-l\tprint license info about certdata.txt\n";
  print "\t-n\tno download of certdata.txt (to use existing)\n";
+  print wrap("\t","\t\t", "-p\tlist of Mozilla trust purposes and levels for certificates to include in output. Takes the form of a comma separated list of purposes, a colon, and a comma separated list of levels. (default: $default_mozilla_trust_purposes:$default_mozilla_trust_levels)"), "\n";
+  print "\t\t  Valid purposes are:\n";
+  print wrap("\t\t    ","\t\t    ", join( ", ", "ALL", @valid_mozilla_trust_purposes ) ), "\n";
+  print "\t\t  Valid levels are:\n";
+  print wrap("\t\t    ","\t\t    ", join( ", ", "ALL", @valid_mozilla_trust_levels ) ), "\n";
  print "\t-q\tbe really quiet (no progress output at all)\n";
+  print wrap("\t","\t\t", "-s\tcomma separated list of certificate signatures/hashes to output in plain text mode. (default: $default_signature_algorithms)\n");
+  print "\t\t  Valid signature algorithms are:\n";
+  print wrap("\t\t    ","\t\t    ", join( ", ", "ALL", @valid_signature_algorithms ) ), "\n";
  print "\t-t\tinclude plain text listing of certificates\n";
  print "\t-u\tunlink (remove) certdata.txt after processing\n";
  print "\t-v\tbe verbose and print out processed CAs\n";
@@ -126,6 +176,61 @@ sub VERSION_MESSAGE() {
 WARNING_MESSAGE() unless ($opt_q || $url =~ m/^(ht|f)tps:/i );
 HELP_MESSAGE() if ($opt_h);

+sub IS_IN_LIST($@) {
+  my $target = shift;
+
+  return defined(List::Util::first { $target eq $_ } @_);
+}
+
+# Parses $param_string as a case insensitive comma separated list with optional whitespace
+# validates that only allowed parameters are supplied
+sub PARSE_CSV_PARAM($$@) {
+  my $description = shift;
+  my $param_string = shift;
+  my @valid_values = @_;
+
+  my @values = map {
+    s/^\s+//;  # strip leading spaces
+    s/\s+$//;  # strip trailing spaces
+    uc $_      # return the modified string as upper case
+  } split( ',', $param_string );
+
+  # Find all values which are not in the list of valid values or "ALL"
+  my @invalid = grep { !IS_IN_LIST($_,"ALL",@valid_values) } @values;
+
+  if ( scalar(@invalid) > 0 ) {
+    # Tell the user which parameters were invalid and print the standard help message which will exit
+    print "Error: Invalid ", $description, scalar(@invalid) == 1 ? ": " : "s: ", join( ", ", map { "\"$_\"" } @invalid ), "\n";
+    HELP_MESSAGE();
+  }
+  
+  @values = @valid_values if ( IS_IN_LIST("ALL",@values) );
+  
+  return @values;
+}
+
+if ( $opt_p !~ m/:/ ) {
+  print "Error: Mozilla trust identifier list must include both purposes and levels\n";
+  HELP_MESSAGE();
+}
+
+(my $included_mozilla_trust_purposes_string, my $included_mozilla_trust_levels_string) = split( ':', $opt_p );
+my @included_mozilla_trust_purposes = PARSE_CSV_PARAM( "trust purpose", $included_mozilla_trust_purposes_string, @valid_mozilla_trust_purposes );
+my @included_mozilla_trust_levels = PARSE_CSV_PARAM( "trust level", $included_mozilla_trust_levels_string, @valid_mozilla_trust_levels );
+
+my @included_signature_algorithms = PARSE_CSV_PARAM( "signature algorithm", $opt_s, @valid_signature_algorithms );
+
+sub SHOULD_OUTPUT_CERT(%) {
+  my %trust_purposes_by_level = @_;
+  
+  foreach my $level (@included_mozilla_trust_levels) {
+    # for each level we want to output, see if any of our desired purposes are included
+    return 1 if ( defined( List::Util::first { IS_IN_LIST( $_, @included_mozilla_trust_purposes ) } @{$trust_purposes_by_level{$level}} ) );
+  }
+  
+  return 0;
+}
+
 my $crt = $ARGV[0] || 'ca-bundle.crt';
 (my $txt = $url) =~ s@(.*/|\?.*)@@g;

@@ -209,7 +314,7 @@ while (<TXT>) {
  if ($start_of_cert && /^CKA_LABEL UTF8 \"(.*)\"/) {
    $caname = $1;
  }
-  my $untrusted = 1;
+  my %trust_purposes_by_level;
  if ($start_of_cert && /^CKA_VALUE MULTILINE_OCTAL/) {
    my $data;
    while (<TXT>) {
@@ -226,14 +331,21 @@ while (<TXT>) {
      last if (/^CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST/);
      chomp;
    }
-    # now scan the trust part for untrusted certs
+    # now scan the trust part to determine how we should trust this cert
    while (<TXT>) {
      last if (/^#/);
-      if (/^CKA_TRUST_SERVER_AUTH\s+CK_TRUST\s+CKT_NSS_TRUSTED_DELEGATOR$/) {
-          $untrusted = 0;
+      if (/^CKA_TRUST_([A-Z_]+)\s+CK_TRUST\s+CKT_NSS_([A-Z_]+)\s*$/) {
+        if ( !IS_IN_LIST($1,@valid_mozilla_trust_purposes) ) {
+          print STDERR "Warning: Unrecognized trust purpose for cert: $caname. Trust purpose: $1. Trust Level: $2\n" if (!$opt_q);
+        } elsif ( !IS_IN_LIST($2,@valid_mozilla_trust_levels) ) {
+          print STDERR "Warning: Unrecognized trust level for cert: $caname. Trust purpose: $1. Trust Level: $2\n" if (!$opt_q);
+        } else {
+          push @{$trust_purposes_by_level{$2}}, $1;
        }
      }
-    if ($untrusted) {
+    }
+
+    if ( !SHOULD_OUTPUT_CERT(%trust_purposes_by_level) ) {
      $skipnum ++;
    } else {
      my $encoded = MIME::Base64::encode_base64($data, '');
@@ -242,11 +354,34 @@ while (<TXT>) {
              . $encoded
              . "-----END CERTIFICATE-----\n";
      print CRT "\n$caname\n";
-      print CRT ("=" x length($caname) . "\n");
+
+      my $maxStringLength = length($caname);
+      if ($opt_t) {
+        foreach my $key (keys %trust_purposes_by_level) {
+           my $string = $key . ": " . join(", ", @{$trust_purposes_by_level{$key}});
+           $maxStringLength = List::Util::max( length($string), $maxStringLength );
+           print CRT $string . "\n";
+        }
+      }
+      print CRT ("=" x $maxStringLength . "\n");
      if (!$opt_t) {
        print CRT $pem;
      } else {
-        my $pipe = "|$openssl x509 -md5 -fingerprint -text -inform PEM";
+        my $pipe = "";
+        foreach my $hash (@included_signature_algorithms) {
+          $pipe = "|$openssl x509 -" . $hash . " -fingerprint -noout -inform PEM";
+          if (!$stdout) {
+            $pipe .= " >> $crt.~";
+            close(CRT) or die "Couldn't close $crt.~: $!";
+          }
+          open(TMP, $pipe) or die "Couldn't open openssl pipe: $!";
+          print TMP $pem;
+          close(TMP) or die "Couldn't close openssl pipe: $!";
+          if (!$stdout) {
+            open(CRT, ">>$crt.~") or die "Couldn't open $crt.~: $!";
+          }
+        }
+        $pipe = "|$openssl x509 -text -inform PEM";
        if (!$stdout) {
          $pipe .= " >> $crt.~";
          close(CRT) or die "Couldn't close $crt.~: $!";
@@ -279,7 +414,7 @@ unless( $stdout ) {
    rename "$crt.~", $crt or die "Failed to rename $crt.~ to $crt: $!\n";
 }
 unlink $txt if ($opt_u);
-print STDERR "Done ($certnum CA certs processed, $skipnum untrusted skipped).\n" if (!$opt_q);
+print STDERR "Done ($certnum CA certs processed, $skipnum skipped).\n" if (!$opt_q);

 exit;

--- a/lib/mprintf.c
+++ b/lib/mprintf.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1999 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1999 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -804,11 +804,11 @@ static int dprintf_formatf(
            len = 0;
          }
        }
+        else if(prec != -1)
+          len = (size_t)prec;
        else
          len = strlen(str);

-        if(prec != -1 && (size_t) prec < len)
-          len = (size_t)prec;
        width -= (long)len;

        if(p->flags & FLAGS_ALT)
@@ -818,7 +818,7 @@ static int dprintf_formatf(
          while(width-- > 0)
            OUTCHAR(' ');

-        while(len-- > 0)
+        while((len-- > 0) && *str)
          OUTCHAR(*str++);
        if(p->flags&FLAGS_LEFT)
          while(width-- > 0)
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -404,6 +404,8 @@ CURLMcode curl_multi_add_handle(CURLM *multi_handle,
  /* Point to the multi's connection cache */
  data->state.conn_cache = multi->conn_cache;

+  data->state.infilesize = data->set.filesize;
+
  /* This adds the new entry at the 'end' of the doubly-linked circular
     list of SessionHandle structs to try and maintain a FIFO queue so
     the pipelined requests are in order. */
@@ -828,7 +830,7 @@ CURLMcode curl_multi_wait(CURLM *multi_handle,
  curlfds = nfds; /* number of internal file descriptors */
  nfds += extra_nfds; /* add the externally provided ones */

-  if(nfds) {
+  if(nfds || extra_nfds) {
    ufds = malloc(nfds * sizeof(struct pollfd));
    if(!ufds)
      return CURLM_OUT_OF_MEMORY;
@@ -1024,7 +1026,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
      if(CURLE_OK == data->result) {
        /* after init, go CONNECT */
        multistate(data, CURLM_STATE_CONNECT);
-        Curl_pgrsTime(data, TIMER_STARTSINGLE);
+        Curl_pgrsTime(data, TIMER_STARTOP);
        result = CURLM_CALL_MULTI_PERFORM;
      }
      break;
@@ -1036,6 +1038,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,

    case CURLM_STATE_CONNECT:
      /* Connect. We want to get a connection identifier filled in. */
+      Curl_pgrsTime(data, TIMER_STARTSINGLE);
      data->result = Curl_connect(data, &data->easy_conn,
                                  &async, &protocol_connect);
      if(CURLE_NO_CONNECTION_AVAILABLE == data->result) {
@@ -1804,10 +1807,13 @@ static void close_all_connections(struct Curl_multi *multi)

  conn = Curl_conncache_find_first_connection(multi->conn_cache);
  while(conn) {
+    SIGPIPE_VARIABLE(pipe_st);
    conn->data = multi->closure_handle;

+    sigpipe_ignore(conn->data, &pipe_st);
    /* This will remove the connection from the cache */
    (void)Curl_disconnect(conn, FALSE);
+    sigpipe_restore(&pipe_st);

    conn = Curl_conncache_find_first_connection(multi->conn_cache);
  }
--- a/lib/netrc.c
+++ b/lib/netrc.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -61,7 +61,7 @@ int Curl_parsenetrc(const char *host,
 {
  FILE *file;
  int retcode=1;
-  int specific_login = (**loginp != 0);
+  int specific_login = (*loginp && **loginp != 0);
  bool netrc_alloc = FALSE;
  enum host_lookup_state state=NOTHING;

@@ -113,7 +113,7 @@ int Curl_parsenetrc(const char *host,
      tok=strtok_r(netrcbuffer, " \t\n", &tok_buf);
      while(!done && tok) {

-        if(**loginp && **passwordp) {
+        if((*loginp && **loginp) && (*passwordp && **passwordp)) {
          done=TRUE;
          break;
        }
--- a/lib/parsedate.c
+++ b/lib/parsedate.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -353,9 +353,11 @@ static int parsedate(const char *date, time_t *output)
      /* a name coming up */
      char buf[32]="";
      size_t len;
-      sscanf(date, "%31[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz]",
-             buf);
+      if(sscanf(date, "%31[ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+                          "abcdefghijklmnopqrstuvwxyz]", buf))
        len = strlen(buf);
+      else
+        len = 0;

      if(wdaynum == -1) {
        wdaynum = checkday(buf, len);
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -156,7 +156,7 @@ const struct Curl_handler Curl_handler_pop3s = {
  pop3_disconnect,                  /* disconnect */
  ZERO_NULL,                        /* readwrite */
  PORT_POP3S,                       /* defport */
-  CURLPROTO_POP3 | CURLPROTO_POP3S, /* protocol */
+  CURLPROTO_POP3S,                  /* protocol */
  PROTOPT_CLOSEACTION | PROTOPT_SSL
  | PROTOPT_NOURLQUERY              /* flags */
 };
@@ -978,10 +978,6 @@ static CURLcode pop3_state_auth_digest_resp(struct connectdata *conn,
  char *rplyb64 = NULL;
  size_t len = 0;

-  char nonce[64];
-  char realm[128];
-  char algorithm[64];
-
  (void)instate; /* no use for this yet */

  if(pop3code != '+') {
@@ -992,30 +988,26 @@ static CURLcode pop3_state_auth_digest_resp(struct connectdata *conn,
  /* Get the challenge message */
  pop3_get_message(data->state.buffer, &chlg64);

-  /* Decode the challange message */
-  result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce),
-                                               realm, sizeof(realm),
-                                               algorithm, sizeof(algorithm));
-  if(result || strcmp(algorithm, "md5-sess") != 0) {
+  /* Create the response message */
+  result = Curl_sasl_create_digest_md5_message(data, chlg64,
+                                               conn->user, conn->passwd,
+                                               "pop", &rplyb64, &len);
+  if(result) {
+    if(result == CURLE_BAD_CONTENT_ENCODING) {
      /* Send the cancellation */
      result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*");

      if(!result)
        state(conn, POP3_AUTH_CANCEL);
    }
+  }
  else {
-    /* Create the response message */
-    result = Curl_sasl_create_digest_md5_message(data, nonce, realm,
-                                                 conn->user, conn->passwd,
-                                                 "pop", &rplyb64, &len);
-    if(!result && rplyb64) {
    /* Send the response */
    result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64);

    if(!result)
      state(conn, POP3_AUTH_DIGESTMD5_RESP);
  }
-  }

  Curl_safefree(rplyb64);

--- a/lib/progress.c
+++ b/lib/progress.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -172,8 +172,12 @@ void Curl_pgrsTime(struct SessionHandle *data, timerid timer)
  case TIMER_NONE:
    /* mistake filter */
    break;
+  case TIMER_STARTOP:
+    /* This is set at the start of a transfer */
+    data->progress.t_startop = now;
+    break;
  case TIMER_STARTSINGLE:
-    /* This is set at the start of a single fetch */
+    /* This is set at the start of each single fetch */
    data->progress.t_startsingle = now;
    break;

--- a/lib/progress.h
+++ b/lib/progress.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -27,13 +27,14 @@

 typedef enum {
  TIMER_NONE,
+  TIMER_STARTOP,
+  TIMER_STARTSINGLE,
  TIMER_NAMELOOKUP,
  TIMER_CONNECT,
  TIMER_APPCONNECT,
  TIMER_PRETRANSFER,
  TIMER_STARTTRANSFER,
  TIMER_POSTRANSFER,
-  TIMER_STARTSINGLE,
  TIMER_STARTACCEPT,
  TIMER_REDIRECT,
  TIMER_LAST /* must be last */
--- a/lib/rtsp.c
+++ b/lib/rtsp.c
@@ -341,7 +341,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
  }

  /* Transport Header for SETUP requests */
-  p_transport = Curl_checkheaders(data, "Transport:");
+  p_transport = Curl_checkheaders(conn, "Transport:");
  if(rtspreq == RTSPREQ_SETUP && !p_transport) {
    /* New Transport: setting? */
    if(data->set.str[STRING_RTSP_TRANSPORT]) {
@@ -365,11 +365,11 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
  /* Accept Headers for DESCRIBE requests */
  if(rtspreq == RTSPREQ_DESCRIBE) {
    /* Accept Header */
-    p_accept = Curl_checkheaders(data, "Accept:")?
+    p_accept = Curl_checkheaders(conn, "Accept:")?
      NULL:"Accept: application/sdp\r\n";

    /* Accept-Encoding header */
-    if(!Curl_checkheaders(data, "Accept-Encoding:") &&
+    if(!Curl_checkheaders(conn, "Accept-Encoding:") &&
       data->set.str[STRING_ENCODING]) {
      Curl_safefree(conn->allocptr.accept_encoding);
      conn->allocptr.accept_encoding =
@@ -386,18 +386,18 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
     it might have been used in the proxy connect, but if we have got a header
     with the user-agent string specified, we erase the previously made string
     here. */
-  if(Curl_checkheaders(data, "User-Agent:") && conn->allocptr.uagent) {
+  if(Curl_checkheaders(conn, "User-Agent:") && conn->allocptr.uagent) {
    Curl_safefree(conn->allocptr.uagent);
    conn->allocptr.uagent = NULL;
  }
-  else if(!Curl_checkheaders(data, "User-Agent:") &&
+  else if(!Curl_checkheaders(conn, "User-Agent:") &&
          data->set.str[STRING_USERAGENT]) {
    p_uagent = conn->allocptr.uagent;
  }

  /* Referrer */
  Curl_safefree(conn->allocptr.ref);
-  if(data->change.referer && !Curl_checkheaders(data, "Referer:"))
+  if(data->change.referer && !Curl_checkheaders(conn, "Referer:"))
    conn->allocptr.ref = aprintf("Referer: %s\r\n", data->change.referer);
  else
    conn->allocptr.ref = NULL;
@@ -414,7 +414,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
     (rtspreq  & (RTSPREQ_PLAY | RTSPREQ_PAUSE | RTSPREQ_RECORD))) {

    /* Check to see if there is a range set in the custom headers */
-    if(!Curl_checkheaders(data, "Range:") && data->state.range) {
+    if(!Curl_checkheaders(conn, "Range:") && data->state.range) {
      Curl_safefree(conn->allocptr.rangeline);
      conn->allocptr.rangeline = aprintf("Range: %s\r\n", data->state.range);
      p_range = conn->allocptr.rangeline;
@@ -424,11 +424,11 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
  /*
   * Sanity check the custom headers
   */
-  if(Curl_checkheaders(data, "CSeq:")) {
+  if(Curl_checkheaders(conn, "CSeq:")) {
    failf(data, "CSeq cannot be set as a custom header.");
    return CURLE_RTSP_CSEQ_ERROR;
  }
-  if(Curl_checkheaders(data, "Session:")) {
+  if(Curl_checkheaders(conn, "Session:")) {
    failf(data, "Session ID cannot be set as a custom header.");
    return CURLE_BAD_FUNCTION_ARGUMENT;
  }
@@ -484,7 +484,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
      return result;
  }

-  result = Curl_add_custom_headers(conn, req_buffer);
+  result = Curl_add_custom_headers(conn, FALSE, req_buffer);
  if(result)
    return result;

@@ -493,7 +493,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
     rtspreq == RTSPREQ_GET_PARAMETER) {

    if(data->set.upload) {
-      putsize = data->set.infilesize;
+      putsize = data->state.infilesize;
      data->set.httpreq = HTTPREQ_PUT;

    }
@@ -507,7 +507,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
    if(putsize > 0 || postsize > 0) {
      /* As stated in the http comments, it is probably not wise to
       * actually set a custom Content-Length in the headers */
-      if(!Curl_checkheaders(data, "Content-Length:")) {
+      if(!Curl_checkheaders(conn, "Content-Length:")) {
        result = Curl_add_bufferf(req_buffer,
            "Content-Length: %" CURL_FORMAT_CURL_OFF_T"\r\n",
            (data->set.upload ? putsize : postsize));
@@ -517,7 +517,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)

      if(rtspreq == RTSPREQ_SET_PARAMETER ||
         rtspreq == RTSPREQ_GET_PARAMETER) {
-        if(!Curl_checkheaders(data, "Content-Type:")) {
+        if(!Curl_checkheaders(conn, "Content-Type:")) {
          result = Curl_add_bufferf(req_buffer,
              "Content-Type: text/parameters\r\n");
          if(result)
@@ -526,7 +526,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
      }

      if(rtspreq == RTSPREQ_ANNOUNCE) {
-        if(!Curl_checkheaders(data, "Content-Type:")) {
+        if(!Curl_checkheaders(conn, "Content-Type:")) {
          result = Curl_add_bufferf(req_buffer,
              "Content-Type: application/sdp\r\n");
          if(result)
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -422,7 +422,7 @@ CURLcode Curl_client_write(struct connectdata *conn,
  }

  if(type & CLIENTWRITE_BODY) {
-    if((conn->handler->protocol&CURLPROTO_FTP) &&
+    if((conn->handler->protocol&PROTO_FAMILY_FTP) &&
       conn->proto.ftpc.transfertype == 'A') {
      /* convert from the network encoding */
      CURLcode rc = Curl_convert_from_network(data, ptr, len);
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -155,7 +155,7 @@ const struct Curl_handler Curl_handler_smtps = {
  smtp_disconnect,                  /* disconnect */
  ZERO_NULL,                        /* readwrite */
  PORT_SMTPS,                       /* defport */
-  CURLPROTO_SMTP | CURLPROTO_SMTPS, /* protocol */
+  CURLPROTO_SMTPS,                  /* protocol */
  PROTOPT_CLOSEACTION | PROTOPT_SSL
  | PROTOPT_NOURLQUERY              /* flags */
 };
@@ -353,6 +353,7 @@ static CURLcode smtp_perform_ehlo(struct connectdata *conn)
  smtpc->authused = 0;            /* Clear the authentication mechanism used
                                     for esmtp connections */
  smtpc->tls_supported = FALSE;   /* Clear the TLS capability */
+  smtpc->auth_supported = FALSE;  /* Clear the AUTH capability */

  /* Send the EHLO command */
  result = Curl_pp_sendf(&smtpc->pp, "EHLO %s", smtpc->domain);
@@ -475,15 +476,16 @@ static CURLcode smtp_perform_auth(struct connectdata *conn,
 static CURLcode smtp_perform_authentication(struct connectdata *conn)
 {
  CURLcode result = CURLE_OK;
+  struct smtp_conn *smtpc = &conn->proto.smtpc;
  const char *mech = NULL;
  char *initresp = NULL;
  size_t len = 0;
  smtpstate state1 = SMTP_STOP;
  smtpstate state2 = SMTP_STOP;

-  /* Check we have a username and password to authenticate with and end the
-     connect phase if we don't */
-  if(!conn->bits.user_passwd) {
+  /* Check we have a username and password to authenticate with, and the
+     server supports authentiation, and end the connect phase if not */
+  if(!conn->bits.user_passwd || !smtpc->auth_supported) {
    state(conn, SMTP_STOP);

    return result;
@@ -581,8 +583,8 @@ static CURLcode smtp_perform_mail(struct connectdata *conn)
  }

  /* Calculate the optional SIZE parameter */
-  if(conn->proto.smtpc.size_supported && conn->data->set.infilesize > 0) {
-    size = aprintf("%" CURL_FORMAT_CURL_OFF_T, data->set.infilesize);
+  if(conn->proto.smtpc.size_supported && conn->data->state.infilesize > 0) {
+    size = aprintf("%" CURL_FORMAT_CURL_OFF_T, data->state.infilesize);

    if(!size) {
      Curl_safefree(from);
@@ -719,8 +721,7 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode,
  (void)instate; /* no use for this yet */

  if(smtpcode/100 != 2 && smtpcode != 1) {
-    if((data->set.use_ssl <= CURLUSESSL_TRY || conn->ssl[FIRSTSOCKET].use) &&
-     !conn->bits.user_passwd)
+    if(data->set.use_ssl <= CURLUSESSL_TRY || conn->ssl[FIRSTSOCKET].use)
      result = smtp_perform_helo(conn);
    else {
      failf(data, "Remote access denied: %d", smtpcode);
@@ -739,8 +740,11 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode,
    else if(len >= 4 && !memcmp(line, "SIZE", 4))
      smtpc->size_supported = TRUE;

-    /* Do we have the authentication mechanism list? */
+    /* Does the server support authentication? */
    else if(len >= 5 && !memcmp(line, "AUTH ", 5)) {
+      smtpc->auth_supported = TRUE;
+
+      /* Advance past the AUTH keyword */
      line += 5;
      len -= 5;

@@ -992,10 +996,6 @@ static CURLcode smtp_state_auth_digest_resp(struct connectdata *conn,
  char *rplyb64 = NULL;
  size_t len = 0;

-  char nonce[64];
-  char realm[128];
-  char algorithm[64];
-
  (void)instate; /* no use for this yet */

  if(smtpcode != 334) {
@@ -1006,30 +1006,26 @@ static CURLcode smtp_state_auth_digest_resp(struct connectdata *conn,
  /* Get the challenge message */
  smtp_get_message(data->state.buffer, &chlg64);

-  /* Decode the challange message */
-  result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce),
-                                               realm, sizeof(realm),
-                                               algorithm, sizeof(algorithm));
-  if(result || strcmp(algorithm, "md5-sess") != 0) {
+  /* Create the response message */
+  result = Curl_sasl_create_digest_md5_message(data, chlg64,
+                                               conn->user, conn->passwd,
+                                               "smtp", &rplyb64, &len);
+  if(result) {
+    if(result == CURLE_BAD_CONTENT_ENCODING) {
      /* Send the cancellation */
      result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*");

      if(!result)
        state(conn, SMTP_AUTH_CANCEL);
    }
+  }
  else {
-    /* Create the response message */
-    result = Curl_sasl_create_digest_md5_message(data, nonce, realm,
-                                                 conn->user, conn->passwd,
-                                                 "smtp", &rplyb64, &len);
-    if(!result && rplyb64) {
    /* Send the response */
    result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", rplyb64);

    if(!result)
      state(conn, SMTP_AUTH_DIGESTMD5_RESP);
  }
-  }

  Curl_safefree(rplyb64);

@@ -1360,7 +1356,7 @@ static CURLcode smtp_state_data_resp(struct connectdata *conn, int smtpcode,
  }
  else {
    /* Set the progress upload size */
-    Curl_pgrsSetUploadSize(data, data->set.infilesize);
+    Curl_pgrsSetUploadSize(data, data->state.infilesize);

    /* SMTP upload */
    Curl_setup_transfer(conn, -1, -1, FALSE, NULL, FIRSTSOCKET, NULL);
@@ -1663,7 +1659,7 @@ static CURLcode smtp_done(struct connectdata *conn, CURLcode status,
       is "no mail data". RFC-5321, sect. 4.1.1.4. */
    eob = SMTP_EOB;
    len = SMTP_EOB_LEN;
-    if(smtp->trailing_crlf || !conn->data->set.infilesize) {
+    if(smtp->trailing_crlf || !conn->data->state.infilesize) {
      eob += 2;
      len -= 2;
    }
--- a/lib/smtp.h
+++ b/lib/smtp.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 2009 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2009 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -82,6 +82,7 @@ struct smtp_conn {
  bool tls_supported;      /* StartTLS capability supported by server */
  bool size_supported;     /* If server supports SIZE extension according to
                              RFC 1870 */
+  bool auth_supported;     /* AUTH capability supported by server */
 };

 extern const struct Curl_handler Curl_handler_smtp;
--- a/lib/socks_sspi.c
+++ b/lib/socks_sspi.c
@@ -194,6 +194,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
      Curl_safefree(service_name);
      s_pSecFn->FreeCredentialsHandle(&cred_handle);
      s_pSecFn->DeleteSecurityContext(&sspi_context);
+      if(sspi_recv_token.pvBuffer)
        s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
      failf(data, "Failed to initialise security context.");
      return CURLE_COULDNT_CONNECT;
@@ -209,7 +210,9 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
      if((code != CURLE_OK) || (4 != written)) {
        failf(data, "Failed to send SSPI authentication request.");
        Curl_safefree(service_name);
+        if(sspi_send_token.pvBuffer)
          s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
+        if(sspi_recv_token.pvBuffer)
          s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
        s_pSecFn->FreeCredentialsHandle(&cred_handle);
        s_pSecFn->DeleteSecurityContext(&sspi_context);
@@ -221,7 +224,9 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
      if((code != CURLE_OK) || (sspi_send_token.cbBuffer != (size_t)written)) {
        failf(data, "Failed to send SSPI authentication token.");
        Curl_safefree(service_name);
+        if(sspi_send_token.pvBuffer)
          s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
+        if(sspi_recv_token.pvBuffer)
          s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
        s_pSecFn->FreeCredentialsHandle(&cred_handle);
        s_pSecFn->DeleteSecurityContext(&sspi_context);
@@ -230,12 +235,18 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,

    }

+    if(sspi_send_token.pvBuffer) {
      s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
      sspi_send_token.pvBuffer = NULL;
+    }
    sspi_send_token.cbBuffer = 0;
+
+    if(sspi_recv_token.pvBuffer) {
      s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
      sspi_recv_token.pvBuffer = NULL;
+    }
    sspi_recv_token.cbBuffer = 0;
+
    if(status != SEC_I_CONTINUE_NEEDED)
      break;

@@ -295,6 +306,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
    if(result != CURLE_OK || actualread != us_length) {
      failf(data, "Failed to receive SSPI authentication token.");
      Curl_safefree(service_name);
+      if(sspi_recv_token.pvBuffer)
        s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
      s_pSecFn->FreeCredentialsHandle(&cred_handle);
      s_pSecFn->DeleteSecurityContext(&sspi_context);
@@ -459,6 +471,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
  code = Curl_write_plain(conn, sock, (char *)socksreq, 4, &written);
  if((code != CURLE_OK) || (4 != written)) {
    failf(data, "Failed to send SSPI encryption request.");
+    if(sspi_send_token.pvBuffer)
      s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
    s_pSecFn->DeleteSecurityContext(&sspi_context);
    return CURLE_COULDNT_CONNECT;
@@ -478,10 +491,12 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
                            sspi_send_token.cbBuffer, &written);
    if((code != CURLE_OK) || (sspi_send_token.cbBuffer != (size_t)written)) {
      failf(data, "Failed to send SSPI encryption type.");
+      if(sspi_send_token.pvBuffer)
        s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
      s_pSecFn->DeleteSecurityContext(&sspi_context);
      return CURLE_COULDNT_CONNECT;
    }
+    if(sspi_send_token.pvBuffer)
      s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
  }

@@ -541,7 +556,9 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
                                      &qop);

    if(check_sspi_err(conn, status, "DecryptMessage")) {
+      if(sspi_w_token[0].pvBuffer)
        s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
+      if(sspi_w_token[1].pvBuffer)
        s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
      s_pSecFn->DeleteSecurityContext(&sspi_context);
      failf(data, "Failed to query security context attributes.");
@@ -551,7 +568,9 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
    if(sspi_w_token[1].cbBuffer != 1) {
      failf(data, "Invalid SSPI encryption response length (%lu).",
            (unsigned long)sspi_w_token[1].cbBuffer);
+      if(sspi_w_token[0].pvBuffer)
        s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
+      if(sspi_w_token[1].pvBuffer)
        s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
      s_pSecFn->DeleteSecurityContext(&sspi_context);
      return CURLE_COULDNT_CONNECT;
--- a/lib/splay.c
+++ b/lib/splay.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1997 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1997 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -101,7 +101,7 @@ struct Curl_tree *Curl_splayinsert(struct timeval i,
                                   struct Curl_tree *t,
                                   struct Curl_tree *node)
 {
-  static struct timeval KEY_NOTUSED = {-1,-1}; /* will *NEVER* appear */
+  static const struct timeval KEY_NOTUSED = {-1,-1}; /* will *NEVER* appear */

  if(node == NULL)
    return t;
@@ -223,7 +223,7 @@ int Curl_splayremovebyaddr(struct Curl_tree *t,
                           struct Curl_tree *removenode,
                           struct Curl_tree **newroot)
 {
-  static struct timeval KEY_NOTUSED = {-1,-1}; /* will *NEVER* appear */
+  static const struct timeval KEY_NOTUSED = {-1,-1}; /* will *NEVER* appear */
  struct Curl_tree *x;

  if(!t || !removenode)
--- a/lib/ssh.c
+++ b/lib/ssh.c
@@ -1717,17 +1717,17 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block)
        }

        /* now, decrease the size of the read */
-        if(data->set.infilesize > 0) {
-          data->set.infilesize -= data->state.resume_from;
-          data->req.size = data->set.infilesize;
-          Curl_pgrsSetUploadSize(data, data->set.infilesize);
+        if(data->state.infilesize > 0) {
+          data->state.infilesize -= data->state.resume_from;
+          data->req.size = data->state.infilesize;
+          Curl_pgrsSetUploadSize(data, data->state.infilesize);
        }

        SFTP_SEEK(sshc->sftp_handle, data->state.resume_from);
      }
-      if(data->set.infilesize > 0) {
-        data->req.size = data->set.infilesize;
-        Curl_pgrsSetUploadSize(data, data->set.infilesize);
+      if(data->state.infilesize > 0) {
+        data->req.size = data->state.infilesize;
+        Curl_pgrsSetUploadSize(data, data->state.infilesize);
      }
      /* upload data */
      Curl_setup_transfer(conn, -1, -1, FALSE, NULL, FIRSTSOCKET, NULL);
@@ -2256,7 +2256,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block)
      }

      if(data->set.upload) {
-        if(data->set.infilesize < 0) {
+        if(data->state.infilesize < 0) {
          failf(data, "SCP requires a known file size for upload");
          sshc->actualcode = CURLE_UPLOAD_FAILED;
          state(conn, SSH_SCP_CHANNEL_FREE);
@@ -2278,7 +2278,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block)
       */
      sshc->ssh_channel =
        SCP_SEND(sshc->ssh_session, sftp_scp->path, data->set.new_file_perms,
-                 data->set.infilesize);
+                 data->state.infilesize);
      if(!sshc->ssh_channel) {
        if(libssh2_session_last_errno(sshc->ssh_session) ==
           LIBSSH2_ERROR_EAGAIN) {
--- a/lib/strerror.c
+++ b/lib/strerror.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 2004 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2004 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -679,7 +679,7 @@ const char *Curl_strerror(struct connectdata *conn, int err)
 #elif defined(HAVE_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)
 /*
  * The vxworks-style strerror_r() does use the buffer we pass to the function.
-  * The buffer size should be at least MAXERRSTR_SIZE (150) defined in rtsold.h
+  * The buffer size should be at least NAME_MAX (256)
  */
  {
    char buffer[256];
--- a/lib/telnet.c
+++ b/lib/telnet.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -822,8 +822,8 @@ static CURLcode check_telnet_options(struct connectdata *conn)
 {
  struct curl_slist *head;
  struct curl_slist *beg;
-  char option_keyword[128];
-  char option_arg[256];
+  char option_keyword[128] = "";
+  char option_arg[256] = "";
  struct SessionHandle *data = conn->data;
  struct TELNET *tn = (struct TELNET *)conn->data->req.protop;
  CURLcode result = CURLE_OK;
@@ -932,8 +932,8 @@ static void suboption(struct connectdata *conn)
  size_t len;
  size_t tmplen;
  int err;
-  char varname[128];
-  char varval[128];
+  char varname[128] = "";
+  char varval[128] = "";
  struct SessionHandle *data = conn->data;
  struct TELNET *tn = (struct TELNET *)data->req.protop;

@@ -973,13 +973,14 @@ static void suboption(struct connectdata *conn)
        tmplen = (strlen(v->data) + 1);
        /* Add the variable only if it fits */
        if(len + tmplen < (int)sizeof(temp)-6) {
-          sscanf(v->data, "%127[^,],%127s", varname, varval);
+          if(sscanf(v->data, "%127[^,],%127s", varname, varval)) {
            snprintf((char *)&temp[len], sizeof(temp) - len,
                     "%c%s%c%s", CURL_NEW_ENV_VAR, varname,
                     CURL_NEW_ENV_VALUE, varval);
            len += tmplen;
          }
        }
+      }
      snprintf((char *)&temp[len], sizeof(temp) - len,
               "%c%c", CURL_IAC, CURL_SE);
      len += 2;
@@ -1491,6 +1492,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool *done)

    case WAIT_OBJECT_0:

+      events.lNetworkEvents = 0;
      if(SOCKET_ERROR == enum_netevents_func(sockfd, event_handle, &events)) {
        if((err = SOCKERRNO) != EINPROGRESS) {
          infof(data,"WSAEnumNetworkEvents failed (%d)", err);
--- a/lib/tftp.c
+++ b/lib/tftp.c
@@ -477,8 +477,8 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event)
      setpacketevent(&state->spacket, TFTP_EVENT_WRQ);
      state->conn->data->req.upload_fromhere =
        (char *)state->spacket.data+4;
-      if(data->set.infilesize != -1)
-        Curl_pgrsSetUploadSize(data, data->set.infilesize);
+      if(data->state.infilesize != -1)
+        Curl_pgrsSetUploadSize(data, data->state.infilesize);
    }
    else {
      /* If we are downloading, send an RRQ */
@@ -498,9 +498,9 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event)
    sbytes = 4 + strlen(filename) + strlen(mode);

    /* add tsize option */
-    if(data->set.upload && (data->set.infilesize != -1))
+    if(data->set.upload && (data->state.infilesize != -1))
      snprintf(buf, sizeof(buf), "%" CURL_FORMAT_CURL_OFF_T,
-               data->set.infilesize);
+               data->state.infilesize);
    else
      strcpy(buf, "0"); /* the destination is large enough */

@@ -1320,7 +1320,10 @@ static CURLcode tftp_do(struct connectdata *conn, bool *done)
    if(code)
      return code;
  }
+
  state = (tftp_state_data_t *)conn->proto.tftpc;
+  if(!state)
+    return CURLE_BAD_CALLING_ORDER;

  code = tftp_perform(conn, done);

--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -99,7 +99,7 @@ CURLcode Curl_fillreadbuffer(struct connectdata *conn, int bytes, int *nreadp)
 #ifdef CURL_DOES_CONVERSIONS
  bool sending_http_headers = FALSE;

-  if(conn->handler->protocol&(CURLPROTO_HTTP|CURLPROTO_RTSP)) {
+  if(conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_RTSP)) {
    const struct HTTP *http = data->req.protop;

    if(http->sending == HTTPSEND_REQUEST)
@@ -319,7 +319,7 @@ static int data_pending(const struct connectdata *conn)
       TRUE. The thing is if we read everything, then http2_recv won't
       be called and we cannot signal the HTTP/2 stream has closed. As
       a workaround, we return nonzero here to call http2_recv. */
-    ((conn->handler->protocol&CURLPROTO_HTTP) && conn->httpversion == 20 &&
+    ((conn->handler->protocol&PROTO_FAMILY_HTTP) && conn->httpversion == 20 &&
     conn->proto.httpc.closed);
 #else
    Curl_ssl_data_pending(conn, FIRSTSOCKET);
@@ -527,7 +527,7 @@ static CURLcode readwrite_data(struct SessionHandle *data,
      if(0 == k->bodywrites && !is_empty_data) {
        /* These checks are only made the first time we are about to
           write a piece of the body */
-        if(conn->handler->protocol&(CURLPROTO_HTTP|CURLPROTO_RTSP)) {
+        if(conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_RTSP)) {
          /* HTTP-only checks */

          if(data->req.newurl) {
@@ -723,7 +723,7 @@ static CURLcode readwrite_data(struct SessionHandle *data,
            if(!k->ignorebody) {

 #ifndef CURL_DISABLE_POP3
-              if(conn->handler->protocol&CURLPROTO_POP3)
+              if(conn->handler->protocol&PROTO_FAMILY_POP3)
                result = Curl_pop3_write(conn, k->str, nread);
              else
 #endif /* CURL_DISABLE_POP3 */
@@ -854,7 +854,7 @@ static CURLcode readwrite_upload(struct SessionHandle *data,
          break;
        }

-        if(conn->handler->protocol&(CURLPROTO_HTTP|CURLPROTO_RTSP)) {
+        if(conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_RTSP)) {
          if(http->sending == HTTPSEND_REQUEST)
            /* We're sending the HTTP request headers, not the data.
               Remember that so we don't change the line endings. */
@@ -892,7 +892,7 @@ static CURLcode readwrite_upload(struct SessionHandle *data,
      data->req.upload_present = nread;

 #ifndef CURL_DISABLE_SMTP
-      if(conn->handler->protocol & CURLPROTO_SMTP) {
+      if(conn->handler->protocol & PROTO_FAMILY_SMTP) {
        result = Curl_smtp_escape_eob(conn, nread);
        if(result)
          return result;
@@ -926,7 +926,7 @@ static CURLcode readwrite_upload(struct SessionHandle *data,
            if(!data->set.crlf) {
              /* we're here only because FTP is in ASCII mode...
                 bump infilesize for the LF we just added */
-              data->set.infilesize++;
+              data->state.infilesize++;
            }
          }
          else
@@ -967,7 +967,7 @@ static CURLcode readwrite_upload(struct SessionHandle *data,

    k->writebytecount += bytes_written;

-    if(k->writebytecount == data->set.infilesize) {
+    if(k->writebytecount == data->state.infilesize) {
      /* we have sent all data we were supposed to */
      k->upload_done = TRUE;
      infof(data, "We are completely uploaded and fine\n");
@@ -1873,7 +1873,7 @@ CURLcode Curl_retry_request(struct connectdata *conn,
  /* if we're talking upload, we can't do the checks below, unless the protocol
     is HTTP as when uploading over HTTP we will still get a response */
  if(data->set.upload &&
-     !(conn->handler->protocol&(CURLPROTO_HTTP|CURLPROTO_RTSP)))
+     !(conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_RTSP)))
    return CURLE_OK;

  if(/* workaround for broken TLS servers */ data->state.ssl_connect_retry ||
@@ -1899,7 +1899,7 @@ CURLcode Curl_retry_request(struct connectdata *conn,
                                transferred! */


-    if(conn->handler->protocol&CURLPROTO_HTTP) {
+    if(conn->handler->protocol&PROTO_FAMILY_HTTP) {
      struct HTTP *http = data->req.protop;
      if(http->writebytecount)
        return Curl_readrewind(conn);
@@ -1972,7 +1972,7 @@ Curl_setup_transfer(
         state info where we wait for the 100-return code
      */
      if((data->state.expect100header) &&
-         (conn->handler->protocol&CURLPROTO_HTTP) &&
+         (conn->handler->protocol&PROTO_FAMILY_HTTP) &&
         (http->sending == HTTPSEND_BODY)) {
        /* wait with write until we either got 100-continue or a timeout */
        k->exp100 = EXP100_AWAITING_CONTINUE;
--- a/lib/url.c
+++ b/lib/url.c
@@ -485,7 +485,7 @@ CURLcode Curl_init_userdefined(struct UserDefined *set)
  set->convtonetwork   = ZERO_NULL;
  set->convfromutf8    = ZERO_NULL;

-  set->infilesize = -1;      /* we don't know any size */
+  set->filesize = -1;        /* we don't know the size */
  set->postfieldsize = -1;   /* unknown size */
  set->maxredirs = -1;       /* allow any amount by default */

@@ -1067,6 +1067,28 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
    data->set.headers = va_arg(param, struct curl_slist *);
    break;

+  case CURLOPT_PROXYHEADER:
+    /*
+     * Set a list with proxy headers to use (or replace internals with)
+     *
+     * Since CURLOPT_HTTPHEADER was the only way to set HTTP headers for a
+     * long time we remain doing it this way until CURLOPT_PROXYHEADER is
+     * used. As soon as this option has been used, if set to anything but
+     * NULL, custom headers for proxies are only picked from this list.
+     *
+     * Set this option to NULL to restore the previous behavior.
+     */
+    data->set.proxyheaders = va_arg(param, struct curl_slist *);
+    break;
+
+  case CURLOPT_HEADEROPT:
+    /*
+     * Set header option.
+     */
+    arg = va_arg(param, long);
+    data->set.sep_headers = (arg & CURLHEADER_SEPARATE)? TRUE: FALSE;
+    break;
+
  case CURLOPT_HTTP200ALIASES:
    /*
     * Set a list of aliases for HTTP 200 in response header
@@ -1469,14 +1491,14 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
     * If known, this should inform curl about the file size of the
     * to-be-uploaded file.
     */
-    data->set.infilesize = va_arg(param, long);
+    data->set.filesize = va_arg(param, long);
    break;
  case CURLOPT_INFILESIZE_LARGE:
    /*
     * If known, this should inform curl about the file size of the
     * to-be-uploaded file.
     */
-    data->set.infilesize = va_arg(param, curl_off_t);
+    data->set.filesize = va_arg(param, curl_off_t);
    break;
  case CURLOPT_LOW_SPEED_LIMIT:
    /*
@@ -2681,7 +2703,7 @@ static bool SocketIsDead(curl_socket_t sock)
 static bool IsPipeliningPossible(const struct SessionHandle *handle,
                                 const struct connectdata *conn)
 {
-  if((conn->handler->protocol & CURLPROTO_HTTP) &&
+  if((conn->handler->protocol & PROTO_FAMILY_HTTP) &&
     Curl_multi_pipeline_enabled(handle->multi) &&
     (handle->set.httpreq == HTTPREQ_GET ||
      handle->set.httpreq == HTTPREQ_HEAD) &&
@@ -2905,7 +2927,7 @@ ConnectionExists(struct SessionHandle *data,
  bool canPipeline = IsPipeliningPossible(data, needle);
  bool wantNTLMhttp = ((data->state.authhost.want & CURLAUTH_NTLM) ||
                       (data->state.authhost.want & CURLAUTH_NTLM_WB)) &&
-    (needle->handler->protocol & CURLPROTO_HTTP) ? TRUE : FALSE;
+    (needle->handler->protocol & PROTO_FAMILY_HTTP) ? TRUE : FALSE;
  struct connectbundle *bundle;

  *force_reuse = FALSE;
@@ -3474,6 +3496,8 @@ static bool tld_check_name(struct SessionHandle *data,
 static void fix_hostname(struct SessionHandle *data,
                         struct connectdata *conn, struct hostname *host)
 {
+  size_t len;
+
 #ifndef USE_LIBIDN
  (void)data;
  (void)conn;
@@ -3483,6 +3507,13 @@ static void fix_hostname(struct SessionHandle *data,

  /* set the name we use to display the host name */
  host->dispname = host->name;
+
+  len = strlen(host->name);
+  if(host->name[len-1] == '.')
+    /* strip off a single trailing dot if present, primarily for SNI but
+       there's no use for it */
+    host->name[len-1]=0;
+
  if(!is_ASCII_name(host->name)) {
 #ifdef USE_LIBIDN
  /*************************************************************
@@ -3710,8 +3741,8 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data,
  char *path = data->state.path;
  char *query;
  int rc;
-  char protobuf[16];
-  const char *protop;
+  char protobuf[16] = "";
+  const char *protop = "";
  CURLcode result;
  bool rebuild_url = FALSE;

@@ -3953,23 +3984,56 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data,

  if(conn->host.name[0] == '[') {
    /* This looks like an IPv6 address literal.  See if there is an address
-       scope.  */
-    char *percent = strstr (conn->host.name, "%25");
+       scope if there is no location header */
+    char *percent = strchr(conn->host.name, '%');
    if(percent) {
+      unsigned int identifier_offset = 3;
      char *endp;
-      unsigned long scope = strtoul (percent + 3, &endp, 10);
+      unsigned long scope;
+      if(strncmp("%25", percent, 3) != 0) {
+        infof(data,
+              "Please URL encode %% as %%25, see RFC 6874.\n");
+        identifier_offset = 1;
+      }
+      scope = strtoul(percent + identifier_offset, &endp, 10);
      if(*endp == ']') {
        /* The address scope was well formed.  Knock it out of the
           hostname. */
        memmove(percent, endp, strlen(endp)+1);
-        if(!data->state.this_is_a_follow)
-          /* Don't honour a scope given in a Location: header */
        conn->scope = (unsigned int)scope;
      }
+      else {
+        /* Zone identifier is not numeric */
+#if defined(HAVE_NET_IF_H) && defined(IFNAMSIZ)
+        char ifname[IFNAMSIZ + 2];
+        char *square_bracket;
+        unsigned int scopeidx = 0;
+        strncpy(ifname, percent + identifier_offset, IFNAMSIZ + 2);
+        /* Ensure nullbyte termination */
+        ifname[IFNAMSIZ + 1] = '\0';
+        square_bracket = strchr(ifname, ']');
+        if(square_bracket) {
+          /* Remove ']' */
+          *square_bracket = '\0';
+          scopeidx = if_nametoindex(ifname);
+          if(scopeidx == 0) {
+            infof(data, "Invalid network interface: %s; %s\n", ifname,
+                  strerror(errno));
+          }
+        }
+        if(scopeidx > 0) {
+          /* Remove zone identifier from hostname */
+          memmove(percent,
+                  percent + identifier_offset + strlen(ifname),
+                  identifier_offset + strlen(ifname));
+          conn->scope = scopeidx;
+        }
        else
+#endif /* HAVE_NET_IF_H && IFNAMSIZ */
          infof(data, "Invalid IPv6 address format\n");
      }
    }
+  }

  if(data->set.scope)
    /* Override any scope that was set above.  */
@@ -4045,16 +4109,17 @@ static CURLcode setup_connection_internals(struct connectdata *conn)
 {
  const struct Curl_handler * p;
  CURLcode result;
+  struct SessionHandle *data = conn->data;

  /* in some case in the multi state-machine, we go back to the CONNECT state
     and then a second (or third or...) call to this function will be made
     without doing a DISCONNECT or DONE in between (since the connection is
     yet in place) and therefore this function needs to first make sure
     there's no lingering previous data allocated. */
-  Curl_free_request_state(conn->data);
+  Curl_free_request_state(data);

-  memset(&conn->data->req, 0, sizeof(struct SingleRequest));
-  conn->data->req.maxdownload = -1;
+  memset(&data->req, 0, sizeof(struct SingleRequest));
+  data->req.maxdownload = -1;

  conn->socktype = SOCK_STREAM; /* most of them are TCP streams */

@@ -4350,12 +4415,21 @@ static CURLcode parse_proxy(struct SessionHandle *data,
  /* start scanning for port number at this point */
  portptr = proxyptr;

-  /* detect and extract RFC2732-style IPv6-addresses */
+  /* detect and extract RFC6874-style IPv6-addresses */
  if(*proxyptr == '[') {
    char *ptr = ++proxyptr; /* advance beyond the initial bracket */
-    while(*ptr && (ISXDIGIT(*ptr) || (*ptr == ':') || (*ptr == '%') ||
-                   (*ptr == '.')))
+    while(*ptr && (ISXDIGIT(*ptr) || (*ptr == ':') || (*ptr == '.')))
      ptr++;
+    if(*ptr == '%') {
+      /* There might be a zone identifier */
+      if(strncmp("%25", ptr, 3))
+        infof(data, "Please URL encode %% as %%25, see RFC 6874.\n");
+      ptr++;
+      /* Allow unresered characters as defined in RFC 3986 */
+      while(*ptr && (ISALPHA(*ptr) || ISXDIGIT(*ptr) || (*ptr == '-') ||
+                     (*ptr == '.') || (*ptr == '_') || (*ptr == '~')))
+        ptr++;
+    }
    if(*ptr == ']')
      /* yeps, it ended nicely with a bracket as well */
      *ptr++ = 0;
@@ -5181,7 +5255,7 @@ static CURLcode create_conn(struct SessionHandle *data,

  /*************************************************************
   * If the protocol can't handle url query strings, then cut
-   * of the unhandable part
+   * off the unhandable part
   *************************************************************/
  if((conn->given->flags&PROTOPT_NOURLQUERY)) {
    char *path_q_sep = strchr(conn->data->state.path, '?');
@@ -5266,7 +5340,7 @@ static CURLcode create_conn(struct SessionHandle *data,
 #else
      /* force this connection's protocol to become HTTP if not already
         compatible - if it isn't tunneling through */
-      if(!(conn->handler->protocol & CURLPROTO_HTTP) &&
+      if(!(conn->handler->protocol & PROTO_FAMILY_HTTP) &&
         !conn->bits.tunnel_proxy)
        conn->handler = &Curl_handler_http;

--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -58,6 +58,14 @@
 #define CURL_DEFAULT_USER "anonymous"
 #define CURL_DEFAULT_PASSWORD "ftp@example.com"

+/* Convenience defines for checking protocols or their SSL based version. Each
+   protocol handler should only ever have a single CURLPROTO_ in its protocol
+   field. */
+#define PROTO_FAMILY_HTTP (CURLPROTO_HTTP|CURLPROTO_HTTPS)
+#define PROTO_FAMILY_FTP  (CURLPROTO_FTP|CURLPROTO_FTPS)
+#define PROTO_FAMILY_POP3 (CURLPROTO_POP3|CURLPROTO_POP3S)
+#define PROTO_FAMILY_SMTP (CURLPROTO_SMTP|CURLPROTO_SMTPS)
+
 #define DEFAULT_CONNCACHE_SIZE 5

 /* length of longest IPv6 address string including the trailing null */
@@ -318,6 +326,7 @@ struct ssl_connect_data {
  struct SessionHandle *data;
  struct curl_llist *obj_list;
  PK11GenericObject *obj_clicert;
+  ssl_connect_state connecting_state;
 #endif /* USE_NSS */
 #ifdef USE_QSOSSL
  SSLHandle *handle;
@@ -595,7 +604,7 @@ enum upgrade101 {
 enum negotiatenpn {
  NPN_INIT,                   /* default state */
  NPN_HTTP1_1,                /* HTTP/1.1 negotiated */
-  NPN_HTTP2_DRAFT09           /* HTTP-draft-0.9/2.0 negotiated */
+  NPN_HTTP2                   /* HTTP2 (draft-xx) negotiated */
 };

 /*
@@ -777,7 +786,8 @@ struct Curl_handler {
                        ssize_t *nread, bool *readmore);

  long defport;           /* Default port. */
-  unsigned int protocol;  /* See CURLPROTO_*  */
+  unsigned int protocol;  /* See CURLPROTO_* - this needs to be the single
+                             specific protocol bit */
  unsigned int flags;     /* Extra particular characteristics, see PROTOPT_* */
 };

@@ -795,8 +805,8 @@ struct Curl_handler {
                                      gets a default */
 #define PROTOPT_NOURLQUERY (1<<6)   /* protocol can't handle
                                        url query strings (?foo=bar) ! */
-#define PROTOPT_CREDSPERREQUEST (1<<7) /* requires login creditials per request
-                                          as opposed to per connection */
+#define PROTOPT_CREDSPERREQUEST (1<<7) /* requires login credentials per
+                                          request instead of per connection */


 /* return the count of bytes sent, or -1 on error */
@@ -1125,6 +1135,7 @@ struct Progress {

  struct timeval start;
  struct timeval t_startsingle;
+  struct timeval t_startop;
  struct timeval t_acceptdata;
 #define CURR_TIME (5+1) /* 6 entries for 5 seconds */

@@ -1296,6 +1307,8 @@ struct UrlState {

  /* if true, force SSL connection retry (workaround for certain servers) */
  bool ssl_connect_retry;
+  curl_off_t infilesize; /* size of file to upload, -1 means unknown.
+                            Copied from set.filesize at start of operation */
 };


@@ -1457,7 +1470,7 @@ struct UserDefined {
  long accepttimeout;   /* in milliseconds, 0 means no timeout */
  long server_response_timeout; /* in milliseconds, 0 means no timeout */
  long tftp_blksize ; /* in bytes, 0 means use default */
-  curl_off_t infilesize;      /* size of file to upload, -1 means unknown */
+  curl_off_t filesize;  /* size of file to upload, -1 means unknown */
  long low_speed_limit; /* bytes/second */
  long low_speed_time;  /* number of seconds */
  curl_off_t max_send_speed; /* high speed limit in bytes/second for upload */
@@ -1465,7 +1478,9 @@ struct UserDefined {
                                download */
  curl_off_t set_resume_from;  /* continue [ftp] transfer from here */
  struct curl_slist *headers; /* linked list of extra headers */
+  struct curl_slist *proxyheaders; /* linked list of extra CONNECT headers */
  struct curl_httppost *httppost;  /* linked list of POST data */
+  bool sep_headers;     /* handle host and proxy headers separately */
  bool cookiesession;   /* new cookie session? */
  bool crlf;            /* convert crlf on ftp upload(?) */
  struct curl_slist *quote;     /* after connection is established */
--- a/lib/vtls/axtls.c
+++ b/lib/vtls/axtls.c
@@ -481,6 +481,7 @@ Curl_axtls_connect(struct connectdata *conn,
      return map_error_to_curl(ssl_fcn_return);
    }
    usleep(10000);
+    /* TODO: check for timeout as this could hang indefinitely otherwise */
  }
  infof (conn->data, "handshake completed successfully\n");

--- a/lib/vtls/curl_darwinssl.c
+++ b/lib/vtls/curl_darwinssl.c
@@ -5,8 +5,8 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 2012 - 2013, Nick Zitzmann, <nickzman@gmail.com>.
- * Copyright (C) 2012 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012 - 2014, Nick Zitzmann, <nickzman@gmail.com>.
+ * Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -952,7 +952,7 @@ static OSStatus CopyIdentityFromPKCS12File(const char *cPath,

    /* Here we go: */
    status = SecPKCS12Import(pkcs_data, options, &items);
-    if(status == noErr) {
+    if(status == noErr && items && CFArrayGetCount(items)) {
      CFDictionaryRef identity_and_trust = CFArrayGetValueAtIndex(items, 0L);
      const void *temp_identity = CFDictionaryGetValue(identity_and_trust,
        kSecImportItemIdentity);
@@ -960,8 +960,10 @@ static OSStatus CopyIdentityFromPKCS12File(const char *cPath,
      /* Retain the identity; we don't care about any other data... */
      CFRetain(temp_identity);
      *out_cert_and_key = (SecIdentityRef)temp_identity;
-      CFRelease(items);
    }
+
+    if(items)
+      CFRelease(items);
    CFRelease(options);
    CFRelease(pkcs_data);
  }
--- a/lib/vtls/curl_schannel.c
+++ b/lib/vtls/curl_schannel.c
@@ -193,7 +193,8 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
    }

    /* allocate memory for the re-usable credential handle */
-    connssl->cred = malloc(sizeof(struct curl_schannel_cred));
+    connssl->cred = (struct curl_schannel_cred *)
+                     malloc(sizeof(struct curl_schannel_cred));
    if(!connssl->cred) {
      failf(data, "schannel: unable to allocate memory");
      return CURLE_OUT_OF_MEMORY;
@@ -236,7 +237,8 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
                       ISC_REQ_STREAM;

  /* allocate memory for the security context handle */
-  connssl->ctxt = malloc(sizeof(struct curl_schannel_ctxt));
+  connssl->ctxt = (struct curl_schannel_ctxt *)
+                   malloc(sizeof(struct curl_schannel_ctxt));
  if(!connssl->ctxt) {
    failf(data, "schannel: unable to allocate memory");
    return CURLE_OUT_OF_MEMORY;
@@ -310,6 +312,9 @@ schannel_connect_step2(struct connectdata *conn, int sockindex)
  infof(data, "schannel: SSL/TLS connection with %s port %hu (step 2/3)\n",
        conn->host.name, conn->remote_port);

+  if(!connssl->cred || !connssl->ctxt)
+    return CURLE_SSL_CONNECT_ERROR;
+
  /* buffer to store previously received and encrypted data */
  if(connssl->encdata_buffer == NULL) {
    connssl->encdata_offset = 0;
@@ -508,6 +513,9 @@ schannel_connect_step3(struct connectdata *conn, int sockindex)
  infof(data, "schannel: SSL/TLS connection with %s port %hu (step 3/3)\n",
        conn->host.name, conn->remote_port);

+  if(!connssl->cred)
+    return CURLE_SSL_CONNECT_ERROR;
+
  /* check if the required context attributes are met */
  if(connssl->ret_flags != connssl->req_flags) {
    if(!(connssl->ret_flags & ISC_RET_SEQUENCE_DETECT))
@@ -757,7 +765,7 @@ schannel_send(struct connectdata *conn, int sockindex,

      this_write = 0;

-      timeleft = Curl_timeleft(conn->data, NULL, TRUE);
+      timeleft = Curl_timeleft(conn->data, NULL, FALSE);
      if(timeleft < 0) {
        /* we already got the timeout */
        failf(conn->data, "schannel: timed out sending data "
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -47,11 +47,16 @@
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
 #include "curl_memory.h"
+
+#include <cyassl/ssl.h>
+#ifdef HAVE_CYASSL_ERROR_SSL_H
+#include <cyassl/error-ssl.h>
+#else
+#include <cyassl/error.h>
+#endif
+
 /* The last #include file should be: */
 #include "memdebug.h"
-#include <cyassl/ssl.h>
-#include <cyassl/error.h>
-

 static Curl_recv cyassl_recv;
 static Curl_send cyassl_send;
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -735,6 +735,7 @@ gtls_connect_step3(struct connectdata *conn,
  /* initialize an X.509 certificate structure. */
  gnutls_x509_crt_init(&x509_cert);

+  if(chainp)
    /* convert the given DER or PEM encoded Certificate to the native
       gnutls_x509_crt_t format */
    gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER);
@@ -883,7 +884,7 @@ gtls_connect_step3(struct connectdata *conn,
      if(proto.size == NGHTTP2_PROTO_VERSION_ID_LEN &&
        memcmp(NGHTTP2_PROTO_VERSION_ID, proto.data,
        NGHTTP2_PROTO_VERSION_ID_LEN) == 0) {
-        conn->negnpn = NPN_HTTP2_DRAFT09;
+        conn->negnpn = NPN_HTTP2;
      }
      else if(proto.size == ALPN_HTTP_1_1_LENGTH && memcmp(ALPN_HTTP_1_1,
          proto.data, ALPN_HTTP_1_1_LENGTH) == 0) {
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -180,6 +180,10 @@ static const cipher_s cipherlist[] = {
 static const char* pem_library = "libnsspem.so";
 SECMODModule* mod = NULL;

+/* NSPR I/O layer we use to detect blocking direction during SSL handshake */
+static PRDescIdentity nspr_io_identity = PR_INVALID_IO_LAYER;
+static PRIOMethods nspr_io_methods;
+
 static const char* nss_error_to_name(PRErrorCode code)
 {
  const char *name = PR_ErrorToName(code);
@@ -657,7 +661,7 @@ static void HandshakeCallback(PRFileDesc *sock, void *arg)
    if(buflen == NGHTTP2_PROTO_VERSION_ID_LEN &&
       memcmp(NGHTTP2_PROTO_VERSION_ID, buf, NGHTTP2_PROTO_VERSION_ID_LEN)
       == 0) {
-      conn->negnpn = NPN_HTTP2_DRAFT09;
+      conn->negnpn = NPN_HTTP2;
    }
    else if(buflen == ALPN_HTTP_1_1_LENGTH && memcmp(ALPN_HTTP_1_1, buf,
                                                     ALPN_HTTP_1_1_LENGTH)) {
@@ -940,6 +944,60 @@ isTLSIntoleranceError(PRInt32 err)
  }
 }

+/* update blocking direction in case of PR_WOULD_BLOCK_ERROR */
+static void nss_update_connecting_state(ssl_connect_state state, void *secret)
+{
+  struct ssl_connect_data *connssl = (struct ssl_connect_data *)secret;
+  if(PR_GetError() != PR_WOULD_BLOCK_ERROR)
+    /* an unrelated error is passing by */
+    return;
+
+  switch(connssl->connecting_state) {
+  case ssl_connect_2:
+  case ssl_connect_2_reading:
+  case ssl_connect_2_writing:
+    break;
+  default:
+    /* we are not called from an SSL handshake */
+    return;
+  }
+
+  /* update the state accordingly */
+  connssl->connecting_state = state;
+}
+
+/* recv() wrapper we use to detect blocking direction during SSL handshake */
+static PRInt32 nspr_io_recv(PRFileDesc *fd, void *buf, PRInt32 amount,
+                            PRIntn flags, PRIntervalTime timeout)
+{
+  const PRRecvFN recv_fn = fd->lower->methods->recv;
+  const PRInt32 rv = recv_fn(fd->lower, buf, amount, flags, timeout);
+  if(rv < 0)
+    /* check for PR_WOULD_BLOCK_ERROR and update blocking direction */
+    nss_update_connecting_state(ssl_connect_2_reading, fd->secret);
+  return rv;
+}
+
+/* send() wrapper we use to detect blocking direction during SSL handshake */
+static PRInt32 nspr_io_send(PRFileDesc *fd, const void *buf, PRInt32 amount,
+                            PRIntn flags, PRIntervalTime timeout)
+{
+  const PRSendFN send_fn = fd->lower->methods->send;
+  const PRInt32 rv = send_fn(fd->lower, buf, amount, flags, timeout);
+  if(rv < 0)
+    /* check for PR_WOULD_BLOCK_ERROR and update blocking direction */
+    nss_update_connecting_state(ssl_connect_2_writing, fd->secret);
+  return rv;
+}
+
+/* close() wrapper to avoid assertion failure due to fd->secret != NULL */
+static PRStatus nspr_io_close(PRFileDesc *fd)
+{
+  const PRCloseFN close_fn = PR_GetDefaultIOMethods()->close;
+  fd->secret = NULL;
+  return close_fn(fd);
+}
+
 static CURLcode nss_init_core(struct SessionHandle *data, const char *cert_dir)
 {
  NSSInitParameters initparams;
@@ -1004,6 +1062,21 @@ static CURLcode nss_init(struct SessionHandle *data)
    }
  }

+  if(nspr_io_identity == PR_INVALID_IO_LAYER) {
+    /* allocate an identity for our own NSPR I/O layer */
+    nspr_io_identity = PR_GetUniqueIdentity("libcurl");
+    if(nspr_io_identity == PR_INVALID_IO_LAYER)
+      return CURLE_OUT_OF_MEMORY;
+
+    /* the default methods just call down to the lower I/O layer */
+    memcpy(&nspr_io_methods, PR_GetDefaultIOMethods(), sizeof nspr_io_methods);
+
+    /* override certain methods in the table by our wrappers */
+    nspr_io_methods.recv  = nspr_io_recv;
+    nspr_io_methods.send  = nspr_io_send;
+    nspr_io_methods.close = nspr_io_close;
+  }
+
  rv = nss_init_core(data, cert_dir);
  if(rv)
    return rv;
@@ -1296,19 +1369,71 @@ static CURLcode nss_init_sslver(SSLVersionRange *sslver,
  return CURLE_SSL_CONNECT_ERROR;
 }

-CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
+static CURLcode nss_fail_connect(struct ssl_connect_data *connssl,
+                                 struct SessionHandle *data,
+                                 CURLcode curlerr)
 {
+  SSLVersionRange sslver;
  PRErrorCode err = 0;
+
+  /* reset the flag to avoid an infinite loop */
+  data->state.ssl_connect_retry = FALSE;
+
+  if(is_nss_error(curlerr)) {
+    /* read NSPR error code */
+    err = PR_GetError();
+    if(is_cc_error(err))
+      curlerr = CURLE_SSL_CERTPROBLEM;
+
+    /* print the error number and error string */
+    infof(data, "NSS error %d (%s)\n", err, nss_error_to_name(err));
+
+    /* print a human-readable message describing the error if available */
+    nss_print_error_message(data, err);
+  }
+
+  /* cleanup on connection failure */
+  Curl_llist_destroy(connssl->obj_list, NULL);
+  connssl->obj_list = NULL;
+
+  if((SSL_VersionRangeGet(connssl->handle, &sslver) == SECSuccess)
+      && (sslver.min == SSL_LIBRARY_VERSION_3_0)
+      && (sslver.max == SSL_LIBRARY_VERSION_TLS_1_0)
+      && isTLSIntoleranceError(err)) {
+    /* schedule reconnect through Curl_retry_request() */
+    data->state.ssl_connect_retry = TRUE;
+    infof(data, "Error in TLS handshake, trying SSLv3...\n");
+    return CURLE_OK;
+  }
+
+  return curlerr;
+}
+
+/* Switch the SSL socket into non-blocking mode. */
+static CURLcode nss_set_nonblock(struct ssl_connect_data *connssl,
+                                 struct SessionHandle *data)
+{
+  static PRSocketOptionData sock_opt;
+  sock_opt.option = PR_SockOpt_Nonblocking;
+  sock_opt.value.non_blocking = PR_TRUE;
+
+  if(PR_SetSocketOption(connssl->handle, &sock_opt) != PR_SUCCESS)
+    return nss_fail_connect(connssl, data, CURLE_SSL_CONNECT_ERROR);
+
+  return CURLE_OK;
+}
+
+static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
+{
  PRFileDesc *model = NULL;
+  PRFileDesc *nspr_io = NULL;
+  PRFileDesc *nspr_io_stub = NULL;
  PRBool ssl_no_cache;
  PRBool ssl_cbc_random_iv;
  struct SessionHandle *data = conn->data;
  curl_socket_t sockfd = conn->sock[sockindex];
  struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  CURLcode curlerr;
-  PRSocketOptionData sock_opt;
-  long time_left;
-  PRUint32 timeout;

  SSLVersionRange sslver = {
    SSL_LIBRARY_VERSION_3_0,      /* min */
@@ -1475,12 +1600,35 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
    goto error;
  }

-  /* Import our model socket  onto the existing file descriptor */
-  connssl->handle = PR_ImportTCPSocket(sockfd);
-  connssl->handle = SSL_ImportFD(model, connssl->handle);
-  if(!connssl->handle)
+  /* wrap OS file descriptor by NSPR's file descriptor abstraction */
+  nspr_io = PR_ImportTCPSocket(sockfd);
+  if(!nspr_io)
    goto error;

+  /* create our own NSPR I/O layer */
+  nspr_io_stub = PR_CreateIOLayerStub(nspr_io_identity, &nspr_io_methods);
+  if(!nspr_io_stub) {
+    PR_Close(nspr_io);
+    goto error;
+  }
+
+  /* make the per-connection data accessible from NSPR I/O callbacks */
+  nspr_io_stub->secret = (void *)connssl;
+
+  /* push our new layer to the NSPR I/O stack */
+  if(PR_PushIOLayer(nspr_io, PR_TOP_IO_LAYER, nspr_io_stub) != PR_SUCCESS) {
+    PR_Close(nspr_io);
+    PR_Close(nspr_io_stub);
+    goto error;
+  }
+
+  /* import our model socket onto the current I/O stack */
+  connssl->handle = SSL_ImportFD(model, nspr_io);
+  if(!connssl->handle) {
+    PR_Close(nspr_io);
+    goto error;
+  }
+
  PR_Close(model); /* We don't need this any more */
  model = NULL;

@@ -1534,30 +1682,43 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)

  SSL_SetURL(connssl->handle, conn->host.name);

+  return CURLE_OK;
+
+error:
+  if(model)
+    PR_Close(model);
+
+  return nss_fail_connect(connssl, data, curlerr);
+}
+
+static CURLcode nss_do_connect(struct connectdata *conn, int sockindex)
+{
+  struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+  struct SessionHandle *data = conn->data;
+  CURLcode curlerr = CURLE_SSL_CONNECT_ERROR;
+  PRUint32 timeout;
+
  /* check timeout situation */
-  time_left = Curl_timeleft(data, NULL, TRUE);
+  const long time_left = Curl_timeleft(data, NULL, TRUE);
  if(time_left < 0L) {
    failf(data, "timed out before SSL handshake");
    curlerr = CURLE_OPERATION_TIMEDOUT;
    goto error;
  }
-  timeout = PR_MillisecondsToInterval((PRUint32) time_left);

  /* Force the handshake now */
+  timeout = PR_MillisecondsToInterval((PRUint32) time_left);
  if(SSL_ForceHandshakeWithTimeout(connssl->handle, timeout) != SECSuccess) {
-    if(conn->data->set.ssl.certverifyresult == SSL_ERROR_BAD_CERT_DOMAIN)
+    if(PR_GetError() == PR_WOULD_BLOCK_ERROR)
+      /* blocking direction is updated by nss_update_connecting_state() */
+      return CURLE_AGAIN;
+    else if(conn->data->set.ssl.certverifyresult == SSL_ERROR_BAD_CERT_DOMAIN)
      curlerr = CURLE_PEER_FAILED_VERIFICATION;
    else if(conn->data->set.ssl.certverifyresult!=0)
      curlerr = CURLE_SSL_CACERT;
    goto error;
  }

-  /* switch the SSL socket into non-blocking mode */
-  sock_opt.option = PR_SockOpt_Nonblocking;
-  sock_opt.value.non_blocking = PR_TRUE;
-  if(PR_SetSocketOption(connssl->handle, &sock_opt) != PR_SUCCESS)
-    goto error;
-
  connssl->state = ssl_connection_complete;
  conn->recv[sockindex] = nss_recv;
  conn->send[sockindex] = nss_send;
@@ -1585,40 +1746,70 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)

  return CURLE_OK;

-  error:
-  /* reset the flag to avoid an infinite loop */
-  data->state.ssl_connect_retry = FALSE;
+error:
+  return nss_fail_connect(connssl, data, curlerr);
+}

-  if(is_nss_error(curlerr)) {
-    /* read NSPR error code */
-    err = PR_GetError();
-    if(is_cc_error(err))
-      curlerr = CURLE_SSL_CERTPROBLEM;
+static CURLcode nss_connect_common(struct connectdata *conn, int sockindex,
+                                   bool *done)
+{
+  struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+  struct SessionHandle *data = conn->data;
+  const bool blocking = (done == NULL);
+  CURLcode rv;

-    /* print the error number and error string */
-    infof(data, "NSS error %d (%s)\n", err, nss_error_to_name(err));
+  if(connssl->connecting_state == ssl_connect_1) {
+    rv = nss_setup_connect(conn, sockindex);
+    if(rv)
+      /* we do not expect CURLE_AGAIN from nss_setup_connect() */
+      return rv;

-    /* print a human-readable message describing the error if available */
-    nss_print_error_message(data, err);
+    if(!blocking) {
+      /* in non-blocking mode, set NSS non-blocking mode before handshake */
+      rv = nss_set_nonblock(connssl, data);
+      if(rv)
+        return rv;
    }

-  if(model)
-    PR_Close(model);
+    connssl->connecting_state = ssl_connect_2;
+  }

-  /* cleanup on connection failure */
-  Curl_llist_destroy(connssl->obj_list, NULL);
-  connssl->obj_list = NULL;
-
-  if((sslver.min == SSL_LIBRARY_VERSION_3_0)
-      && (sslver.max == SSL_LIBRARY_VERSION_TLS_1_0)
-      && isTLSIntoleranceError(err)) {
-    /* schedule reconnect through Curl_retry_request() */
-    data->state.ssl_connect_retry = TRUE;
-    infof(data, "Error in TLS handshake, trying SSLv3...\n");
+  rv = nss_do_connect(conn, sockindex);
+  switch(rv) {
+  case CURLE_OK:
+    break;
+  case CURLE_AGAIN:
+    if(!blocking)
+      /* CURLE_AGAIN in non-blocking mode is not an error */
      return CURLE_OK;
+    /* fall through */
+  default:
+    return rv;
  }

-  return curlerr;
+  if(blocking) {
+    /* in blocking mode, set NSS non-blocking mode _after_ SSL handshake */
+    rv = nss_set_nonblock(connssl, data);
+    if(rv)
+      return rv;
+  }
+  else
+    /* signal completed SSL handshake */
+    *done = TRUE;
+
+  connssl->connecting_state = ssl_connect_done;
+  return CURLE_OK;
+}
+
+CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
+{
+  return nss_connect_common(conn, sockindex, /* blocking */ NULL);
+}
+
+CURLcode Curl_nss_connect_nonblocking(struct connectdata *conn,
+                                      int sockindex, bool *done)
+{
+  return nss_connect_common(conn, sockindex, done);
 }

 static ssize_t nss_send(struct connectdata *conn,  /* connection data */
--- a/lib/vtls/nssg.h
+++ b/lib/vtls/nssg.h
@@ -68,6 +68,7 @@ void Curl_nss_md5sum(unsigned char *tmp, /* input */
 #define curlssl_init Curl_nss_init
 #define curlssl_cleanup Curl_nss_cleanup
 #define curlssl_connect Curl_nss_connect
+#define curlssl_connect_nonblocking Curl_nss_connect_nonblocking

 /* NSS has its own session ID cache */
 #define curlssl_session_free(x) Curl_nop_stmt
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -538,6 +538,7 @@ int cert_stuff(struct connectdata *conn,

      if(!cert_done)
        return 0; /* failure! */
+      break;
 #else
      failf(data, "file type P12 for certificate not supported");
      return 0;
@@ -1430,8 +1431,9 @@ select_next_proto_cb(SSL *ssl,
  (void)ssl;

  if(retval == 1) {
-    infof(conn->data, "NPN, negotiated HTTP2\n");
-    conn->negnpn = NPN_HTTP2_DRAFT09;
+    infof(conn->data, "NPN, negotiated HTTP2 (%s)\n",
+          NGHTTP2_PROTO_VERSION_ID);
+    conn->negnpn = NPN_HTTP2;
  }
  else if(retval == 0) {
    infof(conn->data, "NPN, negotiated HTTP1.1\n");
@@ -1499,6 +1501,8 @@ ossl_connect_step1(struct connectdata *conn,
  /* Make funny stuff to get random input */
  Curl_ossl_seed(data);

+  data->set.ssl.certverifyresult = !X509_V_OK;
+
  /* check to see if we've been told to use an explicit SSL/TLS version */

  switch(data->set.ssl.version) {
@@ -1891,11 +1895,6 @@ ossl_connect_step2(struct connectdata *conn, int sockindex)
  struct SessionHandle *data = conn->data;
  int err;
  struct ssl_connect_data *connssl = &conn->ssl[sockindex];
-#ifdef HAS_ALPN
-  char* neg_protocol;
-  int len = 0;
-#endif
-
  DEBUGASSERT(ssl_connect_2 == connssl->connecting_state
             || ssl_connect_2_reading == connssl->connecting_state
             || ssl_connect_2_writing == connssl->connecting_state);
@@ -1997,13 +1996,15 @@ ossl_connect_step2(struct connectdata *conn, int sockindex)
     * negotiated
     */
    if(data->set.ssl_enable_alpn) {
+      const unsigned char* neg_protocol;
+      unsigned int len;
      SSL_get0_alpn_selected(connssl->handle, &neg_protocol, &len);
      if(len != 0) {
        infof(data, "ALPN, server accepted to use %.*s\n", len, neg_protocol);

        if(len == NGHTTP2_PROTO_VERSION_ID_LEN &&
           memcmp(NGHTTP2_PROTO_VERSION_ID, neg_protocol, len) == 0) {
-             conn->negnpn = NPN_HTTP2_DRAFT09;
+             conn->negnpn = NPN_HTTP2;
        }
        else if(len == ALPN_HTTP_1_1_LENGTH && memcmp(ALPN_HTTP_1_1,
            neg_protocol, ALPN_HTTP_1_1_LENGTH) == 0) {
@@ -2119,7 +2120,7 @@ static int X509V3_ext(struct SessionHandle *data,
        sep=", ";
        j++; /* skip the newline */
      };
-      while((biomem->data[j] == ' ') && (j<(size_t)biomem->length))
+      while((j<(size_t)biomem->length) && (biomem->data[j] == ' '))
        j++;
      if(j<(size_t)biomem->length)
        ptr+=snprintf(ptr, sizeof(buf)-(ptr-buf), "%s%c", sep,
@@ -2161,8 +2162,6 @@ static void dumpcert(struct SessionHandle *data, X509 *x, int numcert)

  BIO_get_mem_ptr(bio_out, &biomem);

-  infof(data, "%s\n", biomem->data);
-
  Curl_ssl_push_certinfo_len(data, numcert,
                             "Cert", biomem->data, biomem->length);

@@ -2366,8 +2365,6 @@ static CURLcode servercert(struct connectdata *conn,
    /* we've been asked to gather certificate info! */
    (void)get_cert_chain(conn, connssl);

-  data->set.ssl.certverifyresult = !X509_V_OK;
-
  connssl->server_cert = SSL_get_peer_certificate(connssl->handle);
  if(!connssl->server_cert) {
    if(strict)
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@@ -29,7 +29,7 @@

 /* see http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04 */
 #define ALPN_HTTP_1_1_LENGTH 8
-#define ALPN_HTTP_1_1 "http/1.0"
+#define ALPN_HTTP_1_1 "http/1.1"

 bool Curl_ssl_config_matches(struct ssl_config_data* data,
                             struct ssl_config_data* needle);
--- a/m4/curl-functions.m4
+++ b/m4/curl-functions.m4
@@ -4729,7 +4729,7 @@ AC_DEFUN([CURL_CHECK_FUNC_POLL], [
  tst_allow_poll="unknown"
  #
  case $host_os in
-    darwin*|interix*)
+    darwin[[123456789]].*|darwin10.*|darwin11.*|darwin12.*|interix*)
      dnl poll() does not work on these platforms
      dnl Interix: "does provide poll(), but the implementing developer must
      dnl have been in a bad mood, because poll() only works on the /proc
--- a/6
+++ b/6
@@ -9,7 +9,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -123,6 +123,10 @@ make -s html
 echo "make pdf"
 make -s pdf

+# And the IDE files
+echo "make vc-ide"
+make -s vc-ide
+
 echo "produce CHANGES"
 git log --pretty=fuller --no-color --date=short --decorate=full -1000 | ./log2changes.pl > CHANGES.dist

--- a/packages/Symbian/group/curl.pkg
+++ b/packages/Symbian/group/curl.pkg
@@ -1,4 +1,4 @@
-; curl package defintion file
+; curl package definition file
 ; Use with makesis to create a Symbian .sis package

 ;Language - standard language definitions
--- a/packages/Symbian/group/libcurl.mmp
+++ b/packages/Symbian/group/libcurl.mmp
@@ -39,7 +39,7 @@ SOURCE \
  http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c     \
  curl_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_ntlm_msgs.c         \
  curl_sasl.c vtls/curl_schannel.c curl_multibyte.c                    \
-  vtls/curl_darwinssl.c bundles.c conncache.c
+  vtls/curl_darwinssl.c bundles.c conncache.c curl_sasl_sspi.c

 USERINCLUDE   ../../../lib ../../../include/curl
 #ifdef ENABLE_SSL
--- a/packages/Symbian/group/libcurl.pkg
+++ b/packages/Symbian/group/libcurl.pkg
@@ -1,4 +1,4 @@
-; libcurl package defintion file
+; libcurl package definition file
 ; Use with makesis to create a Symbian .sis package

 ;Language - standard language definitions
--- a/projects/README
+++ b/projects/README
@@ -0,0 +1,104 @@
+Building via IDE Project Files
+==============================
+
+   This document describes how to compile, build and install curl and libcurl
+   from sources using an IDE based development tool such as Visual Studio.
+
+   Project files are currently available for Visual C++ v6.0 to v12.0. The
+   following directory structure has been used to cater for this:
+
+   somedirectory\
+    |_curl
+      |_projects
+        |_<platform>
+          |_<ide>
+            |_lib
+            |_src
+
+   This structure allows for side-by-side compilation of curl on the same
+   machine using different versions of a given compiler (for example VC8, VC9
+   and VC10) and allows for your own application or product to be compiled
+   against those variants of libcurl for example.
+
+   Note: Typically this side-by-side compilation is generally only required
+   when a library is being compiled against dynamic runtime libraries.
+
+Dependencies
+============
+
+   The projects files also support build configurations that require third
+   party dependencies such as openssl and ssh2. If you wish to support these,
+   you will also need to download and compile those libraries as well.
+
+   To support compilation of these libraries using different versions of
+   compilers, the following directory structure has been used for both the
+   output of curl and libcurl as well as these dependencies.
+
+   somedirectory\
+    |_curl
+    | |_ build
+    |    |_<architecture>
+    |      |_<ide>
+    |        |_<configuration>
+    |          |_lib
+    |          |_src
+    |
+    |_openssl
+    | |_ build
+    |    |_<architecture>
+    |      |_VC <version>
+    |        |_<configuration>
+    |
+    |_libssh2
+      |_ build
+         |_<architecture>
+           |_VC <version>
+             |_<configuration>
+
+   As OpenSSL doesn't support side-by-side compilation when using different
+   versions of Visual Studio a build helper batch file has been provided to
+   assist with this. Please run "build-openssl -help" for usage details.
+
+Building with Visual C++
+========================
+
+   To build with VC++, you will of course have to first install VC++ which is
+   part of Visual Studio.
+
+   If you are building with VC6 then you will also need the February 2003
+   Edition of the Platform SDK which can be downloaded from:
+
+    http://www.microsoft.com/en-us/download/details.aspx?id=12261
+
+   Once you have VC++ installed you should launch the application and open one
+   of the solution or workspace files.
+
+   Whilst files are provided for both libcurl and the curl command line tool as
+   well as a configuration that includes both, it is recommend that you use the
+   all-in-one configuration.
+
+Notes
+=====
+
+   The following keywords have been used in the directory hierarchy:
+   
+   <platform>      - The platform (For example: Windows)
+   <ide>           - The IDE (For example: VC6, VC10, BCC5)
+   <architecture>  - The platform architecture (For example: Win32, Win64)
+   <configuration> - The target configuration (For example: DLL Debug,
+                     LIB Release - LIB OpenSSL)
+
+TODO
+====
+
+   These project files are a recent addition to the curl source code and as such
+   are not 100% complete. This is a list of things that are still todo:
+
+   * Support zlib
+   * Support WinIDN
+   * Use of static runtime libraries
+   * Generate *.vcxproj.filters files for VC10, VC11 and VC12
+   * Use CURLX_* definitions for curl tool project generation
+   * Support for other development IDEs
+
+   Any additional help would be appreciated ;-)
--- a/projects/Windows/VC10/.gitignore
+++ b/projects/Windows/VC10/.gitignore
@@ -0,0 +1,4 @@
+/*.ncb
+/*.opensdf
+/*.sdf
+/*.suo
--- a/projects/Windows/VC10/curl.sln
+++ b/projects/Windows/VC10/curl.sln
@@ -0,0 +1,218 @@
+Microsoft Visual Studio Solution File, Format Version 11.00
+# Visual Studio 2010
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "curlsrc", "src\curlsrc.vcxproj", "{5228E9CE-A216-422F-A5E6-58E95E2DD71D}"
+	ProjectSection(ProjectDependencies) = postProject
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB} = {DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libcurl", "lib\libcurl.vcxproj", "{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		DLL Debug - DLL OpenSSL - DLL LibSSH2|x64 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		DLL Debug - DLL OpenSSL|Win32 = DLL Debug - DLL OpenSSL|Win32
+		DLL Debug - DLL OpenSSL|x64 = DLL Debug - DLL OpenSSL|x64
+		DLL Debug - DLL Windows SSPI|Win32 = DLL Debug - DLL Windows SSPI|Win32
+		DLL Debug - DLL Windows SSPI|x64 = DLL Debug - DLL Windows SSPI|x64
+		DLL Debug|Win32 = DLL Debug|Win32
+		DLL Debug|x64 = DLL Debug|x64
+		DLL Release - DLL OpenSSL - DLL LibSSH2|Win32 = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		DLL Release - DLL OpenSSL - DLL LibSSH2|x64 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		DLL Release - DLL OpenSSL|Win32 = DLL Release - DLL OpenSSL|Win32
+		DLL Release - DLL OpenSSL|x64 = DLL Release - DLL OpenSSL|x64
+		DLL Release - DLL Windows SSPI|Win32 = DLL Release - DLL Windows SSPI|Win32
+		DLL Release - DLL Windows SSPI|x64 = DLL Release - DLL Windows SSPI|x64
+		DLL Release|Win32 = DLL Release|Win32
+		DLL Release|x64 = DLL Release|x64
+		LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		LIB Debug - DLL OpenSSL - DLL LibSSH2|x64 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		LIB Debug - DLL OpenSSL|Win32 = LIB Debug - DLL OpenSSL|Win32
+		LIB Debug - DLL OpenSSL|x64 = LIB Debug - DLL OpenSSL|x64
+		LIB Debug - DLL Windows SSPI|Win32 = LIB Debug - DLL Windows SSPI|Win32
+		LIB Debug - DLL Windows SSPI|x64 = LIB Debug - DLL Windows SSPI|x64
+		LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		LIB Debug - LIB OpenSSL - LIB LibSSH2|x64 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		LIB Debug - LIB OpenSSL|Win32 = LIB Debug - LIB OpenSSL|Win32
+		LIB Debug - LIB OpenSSL|x64 = LIB Debug - LIB OpenSSL|x64
+		LIB Debug|Win32 = LIB Debug|Win32
+		LIB Debug|x64 = LIB Debug|x64
+		LIB Release - DLL OpenSSL - DLL LibSSH2|Win32 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		LIB Release - DLL OpenSSL - DLL LibSSH2|x64 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		LIB Release - DLL OpenSSL|Win32 = LIB Release - DLL OpenSSL|Win32
+		LIB Release - DLL OpenSSL|x64 = LIB Release - DLL OpenSSL|x64
+		LIB Release - DLL Windows SSPI|Win32 = LIB Release - DLL Windows SSPI|Win32
+		LIB Release - DLL Windows SSPI|x64 = LIB Release - DLL Windows SSPI|x64
+		LIB Release - LIB OpenSSL - LIB LibSSH2|Win32 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		LIB Release - LIB OpenSSL - LIB LibSSH2|x64 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		LIB Release - LIB OpenSSL|Win32 = LIB Release - LIB OpenSSL|Win32
+		LIB Release - LIB OpenSSL|x64 = LIB Release - LIB OpenSSL|x64
+		LIB Release|Win32 = LIB Release|Win32
+		LIB Release|x64 = LIB Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|Win32.ActiveCfg = DLL Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|Win32.Build.0 = DLL Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|x64.ActiveCfg = DLL Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|x64.Build.0 = DLL Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|Win32.ActiveCfg = DLL Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|Win32.Build.0 = DLL Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|x64.ActiveCfg = DLL Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|x64.Build.0 = DLL Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|Win32.ActiveCfg = DLL Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|Win32.Build.0 = DLL Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|x64.ActiveCfg = DLL Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|x64.Build.0 = DLL Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|Win32.ActiveCfg = DLL Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|Win32.Build.0 = DLL Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|x64.ActiveCfg = DLL Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|x64.Build.0 = DLL Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|Win32.ActiveCfg = DLL Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|Win32.Build.0 = DLL Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|x64.ActiveCfg = DLL Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|x64.Build.0 = DLL Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|Win32.ActiveCfg = DLL Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|Win32.Build.0 = DLL Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|x64.ActiveCfg = DLL Release|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|x64.Build.0 = DLL Release|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|Win32.ActiveCfg = LIB Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|Win32.Build.0 = LIB Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|x64.ActiveCfg = LIB Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|x64.Build.0 = LIB Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|Win32.ActiveCfg = LIB Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|Win32.Build.0 = LIB Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|x64.ActiveCfg = LIB Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|x64.Build.0 = LIB Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|Win32.ActiveCfg = LIB Debug - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|Win32.Build.0 = LIB Debug - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|x64.ActiveCfg = LIB Debug - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|x64.Build.0 = LIB Debug - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|Win32.ActiveCfg = LIB Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|Win32.Build.0 = LIB Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|x64.ActiveCfg = LIB Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|x64.Build.0 = LIB Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|Win32.ActiveCfg = LIB Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|Win32.Build.0 = LIB Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|x64.ActiveCfg = LIB Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|x64.Build.0 = LIB Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|Win32.ActiveCfg = LIB Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|Win32.Build.0 = LIB Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|x64.ActiveCfg = LIB Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|x64.Build.0 = LIB Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|Win32.ActiveCfg = LIB Release - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|Win32.Build.0 = LIB Release - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|x64.ActiveCfg = LIB Release - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|x64.Build.0 = LIB Release - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|Win32.ActiveCfg = LIB Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|Win32.Build.0 = LIB Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|x64.ActiveCfg = LIB Release|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|x64.Build.0 = LIB Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|Win32.ActiveCfg = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|Win32.Build.0 = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|x64.ActiveCfg = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|x64.Build.0 = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|Win32.ActiveCfg = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|Win32.Build.0 = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|x64.ActiveCfg = DLL Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|x64.Build.0 = DLL Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|Win32.ActiveCfg = DLL Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|Win32.Build.0 = DLL Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|x64.ActiveCfg = DLL Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|x64.Build.0 = DLL Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|Win32.ActiveCfg = DLL Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|Win32.Build.0 = DLL Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|x64.ActiveCfg = DLL Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|x64.Build.0 = DLL Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|Win32.ActiveCfg = DLL Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|Win32.Build.0 = DLL Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|x64.ActiveCfg = DLL Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|x64.Build.0 = DLL Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|Win32.ActiveCfg = DLL Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|Win32.Build.0 = DLL Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|x64.ActiveCfg = DLL Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|x64.Build.0 = DLL Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|Win32.ActiveCfg = LIB Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|Win32.Build.0 = LIB Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|x64.ActiveCfg = LIB Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|x64.Build.0 = LIB Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|Win32.ActiveCfg = LIB Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|Win32.Build.0 = LIB Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|x64.ActiveCfg = LIB Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|x64.Build.0 = LIB Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|Win32.ActiveCfg = LIB Debug - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|Win32.Build.0 = LIB Debug - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|x64.ActiveCfg = LIB Debug - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|x64.Build.0 = LIB Debug - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|Win32.ActiveCfg = LIB Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|Win32.Build.0 = LIB Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|x64.ActiveCfg = LIB Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|x64.Build.0 = LIB Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|Win32.ActiveCfg = LIB Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|Win32.Build.0 = LIB Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|x64.ActiveCfg = LIB Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|x64.Build.0 = LIB Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|Win32.ActiveCfg = LIB Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|Win32.Build.0 = LIB Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|x64.ActiveCfg = LIB Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|x64.Build.0 = LIB Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|Win32.ActiveCfg = LIB Release - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|Win32.Build.0 = LIB Release - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|x64.ActiveCfg = LIB Release - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|x64.Build.0 = LIB Release - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|Win32.ActiveCfg = LIB Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|Win32.Build.0 = LIB Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|x64.ActiveCfg = LIB Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|x64.Build.0 = LIB Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
--- a/projects/Windows/VC10/lib/.gitignore
+++ b/projects/Windows/VC10/lib/.gitignore
@@ -0,0 +1,6 @@
+/*.vcxproj
+/*.filters
+/*.user
+/*.ncb
+/*.sdf
+/*.suo
--- a/projects/Windows/VC10/lib/libcurl.sln
+++ b/projects/Windows/VC10/lib/libcurl.sln
@@ -0,0 +1,133 @@
+Microsoft Visual Studio Solution File, Format Version 11.00
+# Visual Studio 2010
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libcurl", "libcurl.vcxproj", "{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		DLL Debug - DLL OpenSSL - DLL LibSSH2|x64 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		DLL Debug - DLL OpenSSL|Win32 = DLL Debug - DLL OpenSSL|Win32
+		DLL Debug - DLL OpenSSL|x64 = DLL Debug - DLL OpenSSL|x64
+		DLL Debug - DLL Windows SSPI|Win32 = DLL Debug - DLL Windows SSPI|Win32
+		DLL Debug - DLL Windows SSPI|x64 = DLL Debug - DLL Windows SSPI|x64
+		DLL Debug|Win32 = DLL Debug|Win32
+		DLL Debug|x64 = DLL Debug|x64
+		DLL Release - DLL OpenSSL - DLL LibSSH2|Win32 = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		DLL Release - DLL OpenSSL - DLL LibSSH2|x64 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		DLL Release - DLL OpenSSL|Win32 = DLL Release - DLL OpenSSL|Win32
+		DLL Release - DLL OpenSSL|x64 = DLL Release - DLL OpenSSL|x64
+		DLL Release - DLL Windows SSPI|Win32 = DLL Release - DLL Windows SSPI|Win32
+		DLL Release - DLL Windows SSPI|x64 = DLL Release - DLL Windows SSPI|x64
+		DLL Release|Win32 = DLL Release|Win32
+		DLL Release|x64 = DLL Release|x64
+		LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		LIB Debug - DLL OpenSSL - DLL LibSSH2|x64 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		LIB Debug - DLL OpenSSL|Win32 = LIB Debug - DLL OpenSSL|Win32
+		LIB Debug - DLL OpenSSL|x64 = LIB Debug - DLL OpenSSL|x64
+		LIB Debug - DLL Windows SSPI|Win32 = LIB Debug - DLL Windows SSPI|Win32
+		LIB Debug - DLL Windows SSPI|x64 = LIB Debug - DLL Windows SSPI|x64
+		LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		LIB Debug - LIB OpenSSL - LIB LibSSH2|x64 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		LIB Debug - LIB OpenSSL|Win32 = LIB Debug - LIB OpenSSL|Win32
+		LIB Debug - LIB OpenSSL|x64 = LIB Debug - LIB OpenSSL|x64
+		LIB Debug|Win32 = LIB Debug|Win32
+		LIB Debug|x64 = LIB Debug|x64
+		LIB Release - DLL OpenSSL - DLL LibSSH2|Win32 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		LIB Release - DLL OpenSSL - DLL LibSSH2|x64 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		LIB Release - DLL OpenSSL|Win32 = LIB Release - DLL OpenSSL|Win32
+		LIB Release - DLL OpenSSL|x64 = LIB Release - DLL OpenSSL|x64
+		LIB Release - DLL Windows SSPI|Win32 = LIB Release - DLL Windows SSPI|Win32
+		LIB Release - DLL Windows SSPI|x64 = LIB Release - DLL Windows SSPI|x64
+		LIB Release - LIB OpenSSL - LIB LibSSH2|Win32 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		LIB Release - LIB OpenSSL - LIB LibSSH2|x64 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		LIB Release - LIB OpenSSL|Win32 = LIB Release - LIB OpenSSL|Win32
+		LIB Release - LIB OpenSSL|x64 = LIB Release - LIB OpenSSL|x64
+		LIB Release|Win32 = LIB Release|Win32
+		LIB Release|x64 = LIB Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|Win32.ActiveCfg = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|Win32.Build.0 = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|x64.ActiveCfg = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|x64.Build.0 = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|Win32.ActiveCfg = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|Win32.Build.0 = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|x64.ActiveCfg = DLL Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|x64.Build.0 = DLL Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|Win32.ActiveCfg = DLL Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|Win32.Build.0 = DLL Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|x64.ActiveCfg = DLL Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|x64.Build.0 = DLL Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|Win32.ActiveCfg = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|Win32.Build.0 = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|x64.ActiveCfg = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|x64.Build.0 = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|Win32.ActiveCfg = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|Win32.Build.0 = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|x64.ActiveCfg = DLL Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|x64.Build.0 = DLL Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|Win32.ActiveCfg = DLL Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|Win32.Build.0 = DLL Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|x64.ActiveCfg = DLL Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|x64.Build.0 = DLL Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|Win32.ActiveCfg = LIB Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|Win32.Build.0 = LIB Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|x64.ActiveCfg = LIB Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|x64.Build.0 = LIB Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|Win32.ActiveCfg = LIB Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|Win32.Build.0 = LIB Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|x64.ActiveCfg = LIB Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|x64.Build.0 = LIB Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|Win32.ActiveCfg = LIB Debug - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|Win32.Build.0 = LIB Debug - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|x64.ActiveCfg = LIB Debug - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|x64.Build.0 = LIB Debug - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|Win32.ActiveCfg = LIB Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|Win32.Build.0 = LIB Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|x64.ActiveCfg = LIB Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|x64.Build.0 = LIB Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|Win32.ActiveCfg = LIB Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|Win32.Build.0 = LIB Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|x64.ActiveCfg = LIB Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|x64.Build.0 = LIB Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|Win32.ActiveCfg = LIB Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|Win32.Build.0 = LIB Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|x64.ActiveCfg = LIB Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|x64.Build.0 = LIB Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|Win32.ActiveCfg = LIB Release - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|Win32.Build.0 = LIB Release - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|x64.ActiveCfg = LIB Release - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|x64.Build.0 = LIB Release - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|Win32.ActiveCfg = LIB Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|Win32.Build.0 = LIB Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|x64.ActiveCfg = LIB Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|x64.Build.0 = LIB Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
--- a/projects/Windows/VC10/lib/libcurl.tmpl
+++ b/projects/Windows/VC10/lib/libcurl.tmpl
--- a/projects/Windows/VC10/src/.gitignore
+++ b/projects/Windows/VC10/src/.gitignore
@@ -0,0 +1,6 @@
+/*.vcxproj
+/*.filters
+/*.user
+/*.ncb
+/*.sdf
+/*.suo
--- a/projects/Windows/VC10/src/curlsrc.sln
+++ b/projects/Windows/VC10/src/curlsrc.sln
@@ -0,0 +1,133 @@
+Microsoft Visual Studio Solution File, Format Version 11.00
+# Visual Studio 2010
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "curlsrc", "curlsrc.vcxproj", "{5228E9CE-A216-422F-A5E6-58E95E2DD71D}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		DLL Debug - DLL OpenSSL - DLL LibSSH2|x64 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		DLL Debug - DLL OpenSSL|Win32 = DLL Debug - DLL OpenSSL|Win32
+		DLL Debug - DLL OpenSSL|x64 = DLL Debug - DLL OpenSSL|x64
+		DLL Debug - DLL Windows SSPI|Win32 = DLL Debug - DLL Windows SSPI|Win32
+		DLL Debug - DLL Windows SSPI|x64 = DLL Debug - DLL Windows SSPI|x64
+		DLL Debug|Win32 = DLL Debug|Win32
+		DLL Debug|x64 = DLL Debug|x64
+		DLL Release - DLL OpenSSL - DLL LibSSH2|Win32 = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		DLL Release - DLL OpenSSL - DLL LibSSH2|x64 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		DLL Release - DLL OpenSSL|Win32 = DLL Release - DLL OpenSSL|Win32
+		DLL Release - DLL OpenSSL|x64 = DLL Release - DLL OpenSSL|x64
+		DLL Release - DLL Windows SSPI|Win32 = DLL Release - DLL Windows SSPI|Win32
+		DLL Release - DLL Windows SSPI|x64 = DLL Release - DLL Windows SSPI|x64
+		DLL Release|Win32 = DLL Release|Win32
+		DLL Release|x64 = DLL Release|x64
+		LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		LIB Debug - DLL OpenSSL - DLL LibSSH2|x64 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		LIB Debug - DLL OpenSSL|Win32 = LIB Debug - DLL OpenSSL|Win32
+		LIB Debug - DLL OpenSSL|x64 = LIB Debug - DLL OpenSSL|x64
+		LIB Debug - DLL Windows SSPI|Win32 = LIB Debug - DLL Windows SSPI|Win32
+		LIB Debug - DLL Windows SSPI|x64 = LIB Debug - DLL Windows SSPI|x64
+		LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		LIB Debug - LIB OpenSSL - LIB LibSSH2|x64 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		LIB Debug - LIB OpenSSL|Win32 = LIB Debug - LIB OpenSSL|Win32
+		LIB Debug - LIB OpenSSL|x64 = LIB Debug - LIB OpenSSL|x64
+		LIB Debug|Win32 = LIB Debug|Win32
+		LIB Debug|x64 = LIB Debug|x64
+		LIB Release - DLL OpenSSL - DLL LibSSH2|Win32 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		LIB Release - DLL OpenSSL - DLL LibSSH2|x64 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		LIB Release - DLL OpenSSL|Win32 = LIB Release - DLL OpenSSL|Win32
+		LIB Release - DLL OpenSSL|x64 = LIB Release - DLL OpenSSL|x64
+		LIB Release - DLL Windows SSPI|Win32 = LIB Release - DLL Windows SSPI|Win32
+		LIB Release - DLL Windows SSPI|x64 = LIB Release - DLL Windows SSPI|x64
+		LIB Release - LIB OpenSSL - LIB LibSSH2|Win32 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		LIB Release - LIB OpenSSL - LIB LibSSH2|x64 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		LIB Release - LIB OpenSSL|Win32 = LIB Release - LIB OpenSSL|Win32
+		LIB Release - LIB OpenSSL|x64 = LIB Release - LIB OpenSSL|x64
+		LIB Release|Win32 = LIB Release|Win32
+		LIB Release|x64 = LIB Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|Win32.ActiveCfg = DLL Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|Win32.Build.0 = DLL Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|x64.ActiveCfg = DLL Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|x64.Build.0 = DLL Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|Win32.ActiveCfg = DLL Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|Win32.Build.0 = DLL Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|x64.ActiveCfg = DLL Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|x64.Build.0 = DLL Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|Win32.ActiveCfg = DLL Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|Win32.Build.0 = DLL Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|x64.ActiveCfg = DLL Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|x64.Build.0 = DLL Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|Win32.ActiveCfg = DLL Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|Win32.Build.0 = DLL Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|x64.ActiveCfg = DLL Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|x64.Build.0 = DLL Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|Win32.ActiveCfg = DLL Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|Win32.Build.0 = DLL Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|x64.ActiveCfg = DLL Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|x64.Build.0 = DLL Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|Win32.ActiveCfg = DLL Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|Win32.Build.0 = DLL Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|x64.ActiveCfg = DLL Release|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|x64.Build.0 = DLL Release|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|Win32.ActiveCfg = LIB Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|Win32.Build.0 = LIB Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|x64.ActiveCfg = LIB Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|x64.Build.0 = LIB Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|Win32.ActiveCfg = LIB Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|Win32.Build.0 = LIB Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|x64.ActiveCfg = LIB Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|x64.Build.0 = LIB Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|Win32.ActiveCfg = LIB Debug - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|Win32.Build.0 = LIB Debug - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|x64.ActiveCfg = LIB Debug - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|x64.Build.0 = LIB Debug - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|Win32.ActiveCfg = LIB Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|Win32.Build.0 = LIB Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|x64.ActiveCfg = LIB Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|x64.Build.0 = LIB Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|Win32.ActiveCfg = LIB Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|Win32.Build.0 = LIB Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|x64.ActiveCfg = LIB Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|x64.Build.0 = LIB Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|Win32.ActiveCfg = LIB Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|Win32.Build.0 = LIB Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|x64.ActiveCfg = LIB Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|x64.Build.0 = LIB Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|Win32.ActiveCfg = LIB Release - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|Win32.Build.0 = LIB Release - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|x64.ActiveCfg = LIB Release - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|x64.Build.0 = LIB Release - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|Win32.ActiveCfg = LIB Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|Win32.Build.0 = LIB Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|x64.ActiveCfg = LIB Release|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|x64.Build.0 = LIB Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
--- a/projects/Windows/VC10/src/curlsrc.tmpl
+++ b/projects/Windows/VC10/src/curlsrc.tmpl
--- a/projects/Windows/VC11/.gitignore
+++ b/projects/Windows/VC11/.gitignore
@@ -0,0 +1,4 @@
+/*.ncb
+/*.opensdf
+/*.sdf
+/*.suo
--- a/projects/Windows/VC11/curl.sln
+++ b/projects/Windows/VC11/curl.sln
@@ -0,0 +1,218 @@
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 2012
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "curlsrc", "src\curlsrc.vcxproj", "{5228E9CE-A216-422F-A5E6-58E95E2DD71D}"
+	ProjectSection(ProjectDependencies) = postProject
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB} = {DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libcurl", "lib\libcurl.vcxproj", "{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		DLL Debug - DLL OpenSSL - DLL LibSSH2|x64 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		DLL Debug - DLL OpenSSL|Win32 = DLL Debug - DLL OpenSSL|Win32
+		DLL Debug - DLL OpenSSL|x64 = DLL Debug - DLL OpenSSL|x64
+		DLL Debug - DLL Windows SSPI|Win32 = DLL Debug - DLL Windows SSPI|Win32
+		DLL Debug - DLL Windows SSPI|x64 = DLL Debug - DLL Windows SSPI|x64
+		DLL Debug|Win32 = DLL Debug|Win32
+		DLL Debug|x64 = DLL Debug|x64
+		DLL Release - DLL OpenSSL - DLL LibSSH2|Win32 = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		DLL Release - DLL OpenSSL - DLL LibSSH2|x64 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		DLL Release - DLL OpenSSL|Win32 = DLL Release - DLL OpenSSL|Win32
+		DLL Release - DLL OpenSSL|x64 = DLL Release - DLL OpenSSL|x64
+		DLL Release - DLL Windows SSPI|Win32 = DLL Release - DLL Windows SSPI|Win32
+		DLL Release - DLL Windows SSPI|x64 = DLL Release - DLL Windows SSPI|x64
+		DLL Release|Win32 = DLL Release|Win32
+		DLL Release|x64 = DLL Release|x64
+		LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		LIB Debug - DLL OpenSSL - DLL LibSSH2|x64 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		LIB Debug - DLL OpenSSL|Win32 = LIB Debug - DLL OpenSSL|Win32
+		LIB Debug - DLL OpenSSL|x64 = LIB Debug - DLL OpenSSL|x64
+		LIB Debug - DLL Windows SSPI|Win32 = LIB Debug - DLL Windows SSPI|Win32
+		LIB Debug - DLL Windows SSPI|x64 = LIB Debug - DLL Windows SSPI|x64
+		LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		LIB Debug - LIB OpenSSL - LIB LibSSH2|x64 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		LIB Debug - LIB OpenSSL|Win32 = LIB Debug - LIB OpenSSL|Win32
+		LIB Debug - LIB OpenSSL|x64 = LIB Debug - LIB OpenSSL|x64
+		LIB Debug|Win32 = LIB Debug|Win32
+		LIB Debug|x64 = LIB Debug|x64
+		LIB Release - DLL OpenSSL - DLL LibSSH2|Win32 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		LIB Release - DLL OpenSSL - DLL LibSSH2|x64 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		LIB Release - DLL OpenSSL|Win32 = LIB Release - DLL OpenSSL|Win32
+		LIB Release - DLL OpenSSL|x64 = LIB Release - DLL OpenSSL|x64
+		LIB Release - DLL Windows SSPI|Win32 = LIB Release - DLL Windows SSPI|Win32
+		LIB Release - DLL Windows SSPI|x64 = LIB Release - DLL Windows SSPI|x64
+		LIB Release - LIB OpenSSL - LIB LibSSH2|Win32 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		LIB Release - LIB OpenSSL - LIB LibSSH2|x64 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		LIB Release - LIB OpenSSL|Win32 = LIB Release - LIB OpenSSL|Win32
+		LIB Release - LIB OpenSSL|x64 = LIB Release - LIB OpenSSL|x64
+		LIB Release|Win32 = LIB Release|Win32
+		LIB Release|x64 = LIB Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|Win32.ActiveCfg = DLL Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|Win32.Build.0 = DLL Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|x64.ActiveCfg = DLL Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL OpenSSL|x64.Build.0 = DLL Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|Win32.ActiveCfg = DLL Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|Win32.Build.0 = DLL Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|x64.ActiveCfg = DLL Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug - DLL Windows SSPI|x64.Build.0 = DLL Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|Win32.ActiveCfg = DLL Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|Win32.Build.0 = DLL Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|x64.ActiveCfg = DLL Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Debug|x64.Build.0 = DLL Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|Win32.ActiveCfg = DLL Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|Win32.Build.0 = DLL Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|x64.ActiveCfg = DLL Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL OpenSSL|x64.Build.0 = DLL Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|Win32.ActiveCfg = DLL Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|Win32.Build.0 = DLL Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|x64.ActiveCfg = DLL Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release - DLL Windows SSPI|x64.Build.0 = DLL Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|Win32.ActiveCfg = DLL Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|Win32.Build.0 = DLL Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|x64.ActiveCfg = DLL Release|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.DLL Release|x64.Build.0 = DLL Release|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|Win32.ActiveCfg = LIB Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|Win32.Build.0 = LIB Debug - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|x64.ActiveCfg = LIB Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL OpenSSL|x64.Build.0 = LIB Debug - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|Win32.ActiveCfg = LIB Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|Win32.Build.0 = LIB Debug - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|x64.ActiveCfg = LIB Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - DLL Windows SSPI|x64.Build.0 = LIB Debug - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|Win32.ActiveCfg = LIB Debug - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|Win32.Build.0 = LIB Debug - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|x64.ActiveCfg = LIB Debug - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug - LIB OpenSSL|x64.Build.0 = LIB Debug - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|Win32.ActiveCfg = LIB Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|Win32.Build.0 = LIB Debug|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|x64.ActiveCfg = LIB Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Debug|x64.Build.0 = LIB Debug|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|Win32.ActiveCfg = LIB Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|Win32.Build.0 = LIB Release - DLL OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|x64.ActiveCfg = LIB Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL OpenSSL|x64.Build.0 = LIB Release - DLL OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|Win32.ActiveCfg = LIB Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|Win32.Build.0 = LIB Release - DLL Windows SSPI|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|x64.ActiveCfg = LIB Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - DLL Windows SSPI|x64.Build.0 = LIB Release - DLL Windows SSPI|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|Win32.ActiveCfg = LIB Release - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|Win32.Build.0 = LIB Release - LIB OpenSSL|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|x64.ActiveCfg = LIB Release - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release - LIB OpenSSL|x64.Build.0 = LIB Release - LIB OpenSSL|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|Win32.ActiveCfg = LIB Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|Win32.Build.0 = LIB Release|Win32
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|x64.ActiveCfg = LIB Release|x64
+		{5228E9CE-A216-422F-A5E6-58E95E2DD71D}.LIB Release|x64.Build.0 = LIB Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|Win32.ActiveCfg = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|Win32.Build.0 = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|x64.ActiveCfg = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|x64.Build.0 = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|Win32.ActiveCfg = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|Win32.Build.0 = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|x64.ActiveCfg = DLL Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|x64.Build.0 = DLL Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|Win32.ActiveCfg = DLL Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|Win32.Build.0 = DLL Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|x64.ActiveCfg = DLL Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|x64.Build.0 = DLL Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|Win32.ActiveCfg = DLL Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|Win32.Build.0 = DLL Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|x64.ActiveCfg = DLL Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|x64.Build.0 = DLL Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|Win32.ActiveCfg = DLL Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|Win32.Build.0 = DLL Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|x64.ActiveCfg = DLL Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|x64.Build.0 = DLL Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|Win32.ActiveCfg = DLL Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|Win32.Build.0 = DLL Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|x64.ActiveCfg = DLL Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|x64.Build.0 = DLL Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|Win32.ActiveCfg = LIB Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|Win32.Build.0 = LIB Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|x64.ActiveCfg = LIB Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|x64.Build.0 = LIB Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|Win32.ActiveCfg = LIB Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|Win32.Build.0 = LIB Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|x64.ActiveCfg = LIB Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|x64.Build.0 = LIB Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|Win32.ActiveCfg = LIB Debug - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|Win32.Build.0 = LIB Debug - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|x64.ActiveCfg = LIB Debug - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|x64.Build.0 = LIB Debug - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|Win32.ActiveCfg = LIB Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|Win32.Build.0 = LIB Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|x64.ActiveCfg = LIB Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|x64.Build.0 = LIB Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|Win32.ActiveCfg = LIB Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|Win32.Build.0 = LIB Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|x64.ActiveCfg = LIB Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|x64.Build.0 = LIB Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|Win32.ActiveCfg = LIB Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|Win32.Build.0 = LIB Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|x64.ActiveCfg = LIB Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|x64.Build.0 = LIB Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|Win32.ActiveCfg = LIB Release - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|Win32.Build.0 = LIB Release - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|x64.ActiveCfg = LIB Release - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|x64.Build.0 = LIB Release - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|Win32.ActiveCfg = LIB Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|Win32.Build.0 = LIB Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|x64.ActiveCfg = LIB Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|x64.Build.0 = LIB Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
--- a/projects/Windows/VC11/lib/.gitignore
+++ b/projects/Windows/VC11/lib/.gitignore
@@ -0,0 +1,6 @@
+/*.vcxproj
+/*.filters
+/*.user
+/*.ncb
+/*.sdf
+/*.suo
--- a/projects/Windows/VC11/lib/libcurl.sln
+++ b/projects/Windows/VC11/lib/libcurl.sln
@@ -0,0 +1,133 @@
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 2012
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libcurl", "libcurl.vcxproj", "{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		DLL Debug - DLL OpenSSL - DLL LibSSH2|x64 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		DLL Debug - DLL OpenSSL|Win32 = DLL Debug - DLL OpenSSL|Win32
+		DLL Debug - DLL OpenSSL|x64 = DLL Debug - DLL OpenSSL|x64
+		DLL Debug - DLL Windows SSPI|Win32 = DLL Debug - DLL Windows SSPI|Win32
+		DLL Debug - DLL Windows SSPI|x64 = DLL Debug - DLL Windows SSPI|x64
+		DLL Debug|Win32 = DLL Debug|Win32
+		DLL Debug|x64 = DLL Debug|x64
+		DLL Release - DLL OpenSSL - DLL LibSSH2|Win32 = DLL Release - DLL OpenSSL - DLL LibSSH2|Win32
+		DLL Release - DLL OpenSSL - DLL LibSSH2|x64 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		DLL Release - DLL OpenSSL|Win32 = DLL Release - DLL OpenSSL|Win32
+		DLL Release - DLL OpenSSL|x64 = DLL Release - DLL OpenSSL|x64
+		DLL Release - DLL Windows SSPI|Win32 = DLL Release - DLL Windows SSPI|Win32
+		DLL Release - DLL Windows SSPI|x64 = DLL Release - DLL Windows SSPI|x64
+		DLL Release|Win32 = DLL Release|Win32
+		DLL Release|x64 = DLL Release|x64
+		LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		LIB Debug - DLL OpenSSL - DLL LibSSH2|x64 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		LIB Debug - DLL OpenSSL|Win32 = LIB Debug - DLL OpenSSL|Win32
+		LIB Debug - DLL OpenSSL|x64 = LIB Debug - DLL OpenSSL|x64
+		LIB Debug - DLL Windows SSPI|Win32 = LIB Debug - DLL Windows SSPI|Win32
+		LIB Debug - DLL Windows SSPI|x64 = LIB Debug - DLL Windows SSPI|x64
+		LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		LIB Debug - LIB OpenSSL - LIB LibSSH2|x64 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		LIB Debug - LIB OpenSSL|Win32 = LIB Debug - LIB OpenSSL|Win32
+		LIB Debug - LIB OpenSSL|x64 = LIB Debug - LIB OpenSSL|x64
+		LIB Debug|Win32 = LIB Debug|Win32
+		LIB Debug|x64 = LIB Debug|x64
+		LIB Release - DLL OpenSSL - DLL LibSSH2|Win32 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		LIB Release - DLL OpenSSL - DLL LibSSH2|x64 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		LIB Release - DLL OpenSSL|Win32 = LIB Release - DLL OpenSSL|Win32
+		LIB Release - DLL OpenSSL|x64 = LIB Release - DLL OpenSSL|x64
+		LIB Release - DLL Windows SSPI|Win32 = LIB Release - DLL Windows SSPI|Win32
+		LIB Release - DLL Windows SSPI|x64 = LIB Release - DLL Windows SSPI|x64
+		LIB Release - LIB OpenSSL - LIB LibSSH2|Win32 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		LIB Release - LIB OpenSSL - LIB LibSSH2|x64 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		LIB Release - LIB OpenSSL|Win32 = LIB Release - LIB OpenSSL|Win32
+		LIB Release - LIB OpenSSL|x64 = LIB Release - LIB OpenSSL|x64
+		LIB Release|Win32 = LIB Release|Win32
+		LIB Release|x64 = LIB Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|Win32.ActiveCfg = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|Win32.Build.0 = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|x64.ActiveCfg = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL OpenSSL|x64.Build.0 = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|Win32.ActiveCfg = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|Win32.Build.0 = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|x64.ActiveCfg = DLL Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug - DLL Windows SSPI|x64.Build.0 = DLL Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|Win32.ActiveCfg = DLL Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|Win32.Build.0 = DLL Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|x64.ActiveCfg = DLL Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Debug|x64.Build.0 = DLL Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = DLL Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = DLL Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|Win32.ActiveCfg = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|Win32.Build.0 = DLL Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|x64.ActiveCfg = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL OpenSSL|x64.Build.0 = DLL Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|Win32.ActiveCfg = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|Win32.Build.0 = DLL Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|x64.ActiveCfg = DLL Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release - DLL Windows SSPI|x64.Build.0 = DLL Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|Win32.ActiveCfg = DLL Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|Win32.Build.0 = DLL Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|x64.ActiveCfg = DLL Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.DLL Release|x64.Build.0 = DLL Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Debug - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|Win32.ActiveCfg = LIB Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|Win32.Build.0 = LIB Debug - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|x64.ActiveCfg = LIB Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL OpenSSL|x64.Build.0 = LIB Debug - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|Win32.ActiveCfg = LIB Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|Win32.Build.0 = LIB Debug - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|x64.ActiveCfg = LIB Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - DLL Windows SSPI|x64.Build.0 = LIB Debug - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Debug - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|Win32.ActiveCfg = LIB Debug - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|Win32.Build.0 = LIB Debug - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|x64.ActiveCfg = LIB Debug - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug - LIB OpenSSL|x64.Build.0 = LIB Debug - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|Win32.ActiveCfg = LIB Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|Win32.Build.0 = LIB Debug|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|x64.ActiveCfg = LIB Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Debug|x64.Build.0 = LIB Debug|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|Win32.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.ActiveCfg = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL - DLL LibSSH2|x64.Build.0 = LIB Release - DLL OpenSSL - DLL LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|Win32.ActiveCfg = LIB Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|Win32.Build.0 = LIB Release - DLL OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|x64.ActiveCfg = LIB Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL OpenSSL|x64.Build.0 = LIB Release - DLL OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|Win32.ActiveCfg = LIB Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|Win32.Build.0 = LIB Release - DLL Windows SSPI|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|x64.ActiveCfg = LIB Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - DLL Windows SSPI|x64.Build.0 = LIB Release - DLL Windows SSPI|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|Win32.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.ActiveCfg = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL - LIB LibSSH2|x64.Build.0 = LIB Release - LIB OpenSSL - LIB LibSSH2|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|Win32.ActiveCfg = LIB Release - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|Win32.Build.0 = LIB Release - LIB OpenSSL|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|x64.ActiveCfg = LIB Release - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release - LIB OpenSSL|x64.Build.0 = LIB Release - LIB OpenSSL|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|Win32.ActiveCfg = LIB Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|Win32.Build.0 = LIB Release|Win32
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|x64.ActiveCfg = LIB Release|x64
+		{DA6F56B4-06A4-441D-AD70-AC5A7D51FADB}.LIB Release|x64.Build.0 = LIB Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
--- a/projects/Windows/VC11/lib/libcurl.tmpl
+++ b/projects/Windows/VC11/lib/libcurl.tmpl
--- a/Show More
+++ b/Show More