RELEASE-NOTES: 7.39.0 release (commit b387560692)

curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds
When duplicating a handle, the data to post was duplicated using strdup() when it could be binary and contain zeroes and it was not even zero terminated! This caused read out of bounds crashes/segfaults. Since the lib/strdup.c file no longer is easily shared with the curl tool with this change, it now uses its own version instead. Bug: http://curl.haxx.se/docs/adv_20141105.html CVE: CVE-2014-3707 Reported-By: Symeon Paraschoudis
2014-11-05 08:23:00 +01:00 · 2014-11-05 08:05:14 +01:00 · 2014-11-05 08:05:14 +01:00 · 2014-11-04 23:02:09 +01:00 · 2014-11-04 19:53:44 +01:00 · 2014-11-04 14:07:55 +00:00
306 changed files with 13076 additions and 4087 deletions
--- a/CMake/CurlCheckCSourceCompiles.cmake
+++ b/CMake/CurlCheckCSourceCompiles.cmake
@@ -1,71 +0,0 @@
-# - Check if the source code provided in the SOURCE argument compiles.
-# CURL_CHECK_C_SOURCE_COMPILES(SOURCE VAR)
-# - macro which checks if the source code compiles
-#  SOURCE   - source code to try to compile
-#  VAR      - variable to store whether the source code compiled
-#
-# The following variables may be set before calling this macro to
-# modify the way the check is run:
-#
-#  CMAKE_REQUIRED_FLAGS = string of compile command line flags
-#  CMAKE_REQUIRED_DEFINITIONS = list of macros to define (-DFOO=bar)
-#  CMAKE_REQUIRED_INCLUDES = list of include directories
-#  CMAKE_REQUIRED_LIBRARIES = list of libraries to link
-
-macro(CURL_CHECK_C_SOURCE_COMPILES SOURCE VAR)
-  if("${VAR}" MATCHES "^${VAR}$" OR "${VAR}" MATCHES "UNKNOWN")
-    set(message "${VAR}")
-    # If the number of arguments is greater than 2 (SOURCE VAR)
-    if(${ARGC} GREATER 2)
-      # then add the third argument as a message
-      set(message "${ARGV2} (${VAR})")
-    endif()
-    set(MACRO_CHECK_FUNCTION_DEFINITIONS
-      "-D${VAR} ${CMAKE_REQUIRED_FLAGS}")
-    if(CMAKE_REQUIRED_LIBRARIES)
-      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_LIBRARIES
-        "-DLINK_LIBRARIES:STRING=${CMAKE_REQUIRED_LIBRARIES}")
-    endif()
-    if(CMAKE_REQUIRED_INCLUDES)
-      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_INCLUDES
-        "-DINCLUDE_DIRECTORIES:STRING=${CMAKE_REQUIRED_INCLUDES}")
-    endif()
-    set(src "")
-    foreach(def ${EXTRA_DEFINES})
-      set(src "${src}#define ${def} 1\n")
-    endforeach(def)
-    foreach(inc ${HEADER_INCLUDES})
-      set(src "${src}#include <${inc}>\n")
-    endforeach(inc)
-
-    set(src "${src}\nint main() { ${SOURCE} ; return 0; }")
-    set(CMAKE_CONFIGURABLE_FILE_CONTENT "${src}")
-    configure_file(${CMAKE_CURRENT_SOURCE_DIR}/CMake/CMakeConfigurableFile.in
-      "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/src.c"
-      IMMEDIATE)
-    message(STATUS "Performing Test ${message}")
-    try_compile(${VAR}
-      ${CMAKE_BINARY_DIR}
-      ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/src.c
-      COMPILE_DEFINITIONS ${CMAKE_REQUIRED_DEFINITIONS}
-      CMAKE_FLAGS -DCOMPILE_DEFINITIONS:STRING=${MACRO_CHECK_FUNCTION_DEFINITIONS}
-      "${CURL_CHECK_C_SOURCE_COMPILES_ADD_LIBRARIES}"
-      "${CURL_CHECK_C_SOURCE_COMPILES_ADD_INCLUDES}"
-      OUTPUT_VARIABLE OUTPUT)
-    if(${VAR})
-      set(${VAR} 1 CACHE INTERNAL "Test ${message}")
-      message(STATUS "Performing Test ${message} - Success")
-      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeOutput.log
-        "Performing C SOURCE FILE Test ${message} succeded with the following output:\n"
-        "${OUTPUT}\n"
-        "Source file was:\n${src}\n")
-    else()
-      message(STATUS "Performing Test ${message} - Failed")
-      set(${VAR} "" CACHE INTERNAL "Test ${message}")
-      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log
-        "Performing C SOURCE FILE Test ${message} failed with the following output:\n"
-        "${OUTPUT}\n"
-        "Source file was:\n${src}\n")
-    endif()
-  endif()
-endmacro()
--- a/CMake/CurlCheckCSourceRuns.cmake
+++ b/CMake/CurlCheckCSourceRuns.cmake
@@ -1,83 +0,0 @@
-# - Check if the source code provided in the SOURCE argument compiles and runs.
-# CURL_CHECK_C_SOURCE_RUNS(SOURCE VAR)
-# - macro which checks if the source code runs
-#  SOURCE   - source code to try to compile
-#  VAR - variable to store size if the type exists.
-#
-# The following variables may be set before calling this macro to
-# modify the way the check is run:
-#
-#  CMAKE_REQUIRED_FLAGS = string of compile command line flags
-#  CMAKE_REQUIRED_DEFINITIONS = list of macros to define (-DFOO=bar)
-#  CMAKE_REQUIRED_INCLUDES = list of include directories
-#  CMAKE_REQUIRED_LIBRARIES = list of libraries to link
-
-macro(CURL_CHECK_C_SOURCE_RUNS SOURCE VAR)
-  if("${VAR}" MATCHES "^${VAR}$" OR "${VAR}" MATCHES "UNKNOWN")
-    set(message "${VAR}")
-    # If the number of arguments is greater than 2 (SOURCE VAR)
-    if(${ARGC} GREATER 2)
-      # then add the third argument as a message
-      set(message "${ARGV2} (${VAR})")
-    endif(${ARGC} GREATER 2)
-    set(MACRO_CHECK_FUNCTION_DEFINITIONS
-      "-D${VAR} ${CMAKE_REQUIRED_FLAGS}")
-    if(CMAKE_REQUIRED_LIBRARIES)
-      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_LIBRARIES
-        "-DLINK_LIBRARIES:STRING=${CMAKE_REQUIRED_LIBRARIES}")
-    else(CMAKE_REQUIRED_LIBRARIES)
-      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_LIBRARIES)
-    endif(CMAKE_REQUIRED_LIBRARIES)
-    if(CMAKE_REQUIRED_INCLUDES)
-      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_INCLUDES
-        "-DINCLUDE_DIRECTORIES:STRING=${CMAKE_REQUIRED_INCLUDES}")
-    else(CMAKE_REQUIRED_INCLUDES)
-      set(CURL_CHECK_C_SOURCE_COMPILES_ADD_INCLUDES)
-    endif(CMAKE_REQUIRED_INCLUDES)
-    set(src "")
-    foreach(def ${EXTRA_DEFINES})
-      set(src "${src}#define ${def} 1\n")
-    endforeach(def)
-    foreach(inc ${HEADER_INCLUDES})
-      set(src "${src}#include <${inc}>\n")
-    endforeach(inc)
-
-    set(src "${src}\nint main() { ${SOURCE} ; return 0; }")
-    set(CMAKE_CONFIGURABLE_FILE_CONTENT "${src}")
-    configure_file(${CMAKE_CURRENT_SOURCE_DIR}/CMake/CMakeConfigurableFile.in
-      "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/src.c"
-      IMMEDIATE)
-    message(STATUS "Performing Test ${message}")
-    try_run(${VAR} ${VAR}_COMPILED
-      ${CMAKE_BINARY_DIR}
-      ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/src.c
-      COMPILE_DEFINITIONS ${CMAKE_REQUIRED_DEFINITIONS}
-      CMAKE_FLAGS -DCOMPILE_DEFINITIONS:STRING=${MACRO_CHECK_FUNCTION_DEFINITIONS}
-      "${CURL_CHECK_C_SOURCE_COMPILES_ADD_LIBRARIES}"
-      "${CURL_CHECK_C_SOURCE_COMPILES_ADD_INCLUDES}"
-      OUTPUT_VARIABLE OUTPUT)
-    # if it did not compile make the return value fail code of 1
-    if(NOT ${VAR}_COMPILED)
-      set(${VAR} 1)
-    endif(NOT ${VAR}_COMPILED)
-    # if the return value was 0 then it worked
-    set(result_var ${${VAR}})
-    if("${result_var}" EQUAL 0)
-      set(${VAR} 1 CACHE INTERNAL "Test ${message}")
-      message(STATUS "Performing Test ${message} - Success")
-      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeOutput.log
-        "Performing C SOURCE FILE Test ${message} succeded with the following output:\n"
-        "${OUTPUT}\n"
-        "Return value: ${${VAR}}\n"
-        "Source file was:\n${src}\n")
-    else("${result_var}" EQUAL 0)
-      message(STATUS "Performing Test ${message} - Failed")
-      set(${VAR} "" CACHE INTERNAL "Test ${message}")
-      file(APPEND ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log
-        "Performing C SOURCE FILE Test ${message} failed with the following output:\n"
-        "${OUTPUT}\n"
-        "Return value: ${result_var}\n"
-        "Source file was:\n${src}\n")
-    endif("${result_var}" EQUAL 0)
-  endif("${VAR}" MATCHES "^${VAR}$" OR "${VAR}" MATCHES "UNKNOWN")
-endmacro(CURL_CHECK_C_SOURCE_RUNS)
--- a/CMake/CurlTests.c
+++ b/CMake/CurlTests.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -71,264 +71,88 @@ main ()
 }
 #endif

-#ifdef HAVE_GETHOSTBYADDR_R_5
+/* tests for gethostbyaddr_r or gethostbyname_r */
+#if defined(HAVE_GETHOSTBYADDR_R_5_REENTRANT) || \
+    defined(HAVE_GETHOSTBYADDR_R_7_REENTRANT) || \
+    defined(HAVE_GETHOSTBYADDR_R_8_REENTRANT) || \
+    defined(HAVE_GETHOSTBYNAME_R_3_REENTRANT) || \
+    defined(HAVE_GETHOSTBYNAME_R_5_REENTRANT) || \
+    defined(HAVE_GETHOSTBYNAME_R_6_REENTRANT)
+#   define _REENTRANT
+    /* no idea whether _REENTRANT is always set, just invent a new flag */
+#   define TEST_GETHOSTBYFOO_REENTRANT
+#endif
+#if defined(HAVE_GETHOSTBYADDR_R_5) || \
+    defined(HAVE_GETHOSTBYADDR_R_7) || \
+    defined(HAVE_GETHOSTBYADDR_R_8) || \
+    defined(HAVE_GETHOSTBYNAME_R_3) || \
+    defined(HAVE_GETHOSTBYNAME_R_5) || \
+    defined(HAVE_GETHOSTBYNAME_R_6) || \
+    defined(TEST_GETHOSTBYFOO_REENTRANT)
 #include <sys/types.h>
 #include <netdb.h>
-int
-main ()
+int main(void)
 {
-
-char * address;
-int length;
-int type;
-struct hostent h;
-struct hostent_data hdata;
-int rc;
-#ifndef gethostbyaddr_r
-  (void)gethostbyaddr_r;
+  char *address = "example.com";
+  int length = 0;
+  int type = 0;
+  struct hostent h;
+  int rc = 0;
+#if defined(HAVE_GETHOSTBYADDR_R_5) || \
+    defined(HAVE_GETHOSTBYADDR_R_5_REENTRANT) || \
+    \
+    defined(HAVE_GETHOSTBYNAME_R_3) || \
+    defined(HAVE_GETHOSTBYNAME_R_3_REENTRANT)
+  struct hostent_data hdata;
+#elif defined(HAVE_GETHOSTBYADDR_R_7) || \
+      defined(HAVE_GETHOSTBYADDR_R_7_REENTRANT) || \
+      defined(HAVE_GETHOSTBYADDR_R_8) || \
+      defined(HAVE_GETHOSTBYADDR_R_8_REENTRANT) || \
+      \
+      defined(HAVE_GETHOSTBYNAME_R_5) || \
+      defined(HAVE_GETHOSTBYNAME_R_5_REENTRANT) || \
+      defined(HAVE_GETHOSTBYNAME_R_6) || \
+      defined(HAVE_GETHOSTBYNAME_R_6_REENTRANT)
+  char buffer[8192];
+  int h_errnop;
+  struct hostent *hp;
 #endif
-rc = gethostbyaddr_r(address, length, type, &h, &hdata);
-  ;
-  return 0;
-}
-#endif
-#ifdef HAVE_GETHOSTBYADDR_R_5_REENTRANT
-#define _REENTRANT
-#include <sys/types.h>
-#include <netdb.h>
-int
-main ()
-{
-
-char * address;
-int length;q
-int type;
-struct hostent h;
-struct hostent_data hdata;
-int rc;
-#ifndef gethostbyaddr_r
-  (void)gethostbyaddr_r;
-#endif
-rc = gethostbyaddr_r(address, length, type, &h, &hdata);
-  ;
-  return 0;
-}
-#endif
-#ifdef HAVE_GETHOSTBYADDR_R_7
-#include <sys/types.h>
-#include <netdb.h>
-int
-main ()
-{
-
-char * address;
-int length;
-int type;
-struct hostent h;
-char buffer[8192];
-int h_errnop;
-struct hostent * hp;

 #ifndef gethostbyaddr_r
  (void)gethostbyaddr_r;
 #endif
-hp = gethostbyaddr_r(address, length, type, &h,
-                     buffer, 8192, &h_errnop);
-  ;
+
+#if   defined(HAVE_GETHOSTBYADDR_R_5) || \
+      defined(HAVE_GETHOSTBYADDR_R_5_REENTRANT)
+  rc = gethostbyaddr_r(address, length, type, &h, &hdata);
+#elif defined(HAVE_GETHOSTBYADDR_R_7) || \
+      defined(HAVE_GETHOSTBYADDR_R_7_REENTRANT)
+  hp = gethostbyaddr_r(address, length, type, &h, buffer, 8192, &h_errnop);
+  (void)hp;
+#elif defined(HAVE_GETHOSTBYADDR_R_8) || \
+      defined(HAVE_GETHOSTBYADDR_R_8_REENTRANT)
+  rc = gethostbyaddr_r(address, length, type, &h, buffer, 8192, &hp, &h_errnop);
+#endif
+
+#if   defined(HAVE_GETHOSTBYNAME_R_3) || \
+      defined(HAVE_GETHOSTBYNAME_R_3_REENTRANT)
+  rc = gethostbyname_r(address, &h, &hdata);
+#elif defined(HAVE_GETHOSTBYNAME_R_5) || \
+      defined(HAVE_GETHOSTBYNAME_R_5_REENTRANT)
+  rc = gethostbyname_r(address, &h, buffer, 8192, 0, &h_errnop);
+  (void)hp; /* not used for test */
+#elif defined(HAVE_GETHOSTBYNAME_R_6) || \
+      defined(HAVE_GETHOSTBYNAME_R_6_REENTRANT)
+  rc = gethostbyname_r(address, &h, buffer, 8192, &hp, &h_errnop);
+#endif
+
+  (void)length;
+  (void)type;
+  (void)rc;
  return 0;
 }
 #endif
-#ifdef HAVE_GETHOSTBYADDR_R_7_REENTRANT
-#define _REENTRANT
-#include <sys/types.h>
-#include <netdb.h>
-int
-main ()
-{

-char * address;
-int length;
-int type;
-struct hostent h;
-char buffer[8192];
-int h_errnop;
-struct hostent * hp;
-
-#ifndef gethostbyaddr_r
-  (void)gethostbyaddr_r;
-#endif
-hp = gethostbyaddr_r(address, length, type, &h,
-                     buffer, 8192, &h_errnop);
-  ;
-  return 0;
-}
-#endif
-#ifdef HAVE_GETHOSTBYADDR_R_8
-#include <sys/types.h>
-#include <netdb.h>
-int
-main ()
-{
-
-char * address;
-int length;
-int type;
-struct hostent h;
-char buffer[8192];
-int h_errnop;
-struct hostent * hp;
-int rc;
-
-#ifndef gethostbyaddr_r
-  (void)gethostbyaddr_r;
-#endif
-rc = gethostbyaddr_r(address, length, type, &h,
-                     buffer, 8192, &hp, &h_errnop);
-  ;
-  return 0;
-}
-#endif
-#ifdef HAVE_GETHOSTBYADDR_R_8_REENTRANT
-#define _REENTRANT
-#include <sys/types.h>
-#include <netdb.h>
-int
-main ()
-{
-
-char * address;
-int length;
-int type;
-struct hostent h;
-char buffer[8192];
-int h_errnop;
-struct hostent * hp;
-int rc;
-
-#ifndef gethostbyaddr_r
-  (void)gethostbyaddr_r;
-#endif
-rc = gethostbyaddr_r(address, length, type, &h,
-                     buffer, 8192, &hp, &h_errnop);
-  ;
-  return 0;
-}
-#endif
-#ifdef HAVE_GETHOSTBYNAME_R_3
-#include <string.h>
-#include <sys/types.h>
-#include <netdb.h>
-#undef NULL
-#define NULL (void *)0
-
-int
-main ()
-{
-
-struct hostent_data data;
-#ifndef gethostbyname_r
-  (void)gethostbyname_r;
-#endif
-gethostbyname_r(NULL, NULL, NULL);
-  ;
-  return 0;
-}
-#endif
-#ifdef HAVE_GETHOSTBYNAME_R_3_REENTRANT
-#define _REENTRANT
-#include <string.h>
-#include <sys/types.h>
-#include <netdb.h>
-#undef NULL
-#define NULL (void *)0
-
-int
-main ()
-{
-
-struct hostent_data data;
-#ifndef gethostbyname_r
-  (void)gethostbyname_r;
-#endif
-gethostbyname_r(NULL, NULL, NULL);
-  ;
-  return 0;
-}
-#endif
-#ifdef HAVE_GETHOSTBYNAME_R_5
-#include <sys/types.h>
-#include <netinet/in.h>
-#include <netdb.h>
-#undef NULL
-#define NULL (void *)0
-
-int
-main ()
-{
-#ifndef gethostbyname_r
-  (void)gethostbyname_r;
-#endif
-gethostbyname_r(NULL, NULL, NULL, 0, NULL);
-  ;
-  return 0;
-}
-#endif
-#ifdef HAVE_GETHOSTBYNAME_R_5_REENTRANT
-#define _REENTRANT
-#include <sys/types.h>
-#include <netdb.h>
-#undef NULL
-#define NULL (void *)0
-
-int
-main ()
-{
-
-#ifndef gethostbyname_r
-  (void)gethostbyname_r;
-#endif
-gethostbyname_r(NULL, NULL, NULL, 0, NULL);
-  ;
-  return 0;
-}
-#endif
-#ifdef HAVE_GETHOSTBYNAME_R_6
-#include <sys/types.h>
-#include <netdb.h>
-#undef NULL
-#define NULL (void *)0
-
-int
-main ()
-{
-
-#ifndef gethostbyname_r
-  (void)gethostbyname_r;
-#endif
-gethostbyname_r(NULL, NULL, NULL, 0, NULL, NULL);
-  ;
-  return 0;
-}
-#endif
-#ifdef HAVE_GETHOSTBYNAME_R_6_REENTRANT
-#define _REENTRANT
-#include <sys/types.h>
-#include <netdb.h>
-#undef NULL
-#define NULL (void *)0
-
-int
-main ()
-{
-
-#ifndef gethostbyname_r
-  (void)gethostbyname_r;
-#endif
-gethostbyname_r(NULL, NULL, NULL, 0, NULL, NULL);
-  ;
-  return 0;
-}
-#endif
 #ifdef HAVE_SOCKLEN_T
 #ifdef _WIN32
 #include <ws2tcpip.h>
--- a/CMake/FindGSS.cmake
+++ b/CMake/FindGSS.cmake
@@ -0,0 +1,289 @@
+# - Try to find the GSS Kerberos library
+# Once done this will define
+#
+#  GSS_ROOT_DIR - Set this variable to the root installation of GSS
+#
+# Read-Only variables:
+#  GSS_FOUND - system has the Heimdal library
+#  GSS_FLAVOUR - "MIT" or "Heimdal" if anything found.
+#  GSS_INCLUDE_DIR - the Heimdal include directory
+#  GSS_LIBRARIES - The libraries needed to use GSS
+#  GSS_LINK_DIRECTORIES - Directories to add to linker search path
+#  GSS_LINKER_FLAGS - Additional linker flags
+#  GSS_COMPILER_FLAGS - Additional compiler flags
+#  GSS_VERSION - This is set to version advertised by pkg-config or read from manifest.
+#                In case the library is found but no version info availabe it'll be set to "unknown"
+
+set(_MIT_MODNAME mit-krb5-gssapi)
+set(_HEIMDAL_MODNAME heimdal-gssapi)
+
+include(CheckIncludeFile)
+include(CheckIncludeFiles)
+include(CheckTypeSize)
+
+set(_GSS_ROOT_HINTS
+    "${GSS_ROOT_DIR}"
+    "$ENV{GSS_ROOT_DIR}"
+)
+
+# try to find library using system pkg-config if user didn't specify root dir
+if(NOT GSS_ROOT_DIR AND NOT "$ENV{GSS_ROOT_DIR}")
+    if(UNIX)
+        find_package(PkgConfig QUIET)
+        pkg_search_module(_GSS_PKG ${_MIT_MODNAME} ${_HEIMDAL_MODNAME})
+        list(APPEND _GSS_ROOT_HINTS "${_GSS_PKG_PREFIX}")
+    elseif(WIN32)
+        list(APPEND _GSS_ROOT_HINTS "[HKEY_LOCAL_MACHINE\\SOFTWARE\\MIT\\Kerberos;InstallDir]")
+    endif()
+endif()
+
+if(NOT _GSS_FOUND) #not found by pkg-config. Let's take more traditional approach.
+    find_file(_GSS_CONFIGURE_SCRIPT
+        NAMES
+            "krb5-config"
+        HINTS
+            ${_GSS_ROOT_HINTS}
+        PATH_SUFFIXES
+            bin
+        NO_CMAKE_PATH
+        NO_CMAKE_ENVIRONMENT_PATH
+    )
+
+    # if not found in user-supplied directories, maybe system knows better
+    find_file(_GSS_CONFIGURE_SCRIPT
+        NAMES
+            "krb5-config"
+        PATH_SUFFIXES
+            bin
+    )
+
+    if(_GSS_CONFIGURE_SCRIPT)
+        execute_process(
+            COMMAND ${_GSS_CONFIGURE_SCRIPT} "--cflags" "gssapi"
+            OUTPUT_VARIABLE _GSS_CFLAGS
+            RESULT_VARIABLE _GSS_CONFIGURE_FAILED
+        )
+message(STATUS "CFLAGS: ${_GSS_CFLAGS}")
+        if(NOT _GSS_CONFIGURE_FAILED) # 0 means success
+            # should also work in an odd case when multiple directories are given
+            string(STRIP "${_GSS_CFLAGS}" _GSS_CFLAGS)
+            string(REGEX REPLACE " +-I" ";" _GSS_CFLAGS "${_GSS_CFLAGS}")
+            string(REGEX REPLACE " +-([^I][^ \\t;]*)" ";-\\1"_GSS_CFLAGS "${_GSS_CFLAGS}")
+
+            foreach(_flag ${_GSS_CFLAGS})
+                if(_flag MATCHES "^-I.*")
+                    string(REGEX REPLACE "^-I" "" _val "${_flag}")
+                    list(APPEND _GSS_INCLUDE_DIR "${_val}")
+                else()
+                    list(APPEND _GSS_COMPILER_FLAGS "${_flag}")
+                endif()
+            endforeach()
+        endif()
+
+        execute_process(
+            COMMAND ${_GSS_CONFIGURE_SCRIPT} "--libs" "gssapi"
+            OUTPUT_VARIABLE _GSS_LIB_FLAGS
+            RESULT_VARIABLE _GSS_CONFIGURE_FAILED
+        )
+message(STATUS "LDFLAGS: ${_GSS_LIB_FLAGS}")
+        if(NOT _GSS_CONFIGURE_FAILED) # 0 means success
+            # this script gives us libraries and link directories. Blah. We have to deal with it.
+            string(STRIP "${_GSS_LIB_FLAGS}" _GSS_LIB_FLAGS)
+            string(REGEX REPLACE " +-(L|l)" ";-\\1" _GSS_LIB_FLAGS "${_GSS_LIB_FLAGS}")
+            string(REGEX REPLACE " +-([^Ll][^ \\t;]*)" ";-\\1"_GSS_LIB_FLAGS "${_GSS_LIB_FLAGS}")
+
+            foreach(_flag ${_GSS_LIB_FLAGS})
+                if(_flag MATCHES "^-l.*")
+                    string(REGEX REPLACE "^-l" "" _val "${_flag}")
+                    list(APPEND _GSS_LIBRARIES "${_val}")
+                elseif(_flag MATCHES "^-L.*")
+                    string(REGEX REPLACE "^-L" "" _val "${_flag}")
+                    list(APPEND _GSS_LINK_DIRECTORIES "${_val}")
+                else()
+                    list(APPEND _GSS_LINKER_FLAGS "${_flag}")
+                endif()
+            endforeach()
+        endif()
+
+
+        execute_process(
+            COMMAND ${_GSS_CONFIGURE_SCRIPT} "--version"
+            OUTPUT_VARIABLE _GSS_VERSION
+            RESULT_VARIABLE _GSS_CONFIGURE_FAILED
+        )
+
+        # older versions may not have the "--version" parameter. In this case we just don't care.
+        if(_GSS_CONFIGURE_FAILED)
+            set(_GSS_VERSION 0)
+        endif()
+
+
+        execute_process(
+            COMMAND ${_GSS_CONFIGURE_SCRIPT} "--vendor"
+            OUTPUT_VARIABLE _GSS_VENDOR
+            RESULT_VARIABLE _GSS_CONFIGURE_FAILED
+        )
+
+        # older versions may not have the "--vendor" parameter. In this case we just don't care.
+        if(_GSS_CONFIGURE_FAILED)
+            set(GSS_FLAVOUR "Heimdal") # most probably, shouldn't really matter
+        else()
+            if(_GSS_VENDOR MATCHES ".*H|heimdal.*")
+                set(GSS_FLAVOUR "Heimdal")
+            else()
+                set(GSS_FLAVOUR "MIT")
+            endif()
+        endif()
+
+    else() # either there is no config script or we are on platform that doesn't provide one (Windows?)
+
+        find_path(_GSS_INCLUDE_DIR
+            NAMES
+                "gssapi/gssapi.h"
+            HINTS
+                ${_GSS_ROOT_HINTS}
+            PATH_SUFFIXES
+                include
+                inc
+        )
+
+        if(_GSS_INCLUDE_DIR) #jay, we've found something
+            set(CMAKE_REQUIRED_INCLUDES "${_GSS_INCLUDE_DIR}")
+            check_include_files( "gssapi/gssapi_generic.h;gssapi/gssapi_krb5.h" _GSS_HAVE_MIT_HEADERS)
+
+            if(_GSS_HAVE_MIT_HEADERS)
+                set(GSS_FLAVOUR "MIT")
+            else()
+                # prevent compiling the header - just check if we can include it
+                set(CMAKE_REQUIRED_DEFINITIONS "-D__ROKEN_H__")
+                check_include_file( "roken.h" _GSS_HAVE_ROKEN_H)
+
+                check_include_file( "heimdal/roken.h" _GSS_HAVE_HEIMDAL_ROKEN_H)
+                if(_GSS_HAVE_ROKEN_H OR _GSS_HAVE_HEIMDAL_ROKEN_H)
+                    set(GSS_FLAVOUR "Heimdal")
+                endif()
+                set(CMAKE_REQUIRED_DEFINITIONS "")
+            endif()
+        else()
+            # I'm not convienced if this is the right way but this is what autotools do at the moment
+            find_path(_GSS_INCLUDE_DIR
+                NAMES
+                    "gssapi.h"
+                HINTS
+                    ${_GSS_ROOT_HINTS}
+                PATH_SUFFIXES
+                    include
+                    inc
+            )
+
+            if(_GSS_INCLUDE_DIR)
+                set(GSS_FLAVOUR "Heimdal")
+            endif()
+        endif()
+
+        # if we have headers, check if we can link libraries
+        if(GSS_FLAVOUR)
+            set(_GSS_LIBDIR_SUFFIXES "")
+            set(_GSS_LIBDIR_HINTS ${_GSS_ROOT_HINTS})
+            get_filename_component(_GSS_CALCULATED_POTENTIAL_ROOT "${_GSS_INCLUDE_DIR}" PATH)
+            list(APPEND _GSS_LIBDIR_HINTS ${_GSS_CALCULATED_POTENTIAL_ROOT})
+
+            if(WIN32)
+                if(CMAKE_SIZEOF_VOID_P EQUAL 8)
+                    list(APPEND _GSS_LIBDIR_SUFFIXES "lib/AMD64")
+                    if(GSS_FLAVOUR STREQUAL "MIT")
+                        set(_GSS_LIBNAME "gssapi64")
+                    else()
+                        set(_GSS_LIBNAME "libgssapi")
+                    endif()
+                else()
+                    list(APPEND _GSS_LIBDIR_SUFFIXES "lib/i386")
+                    if(GSS_FLAVOUR STREQUAL "MIT")
+                        set(_GSS_LIBNAME "gssapi32")
+                    else()
+                        set(_GSS_LIBNAME "libgssapi")
+                    endif()
+                endif()
+            else()
+                list(APPEND _GSS_LIBDIR_SUFFIXES "lib;lib64") # those suffixes are not checked for HINTS
+                if(GSS_FLAVOUR STREQUAL "MIT")
+                    set(_GSS_LIBNAME "gssapi_krb5")
+                else()
+                    set(_GSS_LIBNAME "gssapi")
+                endif()
+            endif()
+
+            find_library(_GSS_LIBRARIES
+                NAMES
+                    ${_GSS_LIBNAME}
+                HINTS
+                    ${_GSS_LIBDIR_HINTS}
+                PATH_SUFFIXES
+                    ${_GSS_LIBDIR_SUFFIXES}
+            )
+
+        endif()
+
+    endif()
+else()
+    if(_GSS_PKG_${_MIT_MODNAME}_VERSION)
+        set(GSS_FLAVOUR "MIT")
+        set(_GSS_VERSION _GSS_PKG_${_MIT_MODNAME}_VERSION)
+    else()
+        set(GSS_FLAVOUR "Heimdal")
+        set(_GSS_VERSION _GSS_PKG_${_MIT_HEIMDAL}_VERSION)
+    endif()
+endif()
+
+set(GSS_INCLUDE_DIR ${_GSS_INCLUDE_DIR})
+set(GSS_LIBRARIES ${_GSS_LIBRARIES})
+set(GSS_LINK_DIRECTORIES ${_GSS_LINK_DIRECTORIES})
+set(GSS_LINKER_FLAGS ${_GSS_LINKER_FLAGS})
+set(GSS_COMPILER_FLAGS ${_GSS_COMPILER_FLAGS})
+set(GSS_VERSION ${_GSS_VERSION})
+
+if(GSS_FLAVOUR)
+
+    if(NOT GSS_VERSION AND GSS_FLAVOUR STREQUAL "Heimdal")
+        if(CMAKE_SIZEOF_VOID_P EQUAL 8)
+            set(HEIMDAL_MANIFEST_FILE "Heimdal.Application.amd64.manifest")
+        else()
+            set(HEIMDAL_MANIFEST_FILE "Heimdal.Application.x86.manifest")
+        endif()
+
+        if(EXISTS "${GSS_INCLUDE_DIR}/${HEIMDAL_MANIFEST_FILE}")
+            file(STRINGS "${GSS_INCLUDE_DIR}/${HEIMDAL_MANIFEST_FILE}" heimdal_version_str
+                 REGEX "^.*version=\"[0-9]\\.[^\"]+\".*$")
+
+            string(REGEX MATCH "[0-9]\\.[^\"]+"
+                   GSS_VERSION "${heimdal_version_str}")
+        endif()
+
+        if(NOT GSS_VERSION)
+            set(GSS_VERSION "Heimdal Unknown")
+        endif()
+    elseif(NOT GSS_VERSION AND GSS_FLAVOUR STREQUAL "MIT")
+        get_filename_component(_MIT_VERSION "[HKEY_LOCAL_MACHINE\\SOFTWARE\\MIT\\Kerberos\\SDK\\CurrentVersion;VersionString]" NAME CACHE)
+        if(WIN32 AND _MIT_VERSION)
+            set(GSS_VERSION "${_MIT_VERSION}")
+        else()
+            set(GSS_VERSION "MIT Unknown")
+        endif()
+    endif()
+endif()
+
+
+include(FindPackageHandleStandardArgs)
+
+set(_GSS_REQUIRED_VARS GSS_LIBRARIES GSS_FLAVOUR)
+
+find_package_handle_standard_args(GSS
+    REQUIRED_VARS
+        ${_GSS_REQUIRED_VARS}
+    VERSION_VAR
+        GSS_VERSION
+    FAIL_MESSAGE
+        "Could NOT find GSS, try to set the path to GSS root folder in the system variable GSS_ROOT_DIR"
+)
+
+mark_as_advanced(GSS_INCLUDE_DIR GSS_LIBRARIES)
--- a/CMake/Macros.cmake
+++ b/CMake/Macros.cmake
@@ -1,12 +1,12 @@
 #File defines convenience macros for available feature testing

 # This macro checks if the symbol exists in the library and if it
-# does, it prepends library to the list.
+# does, it appends library to the list.
 macro(CHECK_LIBRARY_EXISTS_CONCAT LIBRARY SYMBOL VARIABLE)
-  check_library_exists("${LIBRARY};${CURL_LIBS}" ${SYMBOL} "${CMAKE_LIBRARY_PATH}"
+  check_library_exists("${CURL_LIBS};${LIBRARY}" ${SYMBOL} "${CMAKE_LIBRARY_PATH}"
    ${VARIABLE})
  if(${VARIABLE})
-    set(CURL_LIBS ${LIBRARY} ${CURL_LIBS})
+    list(APPEND CURL_LIBS ${LIBRARY})
  endif(${VARIABLE})
 endmacro(CHECK_LIBRARY_EXISTS_CONCAT)

--- a/CMake/OtherTests.cmake
+++ b/CMake/OtherTests.cmake
@@ -1,15 +1,10 @@
-include(CurlCheckCSourceCompiles)
-set(EXTRA_DEFINES "__unused1\n#undef inline\n#define __unused2")
-set(HEADER_INCLUDES)
-set(headers_hack)
+include(CheckCSourceCompiles)
+# The begin of the sources (macros and includes)
+set(_source_epilogue "#undef inline")

 macro(add_header_include check header)
  if(${check})
-    set(headers_hack
-      "${headers_hack}\n#include <${header}>")
-    #SET(HEADER_INCLUDES
-    #  ${HEADER_INCLUDES}
-    #  "${header}")
+    set(_source_epilogue "${_source_epilogue}\n#include <${header}>")
  endif(${check})
 endmacro(add_header_include)

@@ -18,8 +13,8 @@ if(HAVE_WINDOWS_H)
  add_header_include(HAVE_WINDOWS_H "windows.h")
  add_header_include(HAVE_WINSOCK2_H "winsock2.h")
  add_header_include(HAVE_WINSOCK_H "winsock.h")
-  set(EXTRA_DEFINES ${EXTRA_DEFINES}
-    "__unused7\n#ifndef WIN32_LEAN_AND_MEAN\n#define WIN32_LEAN_AND_MEAN\n#endif\n#define __unused3")
+  set(_source_epilogue
+      "${_source_epilogue}\n#ifndef WIN32_LEAN_AND_MEAN\n#define WIN32_LEAN_AND_MEAN\n#endif")
  set(signature_call_conv "PASCAL")
  if(HAVE_LIBWS2_32)
    set(CMAKE_REQUIRED_LIBRARIES ws2_32)
@@ -29,14 +24,12 @@ else(HAVE_WINDOWS_H)
  add_header_include(HAVE_SYS_SOCKET_H "sys/socket.h")
 endif(HAVE_WINDOWS_H)

-set(EXTRA_DEFINES_BACKUP "${EXTRA_DEFINES}")
-set(EXTRA_DEFINES "${EXTRA_DEFINES_BACKUP}\n${headers_hack}\n${extern_line}\n#define __unused5")
-curl_check_c_source_compiles("recv(0, 0, 0, 0)" curl_cv_recv)
+check_c_source_compiles("${_source_epilogue}
+int main(void) {
+    recv(0, 0, 0, 0);
+    return 0;
+}" curl_cv_recv)
 if(curl_cv_recv)
-  #    AC_CACHE_CHECK([types of arguments and return type for recv],
-  #[curl_cv_func_recv_args], [
-  #SET(curl_cv_func_recv_args "unknown")
-  #for recv_retv in 'int' 'ssize_t'; do
  if(NOT DEFINED curl_cv_func_recv_args OR "${curl_cv_func_recv_args}" STREQUAL "unknown")
    foreach(recv_retv "int" "ssize_t" )
      foreach(recv_arg1 "int" "ssize_t" "SOCKET")
@@ -44,17 +37,23 @@ if(curl_cv_recv)
          foreach(recv_arg3 "size_t" "int" "socklen_t" "unsigned int")
            foreach(recv_arg4 "int" "unsigned int")
              if(NOT curl_cv_func_recv_done)
-                set(curl_cv_func_recv_test "UNKNOWN")
-                set(extern_line "extern ${recv_retv} ${signature_call_conv} recv(${recv_arg1}, ${recv_arg2}, ${recv_arg3}, ${recv_arg4})\;")
-                set(EXTRA_DEFINES "${EXTRA_DEFINES_BACKUP}\n${headers_hack}\n${extern_line}\n#define __unused5")
-                curl_check_c_source_compiles("
+                unset(curl_cv_func_recv_test CACHE)
+                check_c_source_compiles("
+                  ${_source_epilogue}
+                  extern ${recv_retv} ${signature_call_conv}
+                  recv(${recv_arg1}, ${recv_arg2}, ${recv_arg3}, ${recv_arg4});
+                  int main(void) {
                    ${recv_arg1} s=0;
                    ${recv_arg2} buf=0;
                    ${recv_arg3} len=0;
                    ${recv_arg4} flags=0;
-                    ${recv_retv} res = recv(s, buf, len, flags)"
-                  curl_cv_func_recv_test
-                  "${recv_retv} recv(${recv_arg1}, ${recv_arg2}, ${recv_arg3}, ${recv_arg4})")
+                    ${recv_retv} res = recv(s, buf, len, flags);
+                    (void) res;
+                    return 0;
+                  }"
+                  curl_cv_func_recv_test)
+                message(STATUS
+                  "Tested: ${recv_retv} recv(${recv_arg1}, ${recv_arg2}, ${recv_arg3}, ${recv_arg4})")
                if(curl_cv_func_recv_test)
                  set(curl_cv_func_recv_args
                    "${recv_arg1},${recv_arg2},${recv_arg3},${recv_arg4},${recv_retv}")
@@ -72,18 +71,13 @@ if(curl_cv_recv)
        endforeach(recv_arg2)
      endforeach(recv_arg1)
    endforeach(recv_retv)
-  else(NOT DEFINED curl_cv_func_recv_args OR "${curl_cv_func_recv_args}" STREQUAL "unknown")
+  else()
    string(REGEX REPLACE "^([^,]*),[^,]*,[^,]*,[^,]*,[^,]*$" "\\1" RECV_TYPE_ARG1 "${curl_cv_func_recv_args}")
    string(REGEX REPLACE "^[^,]*,([^,]*),[^,]*,[^,]*,[^,]*$" "\\1" RECV_TYPE_ARG2 "${curl_cv_func_recv_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,([^,]*),[^,]*,[^,]*$" "\\1" RECV_TYPE_ARG3 "${curl_cv_func_recv_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,[^,]*,([^,]*),[^,]*$" "\\1" RECV_TYPE_ARG4 "${curl_cv_func_recv_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,[^,]*,[^,]*,([^,]*)$" "\\1" RECV_TYPE_RETV "${curl_cv_func_recv_args}")
-    #MESSAGE("RECV_TYPE_ARG1 ${RECV_TYPE_ARG1}")
-    #MESSAGE("RECV_TYPE_ARG2 ${RECV_TYPE_ARG2}")
-    #MESSAGE("RECV_TYPE_ARG3 ${RECV_TYPE_ARG3}")
-    #MESSAGE("RECV_TYPE_ARG4 ${RECV_TYPE_ARG4}")
-    #MESSAGE("RECV_TYPE_RETV ${RECV_TYPE_RETV}")
-  endif(NOT DEFINED curl_cv_func_recv_args OR "${curl_cv_func_recv_args}" STREQUAL "unknown")
+  endif()

  if("${curl_cv_func_recv_args}" STREQUAL "unknown")
    message(FATAL_ERROR "Cannot find proper types to use for recv args")
@@ -94,12 +88,12 @@ endif(curl_cv_recv)
 set(curl_cv_func_recv_args "${curl_cv_func_recv_args}" CACHE INTERNAL "Arguments for recv")
 set(HAVE_RECV 1)

-curl_check_c_source_compiles("send(0, 0, 0, 0)" curl_cv_send)
+check_c_source_compiles("${_source_epilogue}
+int main(void) {
+    send(0, 0, 0, 0);
+    return 0;
+}" curl_cv_send)
 if(curl_cv_send)
-  #    AC_CACHE_CHECK([types of arguments and return type for send],
-  #[curl_cv_func_send_args], [
-  #SET(curl_cv_func_send_args "unknown")
-  #for send_retv in 'int' 'ssize_t'; do
  if(NOT DEFINED curl_cv_func_send_args OR "${curl_cv_func_send_args}" STREQUAL "unknown")
    foreach(send_retv "int" "ssize_t" )
      foreach(send_arg1 "int" "ssize_t" "SOCKET")
@@ -107,19 +101,24 @@ if(curl_cv_send)
          foreach(send_arg3 "size_t" "int" "socklen_t" "unsigned int")
            foreach(send_arg4 "int" "unsigned int")
              if(NOT curl_cv_func_send_done)
-                set(curl_cv_func_send_test "UNKNOWN")
-                set(extern_line "extern ${send_retv} ${signature_call_conv} send(${send_arg1}, ${send_arg2}, ${send_arg3}, ${send_arg4})\;")
-                set(EXTRA_DEFINES "${EXTRA_DEFINES_BACKUP}\n${headers_hack}\n${extern_line}\n#define __unused5")
-                curl_check_c_source_compiles("
+                unset(curl_cv_func_send_test CACHE)
+                check_c_source_compiles("
+                  ${_source_epilogue}
+                  extern ${send_retv} ${signature_call_conv}
+                  send(${send_arg1}, ${send_arg2}, ${send_arg3}, ${send_arg4});
+                  int main(void) {
                    ${send_arg1} s=0;
                    ${send_arg2} buf=0;
                    ${send_arg3} len=0;
                    ${send_arg4} flags=0;
-                    ${send_retv} res = send(s, buf, len, flags)"
-                  curl_cv_func_send_test
-                  "${send_retv} send(${send_arg1}, ${send_arg2}, ${send_arg3}, ${send_arg4})")
+                    ${send_retv} res = send(s, buf, len, flags);
+                    (void) res;
+                    return 0;
+                  }"
+                  curl_cv_func_send_test)
+                message(STATUS
+                  "Tested: ${send_retv} send(${send_arg1}, ${send_arg2}, ${send_arg3}, ${send_arg4})")
                if(curl_cv_func_send_test)
-                  #MESSAGE("Found arguments: ${curl_cv_func_send_test}")
                  string(REGEX REPLACE "(const) .*" "\\1" send_qual_arg2 "${send_arg2}")
                  string(REGEX REPLACE "const (.*)" "\\1" send_arg2 "${send_arg2}")
                  set(curl_cv_func_send_args
@@ -138,20 +137,14 @@ if(curl_cv_send)
        endforeach(send_arg2)
      endforeach(send_arg1)
    endforeach(send_retv)
-  else(NOT DEFINED curl_cv_func_send_args OR "${curl_cv_func_send_args}" STREQUAL "unknown")
+  else()
    string(REGEX REPLACE "^([^,]*),[^,]*,[^,]*,[^,]*,[^,]*,[^,]*$" "\\1" SEND_TYPE_ARG1 "${curl_cv_func_send_args}")
    string(REGEX REPLACE "^[^,]*,([^,]*),[^,]*,[^,]*,[^,]*,[^,]*$" "\\1" SEND_TYPE_ARG2 "${curl_cv_func_send_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,([^,]*),[^,]*,[^,]*,[^,]*$" "\\1" SEND_TYPE_ARG3 "${curl_cv_func_send_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,[^,]*,([^,]*),[^,]*,[^,]*$" "\\1" SEND_TYPE_ARG4 "${curl_cv_func_send_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,[^,]*,[^,]*,([^,]*),[^,]*$" "\\1" SEND_TYPE_RETV "${curl_cv_func_send_args}")
    string(REGEX REPLACE "^[^,]*,[^,]*,[^,]*,[^,]*,[^,]*,([^,]*)$" "\\1" SEND_QUAL_ARG2 "${curl_cv_func_send_args}")
-    #MESSAGE("SEND_TYPE_ARG1 ${SEND_TYPE_ARG1}")
-    #MESSAGE("SEND_TYPE_ARG2 ${SEND_TYPE_ARG2}")
-    #MESSAGE("SEND_TYPE_ARG3 ${SEND_TYPE_ARG3}")
-    #MESSAGE("SEND_TYPE_ARG4 ${SEND_TYPE_ARG4}")
-    #MESSAGE("SEND_TYPE_RETV ${SEND_TYPE_RETV}")
-    #MESSAGE("SEND_QUAL_ARG2 ${SEND_QUAL_ARG2}")
-  endif(NOT DEFINED curl_cv_func_send_args OR "${curl_cv_func_send_args}" STREQUAL "unknown")
+  endif()

  if("${curl_cv_func_send_args}" STREQUAL "unknown")
    message(FATAL_ERROR "Cannot find proper types to use for send args")
@@ -163,88 +156,71 @@ endif(curl_cv_send)
 set(curl_cv_func_send_args "${curl_cv_func_send_args}" CACHE INTERNAL "Arguments for send")
 set(HAVE_SEND 1)

-set(EXTRA_DEFINES "${EXTRA_DEFINES}\n${headers_hack}\n#define __unused5")
-curl_check_c_source_compiles("int flag = MSG_NOSIGNAL" HAVE_MSG_NOSIGNAL)
+check_c_source_compiles("${_source_epilogue}
+  int main(void) {
+    int flag = MSG_NOSIGNAL;
+    (void)flag;
+    return 0;
+  }" HAVE_MSG_NOSIGNAL)

-set(EXTRA_DEFINES "__unused1\n#undef inline\n#define __unused2")
-set(HEADER_INCLUDES)
-set(headers_hack)
-
-macro(add_header_include check header)
-  if(${check})
-    set(headers_hack
-      "${headers_hack}\n#include <${header}>")
-    #SET(HEADER_INCLUDES
-    #  ${HEADER_INCLUDES}
-    #  "${header}")
-  endif(${check})
-endmacro(add_header_include header)
-
-if(HAVE_WINDOWS_H)
-  set(EXTRA_DEFINES ${EXTRA_DEFINES}
-    "__unused7\n#ifndef WIN32_LEAN_AND_MEAN\n#define WIN32_LEAN_AND_MEAN\n#endif\n#define __unused3")
-  add_header_include(HAVE_WINDOWS_H "windows.h")
-  add_header_include(HAVE_WINSOCK2_H "winsock2.h")
-  add_header_include(HAVE_WINSOCK_H "winsock.h")
-else(HAVE_WINDOWS_H)
-  add_header_include(HAVE_SYS_TYPES_H "sys/types.h")
+if(NOT HAVE_WINDOWS_H)
  add_header_include(HAVE_SYS_TIME_H "sys/time.h")
  add_header_include(TIME_WITH_SYS_TIME "time.h")
  add_header_include(HAVE_TIME_H "time.h")
-endif(HAVE_WINDOWS_H)
-set(EXTRA_DEFINES "${EXTRA_DEFINES}\n${headers_hack}\n#define __unused5")
-curl_check_c_source_compiles("struct timeval ts;\nts.tv_sec  = 0;\nts.tv_usec = 0" HAVE_STRUCT_TIMEVAL)
+endif()
+check_c_source_compiles("${_source_epilogue}
+int main(void) {
+  struct timeval ts;
+  ts.tv_sec  = 0;
+  ts.tv_usec = 0;
+  (void)ts;
+  return 0;
+}" HAVE_STRUCT_TIMEVAL)


-include(CurlCheckCSourceRuns)
-set(EXTRA_DEFINES)
-set(HEADER_INCLUDES)
+include(CheckCSourceRuns)
+set(CMAKE_REQUIRED_FLAGS)
 if(HAVE_SYS_POLL_H)
-  set(HEADER_INCLUDES "sys/poll.h")
+  set(CMAKE_REQUIRED_FLAGS "-DHAVE_SYS_POLL_H")
 endif(HAVE_SYS_POLL_H)
-curl_check_c_source_runs("return poll((void *)0, 0, 10 /*ms*/)" HAVE_POLL_FINE)
+check_c_source_runs("
+  #ifdef HAVE_SYS_POLL_H
+  #  include <sys/poll.h>
+  #endif
+  int main(void) {
+    return poll((void *)0, 0, 10 /*ms*/);
+  }" HAVE_POLL_FINE)

 set(HAVE_SIG_ATOMIC_T 1)
-set(EXTRA_DEFINES)
-set(HEADER_INCLUDES)
+set(CMAKE_REQUIRED_FLAGS)
 if(HAVE_SIGNAL_H)
-  set(HEADER_INCLUDES "signal.h")
+  set(CMAKE_REQUIRED_FLAGS "-DHAVE_SIGNAL_H")
  set(CMAKE_EXTRA_INCLUDE_FILES "signal.h")
 endif(HAVE_SIGNAL_H)
 check_type_size("sig_atomic_t" SIZEOF_SIG_ATOMIC_T)
 if(HAVE_SIZEOF_SIG_ATOMIC_T)
-  curl_check_c_source_compiles("static volatile sig_atomic_t dummy = 0" HAVE_SIG_ATOMIC_T_NOT_VOLATILE)
+  check_c_source_compiles("
+    #ifdef HAVE_SIGNAL_H
+    #  include <signal.h>
+    #endif
+    int main(void) {
+      static volatile sig_atomic_t dummy = 0;
+      (void)dummy;
+      return 0;
+    }" HAVE_SIG_ATOMIC_T_NOT_VOLATILE)
  if(NOT HAVE_SIG_ATOMIC_T_NOT_VOLATILE)
    set(HAVE_SIG_ATOMIC_T_VOLATILE 1)
  endif(NOT HAVE_SIG_ATOMIC_T_NOT_VOLATILE)
 endif(HAVE_SIZEOF_SIG_ATOMIC_T)

-set(CHECK_TYPE_SIZE_PREINCLUDE
-  "#undef inline")
-
 if(HAVE_WINDOWS_H)
-  set(CHECK_TYPE_SIZE_PREINCLUDE "${CHECK_TYPE_SIZE_PREINCLUDE}
-  #ifndef WIN32_LEAN_AND_MEAN
-  #define WIN32_LEAN_AND_MEAN
-  #endif
-  #include <windows.h>")
-  if(HAVE_WINSOCK2_H)
-    set(CHECK_TYPE_SIZE_PREINCLUDE "${CHECK_TYPE_SIZE_PREINCLUDE}\n#include <winsock2.h>")
-  endif(HAVE_WINSOCK2_H)
-else(HAVE_WINDOWS_H)
+  set(CMAKE_EXTRA_INCLUDE_FILES winsock2.h)
+else()
+  set(CMAKE_EXTRA_INCLUDE_FILES)
  if(HAVE_SYS_SOCKET_H)
-    set(CMAKE_EXTRA_INCLUDE_FILES ${CMAKE_EXTRA_INCLUDE_FILES}
-      "sys/socket.h")
+    set(CMAKE_EXTRA_INCLUDE_FILES sys/socket.h)
  endif(HAVE_SYS_SOCKET_H)
-  if(HAVE_NETINET_IN_H)
-    set(CMAKE_EXTRA_INCLUDE_FILES ${CMAKE_EXTRA_INCLUDE_FILES}
-      "netinet/in.h")
-  endif(HAVE_NETINET_IN_H)
-  if(HAVE_ARPA_INET_H)
-    set(CMAKE_EXTRA_INCLUDE_FILES ${CMAKE_EXTRA_INCLUDE_FILES}
-      "arpa/inet.h")
-  endif(HAVE_ARPA_INET_H)
-endif(HAVE_WINDOWS_H)
+endif()

 check_type_size("struct sockaddr_storage" SIZEOF_STRUCT_SOCKADDR_STORAGE)
 if(HAVE_SIZEOF_STRUCT_SOCKADDR_STORAGE)
--- a/CMake/Platforms/WindowsCache.cmake
+++ b/CMake/Platforms/WindowsCache.cmake
@@ -14,7 +14,6 @@ if(NOT UNIX)
    set(HAVE_ARPA_INET_H 0)
    set(HAVE_DLFCN_H 0)
    set(HAVE_FCNTL_H 1)
-    set(HAVE_FEATURES_H 0)
    set(HAVE_INTTYPES_H 0)
    set(HAVE_IO_H 1)
    set(HAVE_MALLOC_H 1)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -48,27 +48,17 @@ project( CURL C )
 message(WARNING "the curl cmake build system is poorly maintained. Be aware")

 file (READ ${CURL_SOURCE_DIR}/include/curl/curlver.h CURL_VERSION_H_CONTENTS)
-string (REGEX MATCH "LIBCURL_VERSION_MAJOR[ \t]+([0-9]+)"
-  LIBCURL_VERSION_MJ ${CURL_VERSION_H_CONTENTS})
-string (REGEX MATCH "([0-9]+)"
-  LIBCURL_VERSION_MJ ${LIBCURL_VERSION_MJ})
-string (REGEX MATCH
-  "LIBCURL_VERSION_MINOR[ \t]+([0-9]+)"
-  LIBCURL_VERSION_MI ${CURL_VERSION_H_CONTENTS})
-string (REGEX MATCH "([0-9]+)" LIBCURL_VERSION_MI ${LIBCURL_VERSION_MI})
-string (REGEX MATCH
-  "LIBCURL_VERSION_PATCH[ \t]+([0-9]+)"
-  LIBCURL_VERSION_PT ${CURL_VERSION_H_CONTENTS})
-string (REGEX MATCH "([0-9]+)" LIBCURL_VERSION_PT ${LIBCURL_VERSION_PT})
-set (CURL_MAJOR_VERSION ${LIBCURL_VERSION_MJ})
-set (CURL_MINOR_VERSION ${LIBCURL_VERSION_MI})
-set (CURL_PATCH_VERSION ${LIBCURL_VERSION_PT})
+string (REGEX MATCH "#define LIBCURL_VERSION \"[^\"]*"
+  CURL_VERSION ${CURL_VERSION_H_CONTENTS})
+string (REGEX REPLACE "[^\"]+\"" "" CURL_VERSION ${CURL_VERSION})
+string (REGEX MATCH "#define LIBCURL_VERSION_NUM 0x[0-9a-fA-F]+"
+  CURL_VERSION_NUM ${CURL_VERSION_H_CONTENTS})
+string (REGEX REPLACE "[^0]+0x" "" CURL_VERSION_NUM ${CURL_VERSION_NUM})

 include_regular_expression("^.*$")    # Sukender: Is it necessary?

 # Setup package meta-data
 # SET(PACKAGE "curl")
-set(CURL_VERSION ${CURL_MAJOR_VERSION}.${CURL_MINOR_VERSION}.${CURL_PATCH_VERSION})
 message(STATUS "curl version=[${CURL_VERSION}]")
 # SET(PACKAGE_TARNAME "curl")
 # SET(PACKAGE_NAME "curl")
@@ -171,9 +161,52 @@ option(CURL_DISABLE_VERBOSE_STRINGS "to disable verbose strings" OFF)
 mark_as_advanced(CURL_DISABLE_VERBOSE_STRINGS)
 option(DISABLED_THREADSAFE "Set to explicitly specify we don't want to use thread-safe functions" OFF)
 mark_as_advanced(DISABLED_THREADSAFE)
-option(ENABLE_IPV6 "Define if you want to enable IPv6 support" OFF)
+option(ENABLE_IPV6 "Define if you want to enable IPv6 support" ON)
 mark_as_advanced(ENABLE_IPV6)
+if(ENABLE_IPV6)
+  include(CheckStructHasMember)
+  check_struct_has_member("struct sockaddr_in6" sin6_addr "netinet/in.h"
+                          HAVE_SOCKADDR_IN6_SIN6_ADDR)
+  check_struct_has_member("struct sockaddr_in6" sin6_scope_id "netinet/in.h"
+                          HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID)
+  if(NOT HAVE_SOCKADDR_IN6_SIN6_ADDR)
+    message(WARNING "struct sockaddr_in6 not available, disabling IPv6 support")
+    # Force the feature off as this name is used as guard macro...
+    set(ENABLE_IPV6 OFF
+        CACHE BOOL "Define if you want to enable IPv6 support" FORCE)
+  endif()
+endif()

+option(ENABLE_MANUAL "to provide the built-in manual" ON)
+unset(USE_MANUAL CACHE) # TODO: cache NROFF/NROFF_MANOPT/USE_MANUAL vars?
+if(ENABLE_MANUAL)
+  find_program(NROFF NAMES gnroff nroff)
+  if(NROFF)
+    # Need a way to write to stdin, this will do
+    file(WRITE "${CMAKE_CURRENT_BINARY_DIR}/nroff-input.txt" "test")
+    # Tests for a valid nroff option to generate a manpage
+    foreach(_MANOPT "-man" "-mandoc")
+      execute_process(COMMAND "${NROFF}" ${_MANOPT}
+        OUTPUT_VARIABLE NROFF_MANOPT_OUTPUT
+        INPUT_FILE "${CMAKE_CURRENT_BINARY_DIR}/nroff-input.txt"
+        ERROR_QUIET)
+      # Save the option if it was valid
+      if(NROFF_MANOPT_OUTPUT)
+        message("Found *nroff option: -- ${_MANOPT}")
+        set(NROFF_MANOPT ${_MANOPT})
+        set(USE_MANUAL 1)
+        break()
+      endif()
+    endforeach()
+    # No need for the temporary file
+    file(REMOVE "${CMAKE_CURRENT_BINARY_DIR}/nroff-input.txt")
+    if(NOT USE_MANUAL)
+      message(WARNING "Found no *nroff option to get plaintext from man pages")
+    endif()
+  else()
+    message(WARNING "Found no *nroff program")
+  endif()
+endif()

 # We need ansi c-flags, especially on HP
 set(CMAKE_C_FLAGS "${CMAKE_ANSI_CFLAGS} ${CMAKE_C_FLAGS}")
@@ -224,6 +257,36 @@ if(WIN32)
  check_library_exists_concat("winmm"  getch        HAVE_LIBWINMM)
 endif()

+option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ON)
+mark_as_advanced(CMAKE_USE_OPENSSL)
+
+set(USE_SSLEAY OFF)
+set(USE_OPENSSL OFF)
+set(HAVE_LIBCRYPTO OFF)
+set(HAVE_LIBSSL OFF)
+
+if(CMAKE_USE_OPENSSL)
+  find_package(OpenSSL)
+  if(OPENSSL_FOUND)
+    list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES})
+    set(USE_SSLEAY ON)
+    set(USE_OPENSSL ON)
+    set(HAVE_LIBCRYPTO ON)
+    set(HAVE_LIBSSL ON)
+    include_directories(${OPENSSL_INCLUDE_DIR})
+    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
+    check_include_file_concat("openssl/crypto.h" HAVE_OPENSSL_CRYPTO_H)
+    check_include_file_concat("openssl/engine.h" HAVE_OPENSSL_ENGINE_H)
+    check_include_file_concat("openssl/err.h"    HAVE_OPENSSL_ERR_H)
+    check_include_file_concat("openssl/pem.h"    HAVE_OPENSSL_PEM_H)
+    check_include_file_concat("openssl/pkcs12.h" HAVE_OPENSSL_PKCS12_H)
+    check_include_file_concat("openssl/rsa.h"    HAVE_OPENSSL_RSA_H)
+    check_include_file_concat("openssl/ssl.h"    HAVE_OPENSSL_SSL_H)
+    check_include_file_concat("openssl/x509.h"   HAVE_OPENSSL_X509_H)
+    check_include_file_concat("openssl/rand.h"   HAVE_OPENSSL_RAND_H)
+  endif()
+endif()
+
 if(NOT CURL_DISABLE_LDAP)

  if(WIN32)
@@ -248,6 +311,7 @@ if(NOT CURL_DISABLE_LDAP)
  # Now that we know, we're not using windows LDAP...
  if(NOT CURL_LDAP_WIN)
    # Check for LDAP
+    set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_LIBRARIES})
    check_library_exists_concat(${CMAKE_LDAP_LIB} ldap_init HAVE_LIBLDAP)
    check_library_exists_concat(${CMAKE_LBER_LIB} ber_init HAVE_LIBLBER)
  else()
@@ -302,7 +366,7 @@ if(NOT CURL_DISABLE_LDAP)
      }"
    )
    set(CMAKE_REQUIRED_DEFINITIONS "-DLDAP_DEPRECATED=1" "-DWIN32_LEAN_AND_MEAN")
-    set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_LDAP_LIB})
+    list(APPEND CMAKE_REQUIRED_LIBRARIES ${CMAKE_LDAP_LIB})
    if(HAVE_LIBLBER)
      list(APPEND CMAKE_REQUIRED_LIBRARIES ${CMAKE_LBER_LIB})
    endif()
@@ -336,9 +400,6 @@ check_library_exists_concat("idn" idna_to_ascii_lz HAVE_LIBIDN)
 # Check for symbol dlopen (same as HAVE_LIBDL)
 check_library_exists("${CURL_LIBS}" dlopen "" HAVE_DLOPEN)

-# For other tests to use the same libraries
-set(CMAKE_REQUIRED_LIBRARIES ${CURL_LIBS})
-
 option(CURL_ZLIB "Set to ON to enable building cURL with zlib support." ON)
 set(HAVE_LIBZ OFF)
 set(HAVE_ZLIB_H OFF)
@@ -350,39 +411,10 @@ if(CURL_ZLIB)
    set(HAVE_ZLIB ON)
    set(HAVE_LIBZ ON)
    list(APPEND CURL_LIBS ${ZLIB_LIBRARIES})
+    include_directories(${ZLIB_INCLUDE_DIRS})
  endif()
 endif()

-option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ON)
-mark_as_advanced(CMAKE_USE_OPENSSL)
-
-set(USE_SSLEAY OFF)
-set(USE_OPENSSL OFF)
-set(HAVE_LIBCRYPTO OFF)
-set(HAVE_LIBSSL OFF)
-
-if(CMAKE_USE_OPENSSL)
-  find_package(OpenSSL)
-  if(OPENSSL_FOUND)
-    list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES})
-    set(USE_SSLEAY ON)
-    set(USE_OPENSSL ON)
-    set(HAVE_LIBCRYPTO ON)
-    set(HAVE_LIBSSL ON)
-    include_directories(${OPENSSL_INCLUDE_DIR})
-    set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
-    check_include_file_concat("openssl/crypto.h" HAVE_OPENSSL_CRYPTO_H)
-    check_include_file_concat("openssl/engine.h" HAVE_OPENSSL_ENGINE_H)
-    check_include_file_concat("openssl/err.h"    HAVE_OPENSSL_ERR_H)
-    check_include_file_concat("openssl/pem.h"    HAVE_OPENSSL_PEM_H)
-    check_include_file_concat("openssl/pkcs12.h" HAVE_OPENSSL_PKCS12_H)
-    check_include_file_concat("openssl/rsa.h"    HAVE_OPENSSL_RSA_H)
-    check_include_file_concat("openssl/ssl.h"    HAVE_OPENSSL_SSL_H)
-    check_include_file_concat("openssl/x509.h"   HAVE_OPENSSL_X509_H)
-    check_include_file_concat("openssl/rand.h"   HAVE_OPENSSL_RAND_H)
-  endif(OPENSSL_FOUND)
-endif(CMAKE_USE_OPENSSL)
-
 #libSSH2
 option(CMAKE_USE_LIBSSH2 "Use libSSH2" ON)
 mark_as_advanced(CMAKE_USE_LIBSSH2)
@@ -396,6 +428,7 @@ if(CMAKE_USE_LIBSSH2)
    list(APPEND CURL_LIBS ${LIBSSH2_LIBRARY})
    set(CMAKE_REQUIRED_LIBRARIES ${LIBSSH2_LIBRARY})
    set(CMAKE_REQUIRED_INCLUDES "${LIBSSH2_INCLUDE_DIR}")
+    include_directories("${LIBSSH2_INCLUDE_DIR}")
    set(HAVE_LIBSSH2 ON)
    set(USE_LIBSSH2 ON)

@@ -416,8 +449,64 @@ if(CMAKE_USE_LIBSSH2)
  endif(LIBSSH2_FOUND)
 endif(CMAKE_USE_LIBSSH2)

-# If we have features.h, then do the _BSD_SOURCE magic
-check_include_file("features.h"       HAVE_FEATURES_H)
+option(CMAKE_USE_GSSAPI "Use GSSAPI implementation (right now only Heimdal is supported with CMake build)" OFF)
+mark_as_advanced(CMAKE_USE_GSSAPI)
+
+if(CMAKE_USE_GSSAPI)
+  find_package(GSS)
+
+  set(HAVE_GSS_API ${GSS_FOUND})
+  if(GSS_FOUND)
+
+    message(STATUS "Found ${GSS_FLAVOUR} GSSAPI version: \"${GSS_VERSION}\"")
+
+    set(CMAKE_REQUIRED_INCLUDES ${GSS_INCLUDE_DIR})
+    check_include_file_concat("gssapi/gssapi.h"  HAVE_GSSAPI_GSSAPI_H)
+    check_include_file_concat("gssapi/gssapi_generic.h" HAVE_GSSAPI_GSSAPI_GENERIC_H)
+    check_include_file_concat("gssapi/gssapi_krb5.h" HAVE_GSSAPI_GSSAPI_KRB5_H)
+
+    if(GSS_FLAVOUR STREQUAL "Heimdal")
+      set(HAVE_GSSHEIMDAL ON)
+    else() # MIT
+      set(HAVE_GSSMIT ON)
+      set(_INCLUDE_LIST "")
+      if(HAVE_GSSAPI_GSSAPI_H)
+        list(APPEND _INCLUDE_LIST "gssapi/gssapi.h")
+      endif()
+      if(HAVE_GSSAPI_GSSAPI_GENERIC_H)
+        list(APPEND _INCLUDE_LIST "gssapi/gssapi_generic.h")
+      endif()
+      if(HAVE_GSSAPI_GSSAPI_KRB5_H)
+        list(APPEND _INCLUDE_LIST "gssapi/gssapi_krb5.h")
+      endif()
+
+      string(REPLACE ";" " " _COMPILER_FLAGS_STR "${GSS_COMPILER_FLAGS}")
+      string(REPLACE ";" " " _LINKER_FLAGS_STR "${GSS_LINKER_FLAGS}")
+
+      foreach(_dir ${GSS_LINK_DIRECTORIES})
+        set(_LINKER_FLAGS_STR "${_LINKER_FLAGS_STR} -L\"${_dir}\"")
+      endforeach()
+
+      set(CMAKE_REQUIRED_FLAGS "${_COMPILER_FLAGS_STR} ${_LINKER_FLAGS_STR}")
+      set(CMAKE_REQUIRED_LIBRARIES ${GSS_LIBRARIES})
+      check_symbol_exists("GSS_C_NT_HOSTBASED_SERVICE" ${_INCLUDE_LIST} HAVE_GSS_C_NT_HOSTBASED_SERVICE)
+      if(NOT HAVE_GSS_C_NT_HOSTBASED_SERVICE)
+        set(HAVE_OLD_GSSMIT ON)
+      endif()
+
+    endif()
+
+    include_directories(${GSS_INCLUDE_DIR})
+    link_directories(${GSS_LINK_DIRECTORIES})
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${GSS_COMPILER_FLAGS}")
+    set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} ${GSS_LINKER_FLAGS}")
+    set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${GSS_LINKER_FLAGS}")
+    list(APPEND CURL_LIBS ${GSS_LIBRARIES})
+
+  else()
+    message(WARNING "GSSAPI support has been requested but no supporting libraries found. Skipping.")
+  endif()
+endif()

 # Check for header files
 if(NOT UNIX)
@@ -454,9 +543,6 @@ check_include_file_concat("des.h"            HAVE_DES_H)
 check_include_file_concat("err.h"            HAVE_ERR_H)
 check_include_file_concat("errno.h"          HAVE_ERRNO_H)
 check_include_file_concat("fcntl.h"          HAVE_FCNTL_H)
-check_include_file_concat("gssapi/gssapi.h"  HAVE_GSSAPI_GSSAPI_H)
-check_include_file_concat("gssapi/gssapi_generic.h" HAVE_GSSAPI_GSSAPI_GENERIC_H)
-check_include_file_concat("gssapi/gssapi_krb5.h" HAVE_GSSAPI_GSSAPI_KRB5_H)
 check_include_file_concat("idn-free.h"       HAVE_IDN_FREE_H)
 check_include_file_concat("ifaddrs.h"        HAVE_IFADDRS_H)
 check_include_file_concat("io.h"             HAVE_IO_H)
@@ -576,6 +662,12 @@ find_file(RANDOM_FILE urandom /dev)
 mark_as_advanced(RANDOM_FILE)

 # Check for some functions that are used
+if(HAVE_LIBWS2_32)
+  set(CMAKE_REQUIRED_LIBRARIES ws2_32)
+elseif(HAVE_LIBSOCKET)
+  set(CMAKE_REQUIRED_LIBRARIES socket)
+endif()
+
 check_symbol_exists(basename      "${CURL_INCLUDES}" HAVE_BASENAME)
 check_symbol_exists(socket        "${CURL_INCLUDES}" HAVE_SOCKET)
 check_symbol_exists(poll          "${CURL_INCLUDES}" HAVE_POLL)
@@ -639,6 +731,7 @@ check_symbol_exists(strerror_r     "${CURL_INCLUDES}" HAVE_STRERROR_R)
 check_symbol_exists(siginterrupt   "${CURL_INCLUDES}" HAVE_SIGINTERRUPT)
 check_symbol_exists(perror         "${CURL_INCLUDES}" HAVE_PERROR)
 check_symbol_exists(fork           "${CURL_INCLUDES}" HAVE_FORK)
+check_symbol_exists(getaddrinfo    "${CURL_INCLUDES}" HAVE_GETADDRINFO)
 check_symbol_exists(freeaddrinfo   "${CURL_INCLUDES}" HAVE_FREEADDRINFO)
 check_symbol_exists(freeifaddrs    "${CURL_INCLUDES}" HAVE_FREEIFADDRS)
 check_symbol_exists(pipe           "${CURL_INCLUDES}" HAVE_PIPE)
@@ -677,12 +770,7 @@ if(NOT HAVE_STRICMP)
  set(HAVE_LDAP_URL_PARSE 1)
 endif(NOT HAVE_STRICMP)

-
-
 # Do curl specific tests
-if(HAVE_LIBWS2_32)
-  set(CMAKE_REQUIRED_LIBRARIES ws2_32)
-endif()
 foreach(CURL_TEST
    HAVE_FCNTL_O_NONBLOCK
    HAVE_IOCTLSOCKET
@@ -869,24 +957,6 @@ if(MSVC)
  add_definitions(-D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE)
 endif(MSVC)

-# Sets up the dependencies (zlib, OpenSSL, etc.) of a cURL subproject according to options.
-# TODO This is far to be complete!
-function(SETUP_CURL_DEPENDENCIES TARGET_NAME)
-  if(CURL_ZLIB AND ZLIB_FOUND)
-    include_directories(${ZLIB_INCLUDE_DIR})
-  endif()
-
-  if(CMAKE_USE_OPENSSL AND OPENSSL_FOUND)
-    include_directories(${OPENSSL_INCLUDE_DIR})
-  endif()
-
-  if(CMAKE_USE_LIBSSH2 AND LIBSSH2_FOUND)
-    include_directories(${LIBSSH2_INCLUDE_DIR})
-  endif()
-
-  target_link_libraries(${TARGET_NAME} ${CURL_LIBS})
-endfunction()
-
 # Ugly (but functional) way to include "Makefile.inc" by transforming it (= regenerate it).
 function(TRANSFORM_MAKEFILE_INC INPUT_FILE OUTPUT_FILE)
  file(READ ${INPUT_FILE} MAKEFILE_INC_TEXT)
@@ -911,6 +981,133 @@ if(BUILD_CURL_TESTS)
  add_subdirectory(tests)
 endif()

+# TODO support GNUTLS, NSS, POLARSSL, AXTLS, CYASSL, WINSSL, DARWINSSL
+if(USE_OPENSSL)
+  set(SSL_ENABLED 1)
+endif()
+
+# Helper to populate a list (_items) with a label when conditions (the remaining
+# args) are satisfied
+function(_add_if label)
+  # TODO need to disable policy CMP0054 (CMake 3.1) to allow this indirection
+  if(${ARGN})
+    set(_items ${_items} "${label}" PARENT_SCOPE)
+  endif()
+endfunction()
+
+# Clear list and try to detect available features
+set(_items)
+_add_if("SSL"           SSL_ENABLED)
+_add_if("IPv6"          ENABLE_IPV6)
+_add_if("unix-sockets"  USE_UNIX_SOCKETS)
+_add_if("libz"          HAVE_LIBZ)
+find_package(Threads)
+# AsynchDNS depends or USE_ARES or pthreads (mutually exclusive)
+_add_if("AsynchDNS"     USE_ARES OR CMAKE_USE_PTHREADS_INIT)
+_add_if("IDN"           HAVE_LIBIDN)
+# TODO SSP1 (WinSSL) check is missing
+_add_if("SSPI"          USE_WINDOWS_SSPI)
+_add_if("GSS-API"       HAVE_GSS_API)
+# TODO SSP1 missing for SPNEGO
+_add_if("SPNEGO"        NOT CURL_DISABLE_CRYPTO_AUTH AND
+                        (HAVE_GSS_API OR USE_WINDOWS_SSPI))
+# NTLM support requires crypto function adaptions from various SSL libs
+# TODO alternative SSL libs tests for SSP1, GNUTLS, NSS, DARWINSSL
+if(NOT CURL_DISABLE_HTTP AND NOT CURL_DISABLE_CRYPTO_AUTH AND (USE_OPENSSL OR
+   USE_WINDOWS_SSPI OR GNUTLS_ENABLED OR NSS_ENABLED OR DARWINSSL_ENABLED))
+  _add_if("NTLM"        1)
+  # TODO missing option (autoconf: --enable-ntlm-wb)
+  _add_if("NTLM_WB"     NTLM_WB_ENABLED)
+endif()
+# TODO missing option (--enable-tls-srp), depends on GNUTLS_SRP/OPENSSL_SRP
+_add_if("TLS-SRP"       USE_TLS_SRP)
+# TODO option --with-nghttp2 tests for nghttp2 lib and nghttp2/nghttp2.h header
+_add_if("HTTP2"         USE_NGHTTP2)
+string(REPLACE ";" " " SUPPORT_FEATURES "${_items}")
+message(STATUS "Enabled features: ${SUPPORT_FEATURES}")
+
+# Clear list and try to detect available protocols
+set(_items)
+_add_if("HTTP"          NOT CURL_DISABLE_HTTP)
+_add_if("HTTPS"         NOT CURL_DISABLE_HTTP AND SSL_ENABLED)
+_add_if("FTP"           NOT CURL_DISABLE_FTP)
+_add_if("FTPS"          NOT CURL_DISABLE_FTP AND SSL_ENABLED)
+_add_if("FILE"          NOT CURL_DISABLE_FILE)
+_add_if("TELNET"        NOT CURL_DISABLE_TELNET)
+_add_if("LDAP"          NOT CURL_DISABLE_LDAP)
+# CURL_DISABLE_LDAP implies CURL_DISABLE_LDAPS
+# TODO check HAVE_LDAP_SSL (in autoconf this is enabled with --enable-ldaps)
+_add_if("LDAPS"         NOT CURL_DISABLE_LDAPS AND
+                        ((USE_OPENLDAP AND SSL_ENABLED) OR
+                        (NOT USE_OPENLDAP AND HAVE_LDAP_SSL)))
+_add_if("DICT"          NOT CURL_DISABLE_DICT)
+_add_if("TFTP"          NOT CURL_DISABLE_TFTP)
+_add_if("GOPHER"        NOT CURL_DISABLE_GOPHER)
+_add_if("POP3"          NOT CURL_DISABLE_POP3)
+_add_if("POP3S"         NOT CURL_DISABLE_POP3 AND SSL_ENABLED)
+_add_if("IMAP"          NOT CURL_DISABLE_IMAP)
+_add_if("IMAPS"         NOT CURL_DISABLE_IMAP AND SSL_ENABLED)
+_add_if("SMTP"          NOT CURL_DISABLE_SMTP)
+_add_if("SMTPS"         NOT CURL_DISABLE_SMTP AND SSL_ENABLED)
+_add_if("SCP"           USE_LIBSSH2)
+_add_if("SFTP"          USE_LIBSSH2)
+_add_if("RTSP"          NOT CURL_DISABLE_RTSP)
+_add_if("RTMP"          USE_LIBRTMP)
+list(SORT _items)
+string(REPLACE ";" " " SUPPORT_PROTOCOLS "${_items}")
+message(STATUS "Enabled protocols: ${SUPPORT_PROTOCOLS}")
+
+# curl-config needs the following options to be set.
+set(CC                      "${CMAKE_C_COMPILER}")
+# TODO probably put a -D... options here?
+set(CONFIGURE_OPTIONS       "")
+# TODO when to set "-DCURL_STATICLIB" for CPPFLAG_CURL_STATICLIB?
+set(CPPFLAG_CURL_STATICLIB  "")
+# TODO need to set this (see CURL_CHECK_CA_BUNDLE in acinclude.m4)
+set(CURL_CA_BUNDLE          "")
+set(CURLVERSION             "${CURL_VERSION}")
+set(ENABLE_SHARED           "yes")
+if(CURL_STATICLIB)
+  # Broken: LIBCURL_LIBS below; .a lib is not built
+  message(WARNING "Static linking is broken!")
+  set(ENABLE_STATIC         "no")
+else()
+  set(ENABLE_STATIC         "no")
+endif()
+set(exec_prefix             "\${prefix}")
+set(includedir              "\${prefix}/include")
+set(LDFLAGS                 "${CMAKE_SHARED_LINKER_FLAGS}")
+set(LIBCURL_LIBS            "")
+set(libdir                  "${CMAKE_INSTALL_PREFIX}/lib")
+# TODO CURL_LIBS also contains absolute paths which don't work with static -l...
+foreach(_lib ${CMAKE_C_IMPLICIT_LINK_LIBRARIES} ${CURL_LIBS})
+  set(LIBCURL_LIBS          "${LIBCURL_LIBS} -l${_lib}")
+endforeach()
+# "a" (Linux) or "lib" (Windows)
+string(REPLACE "." "" libext "${CMAKE_STATIC_LIBRARY_SUFFIX}")
+set(prefix                  "${CMAKE_INSTALL_PREFIX}")
+# Set this to "yes" to append all libraries on which -lcurl is dependent
+set(REQUIRE_LIB_DEPS        "no")
+# SUPPORT_FEATURES
+# SUPPORT_PROTOCOLS
+set(VERSIONNUM              "${CURL_VERSION_NUM}")
+
+# Finally generate a "curl-config" matching this config
+configure_file("${CURL_SOURCE_DIR}/curl-config.in"
+               "${CURL_BINARY_DIR}/curl-config" @ONLY)
+install(FILES "${CMAKE_BINARY_DIR}/curl-config"
+        DESTINATION bin
+        PERMISSIONS
+          OWNER_READ OWNER_WRITE OWNER_EXECUTE
+          GROUP_READ GROUP_EXECUTE
+          WORLD_READ WORLD_EXECUTE)
+
+# Finally generate a pkg-config file matching this config
+configure_file("${CURL_SOURCE_DIR}/libcurl.pc.in"
+               "${CURL_BINARY_DIR}/libcurl.pc" @ONLY)
+install(FILES "${CMAKE_BINARY_DIR}/libcurl.pc"
+        DESTINATION lib/pkgconfig)
+
 # This needs to be run very last so other parts of the scripts can take advantage of this.
 if(NOT CURL_CONFIG_HAS_BEEN_RUN_BEFORE)
  set(CURL_CONFIG_HAS_BEEN_RUN_BEFORE 1 CACHE INTERNAL "Flag to track whether this is the first time running CMake or if CMake has been configured before")
--- a/Makefile.am
+++ b/Makefile.am
@@ -24,10 +24,10 @@ AUTOMAKE_OPTIONS = foreign

 ACLOCAL_AMFLAGS = -I m4

-CMAKE_DIST = CMakeLists.txt CMake/CMakeConfigurableFile.in		    \
-CMake/CurlCheckCSourceCompiles.cmake CMake/CurlCheckCSourceRuns.cmake	    \
-CMake/CurlTests.c CMake/OtherTests.cmake CMake/Platforms/WindowsCache.cmake \
-CMake/Utilities.cmake include/curl/curlbuild.h.cmake
+CMAKE_DIST = CMakeLists.txt CMake/CMakeConfigurableFile.in	\
+ CMake/CurlTests.c CMake/FindGSS.cmake CMake/OtherTests.cmake	\
+ CMake/Platforms/WindowsCache.cmake CMake/Utilities.cmake	\
+ include/curl/curlbuild.h.cmake CMake/Macros.cmake

 VC6_LIBTMPL = projects/Windows/VC6/lib/libcurl.tmpl
 VC6_LIBDSP = projects/Windows/VC6/lib/libcurl.dsp
@@ -87,6 +87,7 @@ VC12_SRCVCXPROJ_DEPS = $(VC12_SRCTMPL) Makefile.am src/Makefile.inc

 VC_DIST = projects/README	\
 projects/build-openssl.bat	\
+ projects/checksrc.bat	\
 projects/Windows/VC6/curl.dsw	\
 projects/Windows/VC6/lib/libcurl.dsw $(VC6_LIBDSP)	\
 projects/Windows/VC6/src/curlsrc.dsw $(VC6_SRCDSP)	\
--- a/Makefile.dist
+++ b/Makefile.dist
@@ -172,6 +172,12 @@ vc-ssl-zlib: $(VC)
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib

+vc-ssl-ssh2-zlib: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib
+
 vc-winssl-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-winssl-zlib
@@ -184,6 +190,12 @@ vc-x64-ssl-zlib: $(VC)
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib

+vc-x64-ssl-ssh2-zlib: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib
+
 vc-x64-winssl-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib
--- a/205
+++ b/205
@@ -1,6 +1,6 @@
-Curl and libcurl 7.38.0
+Curl and libcurl 7.39.0

- Public curl releases:         141
+ Public curl releases:         142
 Command line options:         162
 curl_easy_setopt() options:   208
 Public functions in libcurl:  58
@@ -8,85 +8,81 @@ Curl and libcurl 7.38.0

 This release includes the following changes:

- o CURLE_HTTP2 is a new error code
- o CURLAUTH_NEGOTIATE is a new auth define
- o CURL_VERSION_GSSAPI is a new capability bit
- o no longer use fbopenssl for anything
- o schannel: use CryptGenRandom for random numbers
- o axtls: define curlssl_random using axTLS's PRNG
- o cyassl: use RNG_GenerateBlock to generate a good random number
- o findprotocol: show unsupported protocol within quotes
- o version: detect and show LibreSSL
- o version: detect and show BoringSSL
- o imap/pop3/smtp: Kerberos (SASL GSSAPI) authentication via Windows SSPI
- o http2: requires nghttp2 0.6.0 or later
+ o SSLv3 is disabled by default
+ o CURLOPT_COOKIELIST: Added "RELOAD" command [5]
+ o build: Added WinIDN build configuration options to Visual Studio projects
+ o ssh: improve key file search
+ o SSL: public key pinning. Use CURLOPT_PINNEDPUBLICKEY and --pinnedpubkey
+ o vtls: remove QsoSSL support, use gskit!
+ o mk-ca-bundle: added SHA-384 signature algorithm
+ o docs: added many examples for libcurl opts and other doc improvements
+ o build: Added VC ssh2 target to main Makefile
+ o MinGW: Added support to build with nghttp2
+ o NetWare: Added support to build with nghttp2
+ o build: added Watcom support to build with WinSSL
+ o build: Added optional specific version generation of VC project files

 This release includes the following bugfixes:

- o CVE-2014-3613: cookie leak with IP address as domain [25]
- o CVE-2014-3620: cookie leak for TLDs [26]
-
- o fix a build failure on Debian when NSS support is enabled [1]
- o HTTP/2: fixed compiler warnings when built disabled [2]
- o cyassl: return the correct error code on no CA cert
- o http: Deprecate GSS-Negotiate macros due to bad naming
- o http: Fixed Negotiate: authentication
- o multi: Improve proxy CONNECT performance (regression) [3]
- o ntlm_wb: Avoid invoking ntlm_auth helper with empty username
- o ntlm_wb: Fix hard-coded limit on NTLM auth packet size
- o url.c: use the preferred symbol name: *READDATA [4]
- o smtp: fixed a segfault during test 1320 torture test
- o cyassl: made it compile with version 2.0.6 again
- o nss: do not check the version of NSS at run time
- o c-ares: fix build without IPv6 support [5]
- o HTTP/2: use base64url encoding [6]
- o SSPI Negotiate: Fix 3 memory leaks
- o libtest: fixed duplicated line in Makefile [7]
- o conncache: fix compiler warning [8]
- o openssl: make ossl_send return CURLE_OK better
- o HTTP/2: Support expect: 100-continue
- o HTTP/2: Fix infinite loop in readwrite_data()
- o parsedate: fix the return code for an overflow edge condition
- o darwinssl: don't use strtok()
- o http_negotiate_sspi: Fixed specific username and password not working [9]
- o openssl: replace call to OPENSSL_config [10]
- o http2: show the received header for better debugging
- o HTTP/2: Move :authority before non-pseudo header fields
- o HTTP/2: Reset promised stream, not its associated stream
- o HTTP/2: added some more logging for debugging stream problems
- o ntlm: Added support for SSPI package info query
- o ntlm: Fixed hard coded buffer for SSPI based auth packet generation
- o sasl_sspi: Fixed memory leak with not releasing Package Info struct
- o sasl_sspi: Fixed SPN not being converted to wchar under Unicode builds
- o sasl: Use a dynamic buffer for DIGEST-MD5 SPN generation
- o http_negotiate_sspi: Use a dynamic buffer for SPN generation
- o sasl_sspi: Fixed missing free of challenge buffer on SPN failure
- o sasl_sspi: Fixed hard coded buffer for response generation
- o Curl_poll + Curl_wait_ms: fix timeout return value
- o docs/SSLCERTS: update the section about NSS database
- o create_conn: prune dead connections [11]
- o openssl: fix version report for the 0.9.8 branch
- o mk-ca-bundle.pl: switched to using hg.mozilla.org [12]
- o http: fix the Content-Range: parser [13]
- o Curl_disconnect: don't free the URL [14]
- o win32: Fixed WinSock 2 #if [15]
- o NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth
- o curl.1: clarify --limit-rate's effect on both directions [16]
- o disconnect: don't touch easy-related state on disconnects [17]
- o Cmake: big cleanup and numerous fixes
- o HTTP/2: supports draft-14 - moved :headers before the non-psuedo headers
- o HTTP/2: Reset promised stream, not its associated stream
- o configure.ac: Add support for recent GSS-API implementations for HP-UX
- o CONNECT: close proxy connections that fail [18]
- o CURLOPT_NOBODY.3: clarify this option is for downloads [19]
- o darwinssl: fix CA certificate checking using PEM format [20]
- o resolve: cache lookup for async resolvers [21]
- o low-speed-limit: avoid timeout flood [22]
- o polarssl: implement CURLOPT_SSLVERSION [23]
- o multi: convert CURLM_STATE_CONNECT_PEND handling to a list [24]
- o curl_multi_cleanup: remove superfluous NULL assigns
- o polarssl: support CURLOPT_CAPATH / --capath
- o progress: size_dl/size_ul are always >= 0, and clear "KNOWN" properly
+ o curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds [9]
+ o openssl: build fix for versions < 0.9.8e [1]
+ o newlines: fix mixed newlines to LF-only [2]
+ o ntlm: Fixed HTTP proxy authentication when using Windows SSPI [3]
+ o sasl_sspi: Fixed Unicode build [4]
+ o file: reject paths using embedded %00
+ o threaded-resolver: revert Curl_expire_latest() switch [6]
+ o configure: allow --with-ca-path with PolarSSL too
+ o HTTP/2: Fix busy loop when EOF is encountered
+ o CURLOPT_CAPATH: return failure if set without backend support
+ o nss: do not fail if a CRL is already cached
+ o smtp: Fixed intermittent "SSL3_WRITE_PENDING: bad write retry" error
+ o fixed 20+ nits/memory leaks identified by Coverity scans
+ o curl_schannel.c: Fixed possible memory or handle leak
+ o multi-uv.c: call curl_multi_info_read() better
+ o Cmake: Check for OpenSSL before OpenLDAP
+ o Cmake: Fix library list provided to cURL tests
+ o Cmake: Avoid cycle directory dependencies
+ o Cmake: Build with GSS-API libraries (MIT or Heimdal)
+ o vtls: provide backend defines for internal source code
+ o nss: fix a connection failure when FTPS handle is reused
+ o tests/http_pipe.py: Python 3 support
+ o cmake: build tool_hugehelp (ENABLE_MANUAL)
+ o cmake: enable IPv6 by default if available
+ o tests: move TESTCASES to Makefile.inc, add show for cmake
+ o ntlm: Avoid unnecessary buffer allocation for SSPI based type-2 token
+ o ntlm: Fixed empty/bad base-64 decoded buffer return codes
+ o ntlm: Fixed empty type-2 decoded message info text
+ o cmake: add CMake/Macros.cmake to the release tarball
+ o cmake: add SUPPORT_FEATURES and SUPPORT_PROTOCOLS
+ o cmake: use LIBCURL_VERSION from curlver.h
+ o cmake: generate pkg-config and curl-config
+ o fixed several superfluous variable assignements identified by cppcheck
+ o cleanup of 'CURLcode result' return code
+ o pipelining: only output "is not blacklisted" in debug builds
+ o SSL: Remove SSLv3 from SSL default due to POODLE attack
+ o gskit.c: remove SSLv3 from SSL default
+ o darwinssl: detect possible future removal of SSLv3 from the framework
+ o ntlm: Only define ntlm data structure when USE_NTLM is defined
+ o ntlm: Return CURLcode from Curl_ntlm_core_mk_lm_hash()
+ o ntlm: Return all errors from Curl_ntlm_core_mk_nt_hash()
+ o sspi: Only call CompleteAuthToken() when complete is needed
+ o http_negotiate: Fixed missing check for USE_SPNEGO
+ o HTTP: return larger than 3 digit response codes too [7]
+ o openssl: Check for NPN / ALPN via OpenSSL version number
+ o openssl: enable NPN separately from ALPN
+ o sasl_sspi: Allow DIGEST-MD5 to use current windows credentials
+ o sspi: Return CURLE_LOGIN_DENIED on AcquireCredentialsHandle() failure
+ o resume: consider a resume from [content-length] to be OK [8]
+ o sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is used
+ o build-openssl.bat: Fix x64 release build
+ o cmake: drop _BSD_SOURCE macro usage
+ o cmake: fix gethostby{addr,name}_r in CurlTests
+ o cmake: clean OtherTests, fixing -Werror
+ o cmake: fix struct sockaddr_storage check
+ o Curl_single_getsock: fix hold/pause sock handling
+ o SSL: PolarSSL default min SSL version TLS 1.0
+ o cmake: fix ZLIB_INCLUDE_DIRS use [10]
+ o buildconf: stop checking for libtool

 This release includes the following known bugs:

@@ -95,43 +91,26 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:

-  Alessandro Ghedini, Andre Heinecke, Anthon Pang, Askar Safin, Brandon Casey,
-  Catalin Patulea, Dan Fandrich, Daniel Stenberg, Dave Reisner, David Meyer,
-  David Shaw, David Woodhouse, Dimitrios Siganos, Ed Morley, Fabian Keil,
-  Florian Weimer, Frank Gevaerts, Frank Meier, Haris Okanovic, Jakub Zakrzewski,
-  Jan Ehrhardt, John Coffey, Jonatan Vela, Jose Alf, Kamil Dudka,
-  Leonardo Rosati, Marcel Raad, Michael Osipov, Michael Wallner, Paras S,
-  Patrick Monnerat, Paul Saab, Peter Wang, Rafaël Carré, Sergey Nikulov,
-  Spork Schivago, Steve Holme, Tatsuhiro Tsujikawa, Tim Ruehsen, Toby Peterson,
-  Vilmos Nebehaj,
+  Askar Safin, Balaji Salunke, Bill Nagel, Bruno Thomsen, Carlo Wood,
+  Catalin Patulea, Dan Fandrich, Daniel Stenberg, Dimitar Boevski, Fabian Keil,
+  Guenter Knauf, Jakub Zakrzewski, Jeremy Lin, Jonathan Cardoso Machado,
+  Kamil Dudka, K. R. Walker, Luan Cestari, Lucas Pardue, Marcel Raad,
+  Marc Hoersken, Michael Wallner, Nick Zitzmann, Patrick Monnerat,
+  Paul Howarth, Peter Wu, Ray Satiro, Steve Holme, Symeon Paraschoudis,
+  Tatsuhiro Tsujikawa, Ulrich Telle, Viktor Szakáts, Waldek Kozba,
+  Yousuke Kimoto,

        Thanks! (and sorry if I forgot to mention someone)

 References to bug reports and discussions on issues:

- [1] = http://curl.haxx.se/mail/lib-2014-07/0209.html
- [2] = http://curl.haxx.se/mail/lib-2014-07/0202.html
- [3] = http://curl.haxx.se/bug/view.cgi?id=1397
- [4] = http://curl.haxx.se/bug/view.cgi?id=1398
- [5] = http://curl.haxx.se/mail/lib-2014-07/0337.html
- [6] = https://github.com/tatsuhiro-t/nghttp2/issues/62
- [7] = https://github.com/bagder/curl/pull/105
- [8] = http://curl.haxx.se/bug/view.cgi?id=1399
- [9] = http://curl.haxx.se/mail/lib-2014-06/0224.html
- [10] = http://curl.haxx.se/bug/view.cgi?id=1401
- [11] = http://curl.haxx.se/mail/lib-2014-06/0189.html
- [12] = http://curl.haxx.se/bug/view.cgi?id=1409
- [13] = http://curl.haxx.se/mail/lib-2014-06/0221.html
- [14] = http://curl.haxx.se/mail/lib-2014-08/0148.html
- [15] = http://curl.haxx.se/mail/lib-2014-08/0155.html
- [16] = http://curl.haxx.se/bug/view.cgi?id=1414
- [17] = http://curl.haxx.se/mail/lib-2014-08/0148.html
- [18] = http://curl.haxx.se/bug/view.cgi?id=1381
- [19] = http://curl.haxx.se/mail/lib-2014-08/0236.html
- [20] = https://github.com/bagder/curl/pull/115
- [21] = https://github.com/bagder/curl/pull/112
- [22] = http://curl.haxx.se/mail/lib-2014-06/0235.html
- [23] = http://curl.haxx.se/bug/view.cgi?id=1419
- [24] = http://curl.haxx.se/mail/lib-2014-07/0206.html
- [25] = http://curl.haxx.se/docs/adv_20140910A.html
- [26] = http://curl.haxx.se/docs/adv_20140910B.html
+ [1] = http://curl.haxx.se/mail/lib-2014-09/0064.html
+ [2] = http://curl.haxx.se/mail/lib-2014-09/0075.html
+ [3] = http://curl.haxx.se/mail/lib-2014-08/0273.html
+ [4] = http://curl.haxx.se/bug/view.cgi?id=1422
+ [5] = http://curl.haxx.se/libcurl/c/CURLOPT_COOKIELIST.html
+ [6] = http://curl.haxx.se/bug/view.cgi?id=1426
+ [7] = http://curl.haxx.se/bug/view.cgi?id=1441
+ [8] = http://curl.haxx.se/bug/view.cgi?id=1443
+ [9] = http://curl.haxx.se/docs/adv_20141105.html
+ [10] = https://github.com/bagder/curl/pull/123
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -2614,8 +2614,8 @@ AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
    capath="no"
  elif test "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
    dnl --with-ca-path given
-    if test "x$OPENSSL_ENABLED" != "x1"; then
-      AC_MSG_ERROR([--with-ca-path only works with openSSL])
+    if test "x$OPENSSL_ENABLED" != "x1" -a "x$POLARSSL_ENABLED" != "x1"; then
+      AC_MSG_ERROR([--with-ca-path only works with openSSL or PolarSSL])
    fi
    capath="$want_capath"
    ca="no"
--- a/47
+++ b/47
@@ -6,7 +6,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -190,32 +190,32 @@ else
 fi

 #--------------------------------------------------------------------------
-# GNU libtool preliminary check
+# GNU libtoolize preliminary check
 #
 want_lt_major=1
 want_lt_minor=4
 want_lt_patch=2
 want_lt_version=1.4.2

-# This approach that tries 'glibtool' first is intended for systems that
-# have GNU libtool named as 'glibtool' and libtool not being GNU's.
+# This approach that tries 'glibtoolize' first is intended for systems that
+# have GNU libtool named as 'glibtoolize' and libtoolize not being GNU's.

-libtool=`findtool glibtool 2>/dev/null`
-if test ! -x "$libtool"; then
-  libtool=`findtool ${LIBTOOL:-libtool}`
+libtoolize=`findtool glibtoolize 2>/dev/null`
+if test ! -x "$libtoolize"; then
+  libtoolize=`findtool ${LIBTOOLIZE:-libtoolize}`
 fi
-if test -z "$libtool"; then
-  echo "buildconf: libtool not found."
-  echo "            You need GNU libtool $want_lt_version or newer installed."
+if test -z "$libtoolize"; then
+  echo "buildconf: libtoolize not found."
+  echo "  You need GNU libtoolize $want_lt_version or newer installed."
  exit 1
 fi

-lt_pver=`$libtool --version 2>/dev/null|head -n 1`
+lt_pver=`$libtoolize --version 2>/dev/null|head -n 1`
 lt_qver=`echo $lt_pver|sed -e "s/([^)]*)//g" -e "s/^[^0-9]*//g"`
 lt_version=`echo $lt_qver|sed -e "s/[- ].*//" -e "s/\([a-z]*\)$//"`
 if test -z "$lt_version"; then
-  echo "buildconf: libtool not found."
-  echo "            You need GNU libtool $want_lt_version or newer installed."
+  echo "buildconf: libtoolize not found."
+  echo "  You need GNU libtoolize $want_lt_version or newer installed."
  exit 1
 fi
 old_IFS=$IFS; IFS='.'; set $lt_version; IFS=$old_IFS
@@ -245,27 +245,12 @@ else
  lt_status="good"
 fi
 if test "$lt_status" != "good"; then
-  echo "buildconf: libtool version $lt_version found."
-  echo "            You need GNU libtool $want_lt_version or newer installed."
+  echo "buildconf: libtoolize version $lt_version found."
+  echo "  You need GNU libtoolize $want_lt_version or newer installed."
  exit 1
 fi

-echo "buildconf: libtool version $lt_version (ok)"
-
-#--------------------------------------------------------------------------
-# GNU libtoolize check
-#
-if test -z "$LIBTOOLIZE"; then
-  # use (g)libtoolize from same location as (g)libtool
-  libtoolize="${libtool}ize"
-else
-  libtoolize=`findtool $LIBTOOLIZE`
-fi
-if test ! -f "$libtoolize"; then
-  echo "buildconf: libtoolize not found."
-  echo "            You need GNU libtoolize $want_lt_version or newer installed."
-  exit 1
-fi
+echo "buildconf: libtoolize version $lt_version (ok)"

 #--------------------------------------------------------------------------
 # m4 check
--- a/configure.ac
+++ b/configure.ac
@@ -1570,10 +1570,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
                    ENGINE_cleanup \
                    CRYPTO_cleanup_all_ex_data \
                    SSL_get_shutdown \
-                    SSLv2_client_method \
-                    SSL_CTX_set_next_proto_select_cb \
-                    SSL_CTX_set_alpn_protos \
-                    SSL_CTX_set_alpn_select_cb )
+                    SSLv2_client_method )

    dnl Make an attempt to detect if this is actually yassl's headers and
    dnl OpenSSL emulation layer. We still leave everything else believing
--- a/contributors.sh
+++ b/contributors.sh
@@ -34,6 +34,7 @@ fi

 # filter out Author:, Commit: and *by: lines
 # cut off the email parts
+# split list of names at comma
 # cut off spaces first and last on the line
 # only count names with a space (ie more than one word)
 # sort all unique names
@@ -42,6 +43,7 @@ git log $start..HEAD | \
 egrep -i '(Author|Commit|by):' | \
 cut -d: -f2- | \
 cut '-d<' -f1 | \
+tr , '\012' | \
 sed -e 's/^ //' -e 's/ $//g' | \
 grep ' ' | \
 sort -fu |
--- a/docs/BINDINGS
+++ b/docs/BINDINGS
@@ -128,6 +128,11 @@ Mono
  libcurl-net by Jeffrey Phillips
  http://sourceforge.net/projects/libcurl-net/

+node.js
+
+  node-libcurl by Jonathan Cardoso Machado
+  https://github.com/JCMais/node-libcurl
+
 Object-Pascal

  Free Pascal, Delphi and Kylix binding written by Christophe Espern.
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -156,7 +156,10 @@ FAQ
    Since curl uses libcurl, curl supports the same wide range of common
    Internet protocols that libcurl does.

-  We pronounce curl and cURL with an initial k sound: [kurl].
+  We pronounce curl with an initial k sound. It rhymes with words like girl
+  and earl. This is a short WAV file to help you:
+
+     http://media.merriam-webster.com/soundc11/c/curl0001.wav

  There are numerous sub-projects and related projects that also use the word
  curl in the project names in various combinations, but you should take
@@ -424,7 +427,7 @@ FAQ

  curl can be built to use one of the following SSL alternatives: OpenSSL,
  GnuTLS, yassl, NSS, PolarSSL, axTLS, Secure Transport (native iOS/OS X),
-  WinSSL (native Windows) or qssl (native IBM i). They all have their pros
+  WinSSL (native Windows) or GSKit (native IBM i). They all have their pros
  and cons, and we try to maintain a comparison of them here:
  http://curl.haxx.se/docs/ssl-compared.html

--- a/docs/FEATURES
+++ b/docs/FEATURES
@@ -64,7 +64,7 @@ HTTP
 - Content-Encoding support for deflate and gzip
 - "Transfer-Encoding: chunked" support in uploads
 - data compression (*12)
- - HTTP/2 (*4)
+ - HTTP/2 (*5)

 HTTPS (*1)
 - (all the HTTP features)
@@ -77,7 +77,6 @@ HTTPS (*1)
 FTP
 - download
 - authentication
- - kerberos4 (*5)
 - Kerberos 5 (*14)
 - active/passive using PORT, EPRT, PASV or EPSV
 - single file size information (compare to HTTP HEAD)
@@ -129,7 +128,8 @@ FILE
 - resume

 SMTP
- - authentication: Plain, Login, CRAM-MD5, Digest-MD5 and NTLM (*9)
+ - authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9) and Kerberos 5
+   (*4)
 - send e-mails
 - mail from support
 - mail size support
@@ -144,8 +144,8 @@ SMTPS (*1)

 POP3
 - authentication: Clear Text, APOP and SASL
- - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5 and
-   NTLM (*9)
+ - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9) and
+   Kerberos 5 (*4)
 - list e-mails
 - retrieve e-mails
 - enhanced command support for: CAPA, DELE, TOP, STAT, UIDL and NOOP via
@@ -159,8 +159,8 @@ POP3S (*1)

 IMAP
 - authentication: Clear Text and SASL
- - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5 and
-   NTLM (*9)
+ - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9) and
+   Kerberos 5 (*4)
 - list the folders of a mailbox
 - select a mailbox with support for verifying the UIDVALIDITY
 - fetch e-mails with support for specifying the UID and SECTION
@@ -178,14 +178,15 @@ FOOTNOTES
 =========

  *1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL, WinSSL (native
-       Windows), Secure Transport (native iOS/OS X) or qssl (native IBM i)
+       Windows), Secure Transport (native iOS/OS X) or GSKit (native IBM i)
  *2 = requires OpenLDAP
  *3 = requires a GSS-API implementation (such as Heimdal or MIT Kerberos) or
       SSPI (native Windows)
-  *4 = requires nghttp2 and possibly a recent TLS library
-  *5 = requires a krb4 library, such as the MIT one or similar
+  *4 = requires a GSS-API implementation, however, only Windows SSPI is
+       currently supported
+  *5 = requires nghttp2 and possibly a recent TLS library
  *6 = requires c-ares
-  *7 = requires OpenSSL, NSS, qssl, WinSSL or Secure Transport; GnuTLS, for
+  *7 = requires OpenSSL, NSS, GSKit, WinSSL or Secure Transport; GnuTLS, for
       example, only supports SSLv3 and TLSv1
  *8 = requires libssh2
  *9 = requires OpenSSL, GnuTLS, NSS, yassl, Secure Transport or SSPI (native
--- a/docs/HISTORY
+++ b/docs/HISTORY
@@ -273,3 +273,10 @@ August:
 October: Removed krb4 support.

 December: Happy eyeballs.
+
+2014
+----
+
+ March: first real release supporting HTTP/2
+
+ September: Web site had 245,000 unique visitors and served 236GB data
--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -22,6 +22,7 @@ Building from git

 UNIX
 ====
+
   A normal unix installation is made in three or four steps (after you've
   unpacked the source archive):

@@ -136,8 +137,8 @@ UNIX

     To build with axTLS for SSL/TLS, use both --without-ssl and --with-axtls.

-     To get GSSAPI support, build with --with-gssapi and have the MIT or
-     Heimdal Kerberos 5 packages installed.
+     To build with GSS-API support, use --with-gssapi and have the MIT Kerberos
+     or Heimdal packages installed.

     To get support for SCP and SFTP, build with --with-libssh2 and have
     libssh2 0.16 or later installed.
@@ -147,6 +148,7 @@ UNIX

   SPECIAL CASES
   -------------
+
   Some versions of uClibc require configuring with CPPFLAGS=-D_GNU_SOURCE=1
   to get correct large file support.

@@ -155,7 +157,6 @@ UNIX
       ./configure CC=owcc AR="$WATCOM/binl/wlib" AR_FLAGS=-q \
           RANLIB=/bin/true STRIP="$WATCOM/binl/wstrip" CFLAGS=-Wextra

-
 Win32
 =====

@@ -187,7 +188,6 @@ Win32

   If you get linkage errors read section 5.7 of the FAQ document.

-
   MingW32
   -------

@@ -234,7 +234,6 @@ Win32
   - optional recent Novell CLDAP SDK available from:
     http://developer.novell.com/ndk/cldap.htm

-
   Cygwin
   ------

@@ -389,7 +388,6 @@ Win32
   is required, as well as the OpenSSL libeay32.lib and ssleay32.lib
   libraries.

-
   OTHER MSVC IDEs
   ---------------

@@ -400,7 +398,6 @@ Win32
   Make the sources in the src/ drawer be a "win32 console application"
   project. Name it curl.

-
   Disabling Specific Protocols in Win32 builds
   --------------------------------------------

@@ -429,7 +426,6 @@ Win32
   - Add defines to Project/Settings/C/C++/General/Preprocessor Definitions
     in the vc6libcurl.dsw/vc6libcurl.dsp Visual C++ 6 IDE project.

-
   Using BSD-style lwIP instead of Winsock TCP/IP stack in Win32 builds
   --------------------------------------------------------------------

@@ -465,9 +461,9 @@ Win32
   add '-DCURL_STATICLIB' to your CFLAGS.  Otherwise the linker will look for
   dynamic import symbols.

-
 Apple iOS and Mac OS X
 ======================
+
   On recent Apple operating systems, curl can be built to use Apple's
   SSL/TLS implementation, Secure Transport, instead of OpenSSL. To build with
   Secure Transport for SSL/TLS, use the configure option --with-darwinssl. (It
@@ -497,9 +493,9 @@ Apple iOS and Mac OS X
      ./configure --with-darwinssl
      make

-
 IBM OS/2
 ========
+
   Building under OS/2 is not much different from building under unix.
   You need:

@@ -527,9 +523,9 @@ IBM OS/2
   If you're getting huge binaries, probably your makefiles have the -g in
   CFLAGS.

-
 VMS
 ===
+
   (The VMS section is in whole contributed by the friendly Nico Baggus)

   Curl seems to work with FTP & HTTP other protocols are not tested.  (the
@@ -574,6 +570,7 @@ VMS
   the name can be fetched from external or internal message libraries
   Error code - the err codes assigned by the application
   Sev. - severity: Even = error, off = non error
+
      0 = Warning
      1 = Success
      2 = Error
@@ -595,12 +592,13 @@ VMS
      Compaq C V6.2-003 on OpenVMS Alpha V7.1-1H2

   So far for porting notes as of:
+
   13-jul-2001
   N. Baggus

-
 QNX
 ===
+
   (This section was graciously brought to us by David Bentham)

   As QNX is targeted for resource constrained environments, the QNX headers
@@ -611,11 +609,12 @@ QNX

   A good all-round solution to this is to override the default when building
   libcurl, by overriding CFLAGS during configure, example
-   #  configure CFLAGS='-DFD_SETSIZE=64 -g -O2'

+   #  configure CFLAGS='-DFD_SETSIZE=64 -g -O2'

 RISC OS
 =======
+
   The library can be cross-compiled using gccsdk as follows:

        CC=riscos-gcc AR=riscos-ar RANLIB='riscos-ar -s' ./configure \
@@ -625,9 +624,9 @@ RISC OS
   where riscos-gcc and riscos-ar are links to the gccsdk tools.
   You can then link your program with curl/lib/.libs/libcurl.a

-
 AmigaOS
 =======
+
   (This section was graciously brought to us by Diego Casorran)

   To build cURL/libcurl on AmigaOS just type 'make amiga' ...
@@ -647,10 +646,11 @@ AmigaOS
   To enable SSL support, you need a OpenSSL native version (without ixemul),
   you can find a precompiled package at http://amiga.sourceforge.net/OpenSSL/

-
 NetWare
 =======
+
   To compile curl.nlm / libcurl.nlm you need:
+
   - either any gcc / nlmconv, or CodeWarrior 7 PDK 4 or later.
   - gnu make and awk running on the platform you compile on;
     native Win32 versions can be downloaded from:
@@ -691,9 +691,9 @@ NetWare
   the status of these builds can be viewed at the autobuild table:
   http://curl.haxx.se/dev/builds.html

-
 eCos
 ====
+
   curl does not use the eCos build system, so you must first build eCos
   separately, then link curl to the resulting eCos library.  Here's a sample
   configure line to do so on an x86 Linux box targeting x86:
@@ -761,9 +761,9 @@ eCos

   config.errors = stderr; /* default errors to stderr */

-
 Minix
 =====
+
   curl can be compiled on Minix 3 using gcc or ACK (starting with
   ver. 3.1.3).  Ensure that GNU gawk and bash are both installed and
   available in the PATH.
@@ -793,9 +793,9 @@ Minix
     make
     chmem =256000 src/curl

-
 Symbian OS
 ==========
+
   The Symbian OS port uses the Symbian build system to compile.  From the
   packages/Symbian/group/ directory, run:

@@ -806,9 +806,9 @@ Symbian OS
   SDK doesn't include support for P.I.P.S., you will need to contact
   your SDK vendor to obtain that first.

-
 VxWorks
 ========
+
   Build for VxWorks is performed using cross compilation.
   That means you build on Windows machine using VxWorks tools and
   run the built image on the VxWorks device.
@@ -832,13 +832,15 @@ VxWorks
   As a result the libcurl.a library should be created in the 'lib' folder.
   To clean the build results type 'make -f ./Makefile.vxworks clean'.

-
 Android
 =======
+
   Method using the static makefile:
+
      - see the build notes in the packages/Android/Android.mk file.

   Method using a configure cross-compile (tested with Android NDK r7c, r8):
+
      - prepare the toolchain of the Android NDK for standalone use; this can
        be done by invoking the script:
        ./build/tools/make-standalone-toolchain.sh
@@ -860,7 +862,8 @@ Android
        found in your automake folder:
        find /usr -name config.sub

-   Wrapper for pkg-config
+   Wrapper for pkg-config:
+
      - In order to make proper use of pkg-config so that configure is able to
        find all dependencies you should create a wrapper script for pkg-config;
        file /opt/arm-linux-androideabi-4.4.3/bin/arm-linux-androideabi-pkg-config:
@@ -874,9 +877,9 @@ Android

        also create a copy or symlink with name arm-unknown-linux-androideabi-pkg-config.

-
 CROSS COMPILE
 =============
+
   (This section was graciously brought to us by Jim Duey, with additions by
   Dan Fandrich)

@@ -922,9 +925,9 @@ CROSS COMPILE

       ./configure --host=ARCH-OS

-
 REDUCING SIZE
 =============
+
   There are a number of configure options that can be used to reduce the
   size of libcurl for embedded applications where binary size is an
   important factor.  First, be sure to set the CFLAGS variable when
@@ -961,6 +964,7 @@ REDUCING SIZE
   size of the libcurl dynamic libraries on some platforms even further.
   Specify them by providing appropriate CFLAGS and LDFLAGS variables on the
   configure command-line, e.g.
+
     CFLAGS="-Os -ffunction-sections -fdata-sections \
             -fno-unwind-tables -fno-asynchronous-unwind-tables" \
     LDFLAGS="-Wl,-s -Wl,-Bsymbolic -Wl,--gc-sections"
@@ -989,9 +993,9 @@ REDUCING SIZE
     --disable-manual           !--manual
     --disable-proxy            !HTTP\ proxy !proxytunnel !SOCKS4 !SOCKS5

-
 PORTS
 =====
+
   This is a probably incomplete list of known hardware and operating systems
   that curl has been compiled for. If you know a system curl compiles and
   runs on, that isn't listed, please let us know!
--- a/docs/INSTALL.cmake
+++ b/docs/INSTALL.cmake
@@ -24,7 +24,6 @@ Current flaws in the curl CMake build
   Missing features in the cmake build:

   - Builds libcurl without large file support
-   - It doesn't build src/tool_hugehelp.c which creates the --manual output
   - Can't select which SSL library to build with, only OpenSSL
   - Doesn't build with SCP and SFTP support (libssh2)
   - Doesn't allow different resolver backends (no c-ares build support)
@@ -32,7 +31,6 @@ Current flaws in the curl CMake build
   - Doesn't allow build curl and libcurl debug enabled
   - Doesn't allow a custom CA bundle path
   - Doesn't allow you to disable specific protocols from the build
-   - Doesn't properly enable IPv6 support by default
   - Doesn't find or use krb4 or GSS
   - Rebuilds test files too eagerly, but still can't run the tests

--- a/docs/INTERNALS
+++ b/docs/INTERNALS
@@ -14,6 +14,7 @@ INTERNALS

 GIT
 ===
+
 All changes to the sources are committed to the git repository as soon as
 they're somewhat verified to work. Changes shall be committed as independently
 as possible so that individual changes can be easier spotted and tracked
@@ -42,7 +43,7 @@ Portability
 cyassl       2.0.0
 openldap     2.0
 MIT krb5 lib 1.2.4
- qsossl       V5R3M0
+ GSKit        V5R3M0
 NSS          3.14.x
 axTLS        1.2.7
 PolarSSL     1.3.0
@@ -251,7 +252,9 @@ Library

 Kerberos

- The kerberos support is mainly in lib/krb4.c and lib/security.c.
+ The kerberos support is mainly in lib/krb5.c and lib/security.c but also
+ curl_sasl_sspi.c for the email protocols and socks_gssapi.c & socks_sspi.c for
+ SOCKS5 proxy specifics.

 TELNET

@@ -265,6 +268,10 @@ Library

 Everything LDAP is in lib/ldap.c and lib/openldap.c

+ E-mail
+
+ The e-mail related source code is in lib/imap.c, lib/pop3.c and lib/smtp.c.
+
 GENERAL

 URL encoding and decoding, called escaping and unescaping in the source code,
--- a/docs/LICENSE-MIXING
+++ b/docs/LICENSE-MIXING
@@ -21,9 +21,7 @@ announcement clause that collides with GPL.
 libcurl http://curl.haxx.se/docs/copyright.html

        Uses an MIT (or Modified BSD)-style license that is as liberal as
-        possible.  Some of the source files that deal with KRB4 have Original
-        BSD-style announce-clause licenses. You may not distribute binaries
-        with krb4-enabled libcurl that also link with GPL-licensed code!
+        possible.

 OpenSSL http://www.openssl.org/source/license.html

@@ -70,14 +68,6 @@ zlib    http://www.gzip.org/zlib/zlib_license.html
        (Used for compressed Transfer-Encoding support) Uses an MIT-style
        license that shouldn't collide with any other library.

-krb4
-
-        While nothing in particular says that a Kerberos4 library must use any
-        particular license, the one I've tried and used successfully so far
-        (kth-krb4) is partly Original BSD-licensed with the announcement
-        clause. Some of the code in libcurl that is written to deal with
-        Kerberos4 is Modified BSD-licensed.
-
 MIT Kerberos http://web.mit.edu/kerberos/www/dist/

        (May be used for GSS support) MIT licensed, that shouldn't collide
--- a/docs/MANUAL
+++ b/docs/MANUAL
@@ -41,12 +41,19 @@ SIMPLE USAGE

  Get a file from an SSH server using SFTP:

-        curl -u username sftp://shell.example.com/etc/issue
+        curl -u username sftp://example.com/etc/issue

-  Get a file from an SSH server using SCP using a private key to authenticate:
+  Get a file from an SSH server using SCP using a private key
+  (not password-protected) to authenticate:

-        curl -u username: --key ~/.ssh/id_dsa --pubkey ~/.ssh/id_dsa.pub \
-            scp://shell.example.com/~/personal.txt
+        curl -u username: --key ~/.ssh/id_rsa \
+             scp://example.com/~/file.txt
+
+  Get a file from an SSH server using SCP using a private key
+  (password-protected) to authenticate:
+
+        curl -u username: --key ~/.ssh/id_rsa --pass private_key_password \
+             scp://example.com/~/file.txt

  Get the main page from an IPv6 web server:

@@ -91,10 +98,13 @@ USING PASSWORDS

 SFTP / SCP

-   This is similar to FTP, but you can specify a private key to use instead of
-   a password. Note that the private key may itself be protected by a password
-   that is unrelated to the login password of the remote system.  If you
-   provide a private key file you must also provide a public key file.
+   This is similar to FTP, but you can use the --key option to specify a
+   private key to use instead of a password. Note that the private key may
+   itself be protected by a password that is unrelated to the login password
+   of the remote system; this password is specified using the --pass option.
+   Typically, curl will automatically extract the public key from the private
+   key file, but in cases where curl does not have the proper library support,
+   a matching public key file must be specified using the --pubkey option.

 HTTP

--- a/docs/RELEASE-PROCEDURE
+++ b/docs/RELEASE-PROCEDURE
@@ -7,15 +7,16 @@
 curl release procedure - how to do a release
 ============================================

-[in the source code repo]
+in the source code repo
+-----------------------

- edit RELEASE-NOTES to be accurate
+- edit `RELEASE-NOTES` to be accurate

- update docs/THANKS
+- update `docs/THANKS`

 - make sure all relevant changes are committed on the master branch

- tag the git repo in this style: 'git tag -a curl-7_34_0'. -a annotates the
+- tag the git repo in this style: `git tag -a curl-7_34_0`. -a annotates the
  tag and we use underscores instead of dots in the version number. 
   
 - run "./maketgz 7.34.0" to build the release tarballs. It is important that
@@ -29,11 +30,14 @@ curl release procedure - how to do a release

 - upload the 8 resulting files to the primary download directory

-[data in the curl-www repo]
+in the curl-www repo
+--------------------

- edit Makefile (version number and date),
-  _newslog.html (announce the new release) and
-  _changes.html (insert changes+bugfixes from RELEASE-NOTES)
+- edit `Makefile` (version number and date),
+
+- edit `_newslog.html` (announce the new release) and
+
+- edit `_changes.html` (insert changes+bugfixes from RELEASE-NOTES)

 - commit all local changes

@@ -43,11 +47,48 @@ curl release procedure - how to do a release

  (the web site then updates its contents automatically)

-[inform]
+inform
+------

 - send an email to curl-users, curl-announce and curl-library. Insert the
  RELEASE-NOTES into the mail.

-[celebrate]
+celebrate
+---------

 - suitable beverage intake is encouraged for the festivities
+
+curl release scheduling
+=======================
+
+Basics
+------
+
+We do releases every 8 weeks on Wednesdays. If critical problems arise, we can
+insert releases outside of the schedule or we can move the release date - but
+this is very rare.
+
+Each 8 week release cycle is split in two 4-week periods.
+
+- During the first 4 weeks after a release, we allow new features and changes
+  to curl and libcurl. If we accept any such changes, we bump the minor number
+  used for the next release.
+
+- During the second 4-week period we do not merge any features or changes, we
+  then only focus on fixing bugs and polishing things to make a solid coming
+  release.
+
+Coming dates
+------------
+
+Based on the description above, here are some planned release dates (at the
+time of this writing):
+
+- November 5, 2014 (version 7.39.0)
+- December 31, 2014
+- February 25, 2015
+- April 22, 2015
+- June 17, 2015
+- August 12, 2015
+- October 7, 2015
+- December 2, 2015
--- a/docs/ROADMAP.md
+++ b/docs/ROADMAP.md
@@ -1,12 +1,12 @@
 curl the next few years - perhaps
-=======================
+=================================

 Roadmap of things Daniel Stenberg and Steve Holme want to work on next. It is
 intended to serve as a guideline for others for information, feedback and
 possible participation.

 New stuff - libcurl
-===================
+-------------------

 1. http2 test suite

@@ -18,13 +18,13 @@ New stuff - libcurl

 5. HTTPS to proxy

-6. make sure there's an easy handle passed in to curl_formadd(),
-   curl_formget() and curl_formfree() by adding replacement functions and
+6. make sure there's an easy handle passed in to `curl_formadd()`,
+   `curl_formget()` and `curl_formfree()` by adding replacement functions and
   deprecating the old ones to allow custom mallocs and more

 7. HTTP Digest authentication via Windows SSPI

-8. GSSAPI authentication in the email protocols
+8. SASL GSSAPI (Kerberos 5) authentication via a GSS-API library

 9. add support for third-party SASL libraries such as Cyrus SASL - may need to
   move existing native and SSPI based authentication into vsasl folder after
@@ -48,7 +48,7 @@ New stuff - libcurl
    memory when handles are not in use?

 New stuff - curl
-================
+----------------

 1. Embed a language interpreter (lua?). For that middle ground where curl
   isn’t enough and a libcurl binding feels “too much”. Build-time conditional
@@ -58,7 +58,7 @@ New stuff - curl
   don't have to be constructed before calling curl

 Improve
-=======
+-------

 1. build for windows (considered hard by many users)

@@ -69,8 +69,9 @@ Improve
   features/options in the future too

 4. docs (considered "bad" by users but how do we make it better?)
-   A - split up curl_easy_setopt.3
-   B - split up curl.1
+
+  - split up `curl_easy_setopt.3`
+  - split up curl.1

 5. authentication framework (consider merging HTTP and SASL authentication to
   give one API for protocols to call)
@@ -80,7 +81,7 @@ Improve
   ago

 Remove
-======
+------

 1. cmake support (nobody maintains it)

--- a/docs/SECURITY
+++ b/docs/SECURITY
@@ -4,21 +4,24 @@
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

-CURL SECURITY FOR DEVELOPERS
+curl security for developers
+============================

 This document is intended to provide guidance to curl developers on how
 security vulnerabilities should be handled.

-PUBLISHING INFORMATION
+Publishing Information
+----------------------

-All known and public curl or libcurl related vulnerabilities are listed at
-http://curl.haxx.se/docs/security.html
+All known and public curl or libcurl related vulnerabilities are listed on
+[the curl web site security page](http://curl.haxx.se/docs/security.html).

 Security vulnerabilities should not be entered in the project's public bug
 tracker unless the necessary configuration is in place to limit access to the
 issue to only the reporter and the project's security team.

-VULNERABILITY HANDLING
+Vulnerability Handling
+----------------------

 The typical process for handling a new security vulnerability is as follows.

@@ -31,7 +34,7 @@ any reference to the security nature of the commit if done prior to the public
 announcement.

 - The person discovering the issue, the reporter, reports the vulnerability
-  privately to curl-security@haxx.se. That's an email alias that reaches a
+  privately to `curl-security@haxx.se`. That's an email alias that reaches a
  handful of selected and trusted people.

 - Messages that do not relate to the reporting or managing of an undisclosed
@@ -63,7 +66,7 @@ announcement.
  workarounds, when the release is out and make sure to credit all
  contributors properly.

- Request a CVE number from distros@openwall.org[1] when also informing and
+- Request a CVE number from distros@openwall[1] when also informing and
  preparing them for the upcoming public security vulnerability announcement -
  attach the advisory draft for information. Note that 'distros' won't accept
  an embargo longer than 19 days.
@@ -91,6 +94,7 @@ announcement.
 [1] = http://oss-security.openwall.org/wiki/mailing-lists/distros

 CURL-SECURITY (at haxx dot se)
+------------------------------

 Who is on this list? There are a couple of criteria you must meet, and then we
 might ask you to join the list or you can ask to join it. It really isn't very
--- a/docs/SSLCERTS
+++ b/docs/SSLCERTS
@@ -1,23 +1,46 @@
-Peer SSL Certificate Verification
-=================================
+SSL Certificate Verification
+============================

-(NOTE: If libcurl was built with Schannel or Secure Transport support, then
-this does not apply to you. Scroll down for details on how the OS-native
-engines handle SSL certificates. If you're not sure, then run "curl -V" and
-read the results. If the version string says "WinSSL" in it, then it was built
-with Schannel support.)
+SSL is TLS
+----------
+
+SSL is the old name. It is called TLS these days.
+
+
+Native SSL
+----------
+
+If libcurl was built with Schannel or Secure Transport support (the native SSL
+libraries included in Windows and Mac OS X), then this does not apply to
+you. Scroll down for details on how the OS-native engines handle SSL
+certificates. If you're not sure, then run "curl -V" and read the results. If
+the version string says "WinSSL" in it, then it was built with Schannel
+support.
+
+It is about trust
+-----------------
+
+This system is about trust. In your local CA cert bundle you have certs from
+*trusted* Certificate Authorities that you then can use to verify that the
+server certificates you see are valid. They're signed by one of the CAs you
+trust.
+
+Which CAs do you trust? You can decide to trust the same set of companies your
+operating system trusts, or the set one of the known browsers trust. That's
+basically trust via someone else you trust. You should just be aware that
+modern operating systems and browsers are setup to trust *hundreds* of
+companies and recent years several such CAs have been found untrustworthy.
+
+Certificate Verification
+------------------------

 libcurl performs peer SSL certificate verification by default.  This is done
 by using CA cert bundle that the SSL library can use to make sure the peer's
 server certificate is valid.

-If you communicate with HTTPS or FTPS servers using certificates that are
-signed by CAs present in the bundle, you can be sure that the remote server
-really is the one it claims to be.
-
-Until 7.18.0, curl bundled a severely outdated ca bundle file that was
-installed by default. These days, the curl archives include no ca certs at
-all. You need to get them elsewhere. See below for example.
+If you communicate with HTTPS, FTPS or other TLS-using servers using
+certificates that are signed by CAs present in the bundle, you can be sure
+that the remote server really is the one it claims to be.

 If the remote server uses a self-signed certificate, if you don't install a CA
 cert bundle, if the server uses a certificate signed by a CA that isn't
@@ -94,15 +117,15 @@ cert bundle, will cause SSL to report an error ("certificate verify failed")
 during the handshake and SSL will then refuse further communication with that
 server.

-Peer SSL Certificate Verification with NSS
-==========================================
+Certificate Verification with NSS
+---------------------------------

 If libcurl was built with NSS support, then depending on the OS distribution,
-it is probably required to take some additional steps to use the system-wide CA
-cert db. RedHat ships with an additional module, libnsspem.so, which enables
-NSS to read the OpenSSL PEM CA bundle. This library is missing in OpenSuSE, and
-without it, NSS can only work with its own internal formats. NSS also has a new
-[database format](https://wiki.mozilla.org/NSS_Shared_DB).
+it is probably required to take some additional steps to use the system-wide
+CA cert db. RedHat ships with an additional module, libnsspem.so, which
+enables NSS to read the OpenSSL PEM CA bundle. This library is missing in
+OpenSuSE, and without it, NSS can only work with its own internal formats. NSS
+also has a new [database format](https://wiki.mozilla.org/NSS_Shared_DB).

 Starting with version 7.19.7, libcurl automatically adds the 'sql:' prefix to
 the certdb directory (either the hardcoded default /etc/pki/nssdb or the
@@ -112,11 +135,11 @@ format your distribution provides, examine the default certdb location:
 cert9.db, key4.db, pkcs11.txt; filenames of older versions are cert8.db,
 key3.db, secmod.db.

-Peer SSL Certificate Verification with Schannel and Secure Transport
-====================================================================
+Certificate Verification with Schannel and Secure Transport
+-----------------------------------------------------------

-If libcurl was built with Schannel (Microsoft's TLS/SSL engine) or Secure
-Transport (Apple's TLS/SSL engine) support, then libcurl will still perform
+If libcurl was built with Schannel (Microsoft's native TLS engine) or Secure
+Transport (Apple's native TLS engine) support, then libcurl will still perform
 peer certificate verification, but instead of using a CA cert bundle, it will
 use the certificates that are built into the OS. These are the same
 certificates that appear in the Internet Options control panel (under Windows)
--- a/docs/TODO
+++ b/docs/TODO
@@ -34,6 +34,7 @@
 4.4 REST for large files
 4.5 ASCII support
 4.6 GSSAPI via Windows SSPI
+ 4.7 STAT for LIST without data connection

 5. HTTP
 5.1 Better persistency for HTTP 1.0
@@ -260,6 +261,14 @@ In addition to currently supporting the SASL GSSAPI mechanism (Kerberos V5)
 via third-party GSS-API libraries, such as Heimdal or MIT Kerberos, also add
 support for GSSAPI authentication via Windows SSPI.

+4.7 STAT for LIST without data connection
+
+Some FTP servers allow STAT for listing directories instead of using LIST, and
+the response is then sent over the control connection instead of as the
+otherwise usedw data connection: http://www.nsftools.com/tips/RawFTP.htm#STAT
+
+This is not detailed in any FTP specification.
+
 5. HTTP

 5.1 Better persistency for HTTP 1.0
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -48,18 +48,20 @@ RFC 3986.
 You can specify multiple URLs or parts of URLs by writing part sets within
 braces as in:

- http://site.{one,two,three}.com
+  http://site.{one,two,three}.com

 or you can get sequences of alphanumeric series by using [] as in:

- ftp://ftp.numericals.com/file[1-100].txt
- ftp://ftp.numericals.com/file[001-100].txt    (with leading zeros)
- ftp://ftp.letters.com/file[a-z].txt
+  ftp://ftp.numericals.com/file[1-100].txt
+
+  ftp://ftp.numericals.com/file[001-100].txt    (with leading zeros)
+
+  ftp://ftp.letters.com/file[a-z].txt

 Nested sequences are not supported, but you can use several ones next to each
 other:

- http://any.org/archive[1996-1999]/vol[1-4]/part{a,b,c}.html
+  http://any.org/archive[1996-1999]/vol[1-4]/part{a,b,c}.html

 You can specify any amount of URLs on the command line. They will be fetched
 in a sequential manner in the specified order.
@@ -67,8 +69,14 @@ in a sequential manner in the specified order.
 You can specify a step counter for the ranges to get every Nth number or
 letter:

- http://www.numericals.com/file[1-100:10].txt
- http://www.letters.com/file[a-z:2].txt
+  http://www.numericals.com/file[1-100:10].txt
+
+  http://www.letters.com/file[a-z:2].txt
+
+When using [] or {} sequences when invoked from a command line prompt, you
+probably have to put the full URL within double quotes to avoid the shell from
+interfering with it. This also goes for other characters treated special, like
+for example '&', '?' and '*'.

 If you specify URL without protocol:// prefix, curl will attempt to guess what
 protocol you might want. It will then default to HTTP but try other protocols
@@ -157,23 +165,23 @@ You can use options \fI--tlsv1.0\fP, \fI--tlsv1.1\fP, and \fI--tlsv1.2\fP to
 control the TLS version more precisely (if the SSL backend in use supports such
 a level of control).
 .IP "-2, --sslv2"
-(SSL)
-Forces curl to use SSL version 2 when negotiating with a remote SSL server.
+(SSL) Forces curl to use SSL version 2 when negotiating with a remote SSL
+server. Sometimes curl is built without SSLv2 support. SSLv2 is widely
+considered insecure.
 .IP "-3, --sslv3"
-(SSL)
-Forces curl to use SSL version 3 when negotiating with a remote SSL server.
+(SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL
+server. Sometimes curl is built without SSLv3 support.
 .IP "-4, --ipv4"
-If curl is capable of resolving an address to multiple IP versions (which it
-is if it is IPv6-capable), this option tells curl to resolve names to IPv4
-addresses only.
+Tis option tells curl to resolve names to IPv4 addresses only, and not for
+example try IPv6.
 .IP "-6, --ipv6"
-If curl is capable of resolving an address to multiple IP versions (which it
-is if it is IPv6-capable), this option tells curl to resolve names to IPv6
-addresses only.
+This option tells curl to resolve names to IPv6 addresses only, and not for
+example try IPv4.
 .IP "-a, --append"
-(FTP/SFTP) When used in an upload, this will tell curl to append to the target
-file instead of overwriting it. If the file doesn't exist, it will be created.
-Note that this flag is ignored by some SSH servers (including OpenSSH).
+(FTP/SFTP) When used in an upload, this makes curl append to the target file
+instead of overwriting it. If the remote file doesn't exist, it will be
+created.  Note that this flag is ignored by some SFTP servers (including
+OpenSSH).
 .IP "-A, --user-agent <agent string>"
 (HTTP) Specify the User-Agent string to send to the HTTP server. Some badly
 done CGIs fail if this field isn't set to "Mozilla/4.0". To encode blanks in
@@ -194,10 +202,9 @@ since it may require data to be sent twice and then the client must be able to
 rewind. If the need should arise when uploading from stdin, the upload
 operation will fail.
 .IP "-b, --cookie <name=data>"
-(HTTP)
-Pass the data to the HTTP server as a cookie. It is supposedly the
-data previously received from the server in a "Set-Cookie:" line.
-The data should be in the format "NAME1=VALUE1; NAME2=VALUE2".
+(HTTP) Pass the data to the HTTP server as a cookie. It is supposedly the data
+previously received from the server in a "Set-Cookie:" line.  The data should
+be in the format "NAME1=VALUE1; NAME2=VALUE2".

 If no '=' symbol is used in the line, it is treated as a filename to use to
 read previously stored cookie lines from, which should be used in this session
@@ -207,26 +214,29 @@ in combination with the \fI-L, --location\fP option. The file format of the
 file to read cookies from should be plain HTTP headers or the Netscape/Mozilla
 cookie file format.

-\fBNOTE\fP that the file specified with \fI-b, --cookie\fP is only used as
-input. No cookies will be stored in the file. To store cookies, use the
-\fI-c, --cookie-jar\fP option or you could even save the HTTP headers to a file
-using \fI-D, --dump-header\fP!
+The file specified with \fI-b, --cookie\fP is only used as input. No cookies
+will be written to the file. To store cookies, use the \fI-c, --cookie-jar\fP
+option.

 If this option is used several times, the last one will be used.
 .IP "-B, --use-ascii"
-(FTP/LDAP) Enable ASCII transfer. For FTP, this can also be
-enforced by using an URL that ends with ";type=A". This option causes data
-sent to stdout to be in text mode for win32 systems.
+(FTP/LDAP) Enable ASCII transfer. For FTP, this can also be enforced by using
+an URL that ends with ";type=A". This option causes data sent to stdout to be
+in text mode for win32 systems.
 .IP "--basic"
-(HTTP) Tells curl to use HTTP Basic authentication. This is the default and
-this option is usually pointless, unless you use it to override a previously
-set option that sets a different authentication method (such as \fI--ntlm\fP,
-\fI--digest\fP, or \fI--negotiate\fP).
+(HTTP) Tells curl to use HTTP Basic authentication with the remote host. This
+is the default and this option is usually pointless, unless you use it to
+override a previously set option that sets a different authentication method
+(such as \fI--ntlm\fP, \fI--digest\fP, or \fI--negotiate\fP).
+
+Used together with \fI-u, --user\fP and \fI-x, --proxy\fP.
+
+See also \fI--proxy-basic\fP.
 .IP "-c, --cookie-jar <file name>"
 (HTTP) Specify to which file you want curl to write all cookies after a
 completed operation. Curl writes all cookies previously read from a specified
 file as well as all cookies received from remote server(s). If no cookies are
-known, no file will be written. The file will be written using the Netscape
+known, no data will be written. The file will be written using the Netscape
 cookie file format. If you set the file name to a single dash, "-", the
 cookies will be written to stdout.

@@ -266,11 +276,12 @@ If this option is used several times, the last one will be used.
 supports, and save the uncompressed document.  If this option is used and the
 server sends an unsupported encoding, curl will report an error.
 .IP "--connect-timeout <seconds>"
-Maximum time in seconds that you allow the connection to the server to take.
-This only limits the connection phase, once curl has connected this option is
-of no more use.  Since 7.32.0, this option accepts decimal values, but the
-actual timeout will decrease in accuracy as the specified timeout increases in
-decimal precision. See also the \fI-m, --max-time\fP option.
+Maximum time in seconds that you allow curl's connection to take.  This only
+limits the connection phase, so if curl connects within the given period it
+will continue - if not it will exit.  Since version 7.32.0, this option
+accepts decimal values.
+
+See also the \fI-m, --max-time\fP option.

 If this option is used several times, the last one will be used.
 .IP "--create-dirs"
@@ -318,13 +329,12 @@ Write the protocol headers to the specified file.
 This option is handy to use when you want to store the headers that an HTTP
 site sends to you. Cookies from the headers could then be read in a second
 curl invocation by using the \fI-b, --cookie\fP option! The
-\fI-c, --cookie-jar\fP option is however a better way to store cookies.
+\fI-c, --cookie-jar\fP option is a better way to store cookies.

 When used in FTP, the FTP server response lines are considered being "headers"
 and thus are saved there.

 If this option is used several times, the last one will be used.
-
 .IP "--data-ascii <data>"
 See \fI-d, --data\fP.
 .IP "--data-binary <data>"
@@ -522,12 +532,25 @@ OpenSSL-powered curl to make SSL-connections much more efficiently than using

 If this option is set, the default capath value will be ignored, and if it is
 used several times, the last one will be used.
+.IP "--pinnedpubkey <pinned public key>"
+(SSL) Tells curl to use the specified public key file to verify the peer. The
+file must contain a single public key in DER format.
+
+When negotiating a TLS or SSL connection, the server sends a certificate
+indicating its identity. A public key is extracted from this certificate and
+if it does not exactly match the public key provided to this option, curl will
+abort the connection before sending or receiving any data.
+
+This is currently only implemented in the OpenSSL and GnuTLS backends.
+
+If this option is used several times, the last one will be used.
+(Added in 7.39.0)
 .IP "-f, --fail"
 (HTTP) Fail silently (no output at all) on server errors. This is mostly done
-to better enable scripts etc to better deal with failed attempts. In
-normal cases when an HTTP server fails to deliver a document, it returns an
-HTML document stating so (which often also describes why and more). This flag
-will prevent curl from outputting that and return error 22.
+to better enable scripts etc to better deal with failed attempts. In normal
+cases when an HTTP server fails to deliver a document, it returns an HTML
+document stating so (which often also describes why and more). This flag will
+prevent curl from outputting that and return error 22.

 This method is not fail-safe and there are occasions where non-successful
 response codes will slip through, especially when authentication is involved
@@ -536,11 +559,11 @@ response codes will slip through, especially when authentication is involved
 (HTTP) This lets curl emulate a filled-in form in which a user has pressed the
 submit button. This causes curl to POST data using the Content-Type
 multipart/form-data according to RFC 2388. This enables uploading of binary
-files etc. To force the 'content' part to be a file, prefix the file name
-with an @ sign. To just get the content part from a file, prefix the file name
-with the symbol <. The difference between @ and < is then that @ makes a file
-get attached in the post as a file upload, while the < makes a text field and
-just get the contents for that text field from a file.
+files etc. To force the 'content' part to be a file, prefix the file name with
+an @ sign. To just get the content part from a file, prefix the file name with
+the symbol <. The difference between @ and < is then that @ makes a file get
+attached in the post as a file upload, while the < makes a text field and just
+get the contents for that text field from a file.

 Example, to send your password file to the server, where
 \&'password' is the name of the form-field to which /etc/passwd will be the
@@ -817,7 +840,8 @@ If this option is used several times, the last one will be used. If
 unspecified, the option defaults to 60 seconds.
 .IP "--key <key>"
 (SSL/SSH) Private key file name. Allows you to provide your private key in this
-separate file.
+separate file. For SSH, if not specified, curl tries the following candidates
+in order: '~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'.

 If this option is used several times, the last one will be used.
 .IP "--key-type <type>"
@@ -1275,6 +1299,11 @@ protocol instead of the default HTTP 1.1.
 separate file.

 If this option is used several times, the last one will be used.
+
+(As of 7.39.0, curl attempts to automatically extract the public key from the
+private key file, so passing this option is generally not required. Note that
+this public key extraction requires libcurl to be linked against a copy of
+libssh2 1.2.8 or higher that is itself linked against OpenSSL.)
 .IP "-q"
 If used as the first parameter on the command line, the \fIcurlrc\fP config
 file will not be read and used. See the \fI-K, --config\fP for details on the
@@ -1650,9 +1679,9 @@ Principal Name) formats. For example, EXAMPLE\\user and user@example.com
 respectively.

 If you use a Windows SSPI-enabled curl binary and perform Kerberos V5,
-Negotiate or NTLM authentication then you can tell curl to select the user
-name and password from your environment by specifying a single colon with this
-option: "-u :".
+Negotiate, NTLM or DIGEST-MD5 authentication then you can tell curl to select
+the user name and password from your environment by specifying a single colon
+with this option: "-u :".

 If this option is used several times, the last one will be used.
 .IP "-U, --proxy-user <user:password>"
@@ -1670,10 +1699,11 @@ URL(s) in a config file.
 This option may be used any number of times. To control where this URL is
 written, use the \fI-o, --output\fP or the \fI-O, --remote-name\fP options.
 .IP "-v, --verbose"
-Makes the fetching more verbose/talkative. Mostly useful for debugging. A line
-starting with '>' means "header data" sent by curl, '<' means "header data"
-received by curl that is hidden in normal cases, and a line starting with '*'
-means additional info provided by curl.
+Be more verbose/talkative during the operation. Useful for debugging and
+seeing what's going on "under the hood". A line starting with '>' means
+"header data" sent by curl, '<' means "header data" received by curl that is
+hidden in normal cases, and a line starting with '*' means additional info
+provided by curl.

 Note that if you only want HTTP headers in the output, \fI-i, --include\fP
 might be the option you're looking for.
@@ -1685,10 +1715,10 @@ This option overrides previous uses of \fI--trace-ascii\fP or \fI--trace\fP.

 Use \fI-s, --silent\fP to make curl quiet.
 .IP "-w, --write-out <format>"
-Defines what to display on stdout after a completed and successful
-operation. The format is a string that may contain plain text mixed with any
-number of variables. The string can be specified as "string", to get read from
-a particular file you specify it "@filename" and to tell curl to read the
+Make curl display information on stdout after a completed transfer. The format
+is a string that may contain plain text mixed with any number of
+variables. The format can be specified as a literal "string", or you can have
+curl read the format from a file with "@filename" and to tell curl to read the
 format from stdin you write "@-".

 The variables present in the output format will be substituted by the value or
@@ -1909,7 +1939,8 @@ than the specified date/time.

 If this option is used several times, the last one will be used.
 .IP "-h, --help"
-Usage help.
+Usage help. This lists all current command line options with a short
+description.
 .IP "-M, --manual"
 Manual. Display the huge help text.
 .IP "-V, --version"
@@ -1929,7 +1960,8 @@ You can use IPv6 with this.
 .IP "krb4"
 Krb4 for FTP is supported.
 .IP "SSL"
-HTTPS and FTPS are supported.
+SSL versions of various protocols are supported, such as HTTPS, FTPS, POP3S
+and so on.
 .IP "libz"
 Automatic decompression of compressed files over HTTP is supported.
 .IP "NTLM"
@@ -1938,7 +1970,8 @@ NTLM authentication is supported.
 This curl uses a libcurl built with Debug. This enables more error-tracking
 and memory debugging etc. For curl-developers only!
 .IP "AsynchDNS"
-This curl uses asynchronous name resolves.
+This curl uses asynchronous name resolves. Asynchronous name resolves can be
+done using either the c-ares or the threaded resolver backends.
 .IP "SPNEGO"
 SPNEGO authentication is supported.
 .IP "Largefile"
@@ -1951,6 +1984,8 @@ GSS-API is supported.
 SSPI is supported.
 .IP "TLS-SRP"
 SRP (Secure Remote Password) authentication is supported for TLS.
+.IP "HTTP2"
+HTTP/2 support has been built-in.
 .IP "Metalink"
 This curl supports Metalink (both version 3 and 4 (RFC 5854)), which
 describes mirrors and hashes.  curl will use mirrors for failover if
@@ -2166,6 +2201,8 @@ unable to parse FTP file list
 FTP chunk callback reported error
 .IP 89
 No connection available, the session will be queued
+.IP 90
+SSL public key does not matched pinned public key
 .IP XX
 More error codes will appear here in future releases. The existing ones
 are meant to never change.
--- a/docs/examples/httpcustomheader.c
+++ b/docs/examples/httpcustomheader.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -31,20 +31,25 @@ int main(void)
  if(curl) {
    struct curl_slist *chunk = NULL;

-    chunk = curl_slist_append(chunk, "Accept: moo");
+    /* Remove a header curl would otherwise add by itself */
+    chunk = curl_slist_append(chunk, "Accept:");
+
+    /* Add a custom header */
    chunk = curl_slist_append(chunk, "Another: yes");

-    /* request with the built-in Accept: */
+    /* Modify a header curl otherwise adds differently */
+    chunk = curl_slist_append(chunk, "Host: example.com");
+
+    /* Add a header with "blank" contents to the right of the colon. Note that
+       we're then using a semicolon in the string we pass to curl! */
+    chunk = curl_slist_append(chunk, "X-silly-header;");
+
+    /* set our custom set of headers */
+    res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
+
    curl_easy_setopt(curl, CURLOPT_URL, "localhost");
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
-    res = curl_easy_perform(curl);
-    /* Check for errors */
-    if(res != CURLE_OK)
-      fprintf(stderr, "curl_easy_perform() failed: %s\n",
-              curl_easy_strerror(res));

-    /* redo request with our own custom Accept: */
-    res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
--- a/docs/examples/multi-uv.c
+++ b/docs/examples/multi-uv.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -95,6 +95,31 @@ void add_download(const char *url, int num)
  fprintf(stderr, "Added download %s -> %s\n", url, filename);
 }

+static void check_multi_info(void)
+{
+  int running_handles;
+  char *done_url;
+  CURLMsg *message;
+  int pending;
+
+  while ((message = curl_multi_info_read(curl_handle, &pending))) {
+    switch (message->msg) {
+    case CURLMSG_DONE:
+      curl_easy_getinfo(message->easy_handle, CURLINFO_EFFECTIVE_URL,
+                        &done_url);
+      printf("%s DONE\n", done_url);
+
+      curl_multi_remove_handle(curl_handle, message->easy_handle);
+      curl_easy_cleanup(message->easy_handle);
+      break;
+
+    default:
+      fprintf(stderr, "CURLMSG default\n");
+      break;
+    }
+  }
+}
+
 void curl_perform(uv_poll_t *req, int status, int events)
 {
  int running_handles;
@@ -116,22 +141,7 @@ void curl_perform(uv_poll_t *req, int status, int events)
  curl_multi_socket_action(curl_handle, context->sockfd, flags,
                           &running_handles);

-  while ((message = curl_multi_info_read(curl_handle, &pending))) {
-    switch (message->msg) {
-    case CURLMSG_DONE:
-      curl_easy_getinfo(message->easy_handle, CURLINFO_EFFECTIVE_URL,
-                        &done_url);
-      printf("%s DONE\n", done_url);
-
-      curl_multi_remove_handle(curl_handle, message->easy_handle);
-      curl_easy_cleanup(message->easy_handle);
-
-      break;
-    default:
-      fprintf(stderr, "CURLMSG default\n");
-      abort();
-    }
-  }
+  check_multi_info();
 }

 void on_timeout(uv_timer_t *req, int status)
@@ -139,6 +149,7 @@ void on_timeout(uv_timer_t *req, int status)
  int running_handles;
  curl_multi_socket_action(curl_handle, CURL_SOCKET_TIMEOUT, 0,
                           &running_handles);
+  check_multi_info();
 }

 void start_timeout(CURLM *multi, long timeout_ms, void *userp)
--- a/docs/libcurl/ABI
+++ b/docs/libcurl/ABI
@@ -7,16 +7,16 @@
                          libcurl's binary interface

 ABI - Application Binary Interface
+----------------------------------

-  First, allow me to define the word for this context: ABI describes the
-  low-level interface between an application program and a library. Calling
-  conventions, function arguments, return values, struct sizes/defines and
-  more.
+  "ABI" describes the low-level interface between an application program and a
+  library. Calling conventions, function arguments, return values, struct
+  sizes/defines and more.

-  For a longer description, see
-  http://en.wikipedia.org/wiki/Application_binary_interface
+  [Wikipedia has a longer description](http://en.wikipedia.org/wiki/Application_binary_interface)

 Upgrades
+--------

  In the vast majority of all cases, a typical libcurl upgrade does not break
  the ABI at all. Your application can remain using libcurl just as before,
@@ -26,11 +26,13 @@ Upgrades
  it now is defined to work.

 Version Numbers
+---------------

  In libcurl land, you really can't tell by the libcurl version number if that
  libcurl is binary compatible or not with another libcurl version.

 Soname Bumps
+------------

  Whenever there are changes done to the library that will cause an ABI
  breakage, that may require your application to get attention or possibly be
@@ -43,7 +45,11 @@ Soname Bumps
  During the first seven years of libcurl releases, there have only been four
  ABI breakages.

+  We are determined to bump the SONAME as rarely as possible.  Ideally, we
+  never do it again.
+
 Downgrades
+----------

  Going to an older libcurl version from one you're currently using can be a
  tricky thing. Mostly we add features and options to newer libcurls as that
@@ -54,6 +60,7 @@ Downgrades
  soname, and then your application may need to adapt to the modified ABI.

 History
+-------

  The previous major library soname number bumps (breaking backwards
  compatibility) have happened the following times:
--- a/docs/libcurl/curl_easy_cleanup.3
+++ b/docs/libcurl/curl_easy_cleanup.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -22,20 +22,20 @@
 .\"
 .TH curl_easy_cleanup 3 "22 aug 2007" "libcurl 7.17.0" "libcurl Manual"
 .SH NAME
-curl_easy_cleanup - End a libcurl easy session
+curl_easy_cleanup - End a libcurl easy handle
 .SH SYNOPSIS
 .B #include <curl/curl.h>

 .BI "void curl_easy_cleanup(CURL *" handle ");"
-
 .SH DESCRIPTION
 This function must be the last function to call for an easy session. It is the
 opposite of the \fIcurl_easy_init(3)\fP function and must be called with the
-same \fIhandle\fP as input that the curl_easy_init call returned.
+same \fIhandle\fP as input that a \fIcurl_easy_init(3)\fP call returned.

-This will effectively close all connections this handle has used and possibly
-has kept open until now. Don't call this function if you intend to transfer
-more files.
+This might close all connections this handle has used and possibly has kept
+open until now - unless it was attached to a multi handle while doing the
+transfers. Don't call this function if you intend to transfer more files,
+re-using handles is a key to good performance with libcurl.

 Occasionally you may get your progress callback or header callback called from
 within \fIcurl_easy_cleanup(3)\fP (if previously set for the handle using
@@ -43,13 +43,13 @@ within \fIcurl_easy_cleanup(3)\fP (if previously set for the handle using
 connection and the protocol is of a kind that requires a command/response
 sequence before disconnect. Examples of such protocols are FTP, POP3 and IMAP.

-Any uses of the \fBhandle\fP after this function has been called and have
-returned, are illegal. This kills the handle and all memory associated with
-it!
+Any use of the \fBhandle\fP after this function has been called and have
+returned, is illegal. \fIcurl_easy_cleanup(3)\fP kills the handle and all
+memory associated with it!

-With libcurl versions prior to 7.17.: when you've called this, you can safely
-remove all the strings you've previously told libcurl to use, as it won't use
-them anymore now.
+For libcurl versions before 7.17,: after you've called this function, you can
+safely remove all the strings you've previously told libcurl to use, as it
+won't use them anymore now.
 .SH RETURN VALUE
 None
 .SH "SEE ALSO"
--- a/docs/libcurl/curl_easy_duphandle.3
+++ b/docs/libcurl/curl_easy_duphandle.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -19,7 +19,7 @@
 .\" * KIND, either express or implied.
 .\" *
 .\" **************************************************************************
-.TH curl_easy_duphandle 3 "18 September 2001" "libcurl 7.9" "libcurl Manual"
+.TH curl_easy_duphandle 3 "19 Sep 2014" "libcurl" "libcurl Manual"
 .SH NAME
 curl_easy_duphandle - Clone a libcurl session handle
 .SH SYNOPSIS
@@ -47,5 +47,4 @@ in a synchronous way, the input handle may not be in use when cloned.
 If this function returns NULL, something went wrong and no valid handle was
 returned.
 .SH "SEE ALSO"
-.BR curl_easy_init "(3)," curl_easy_cleanup "(3)," curl_global_init "(3)
-
+.BR curl_easy_init "(3)," curl_easy_cleanup "(3)," curl_global_init "(3)"
--- a/docs/libcurl/curl_easy_getinfo.3
+++ b/docs/libcurl/curl_easy_getinfo.3
@@ -76,8 +76,8 @@ start until the connect to the remote host (or proxy) was completed.
 Pass a pointer to a double to receive the time, in seconds, it took from the
 start until the SSL/SSH connect/handshake to the remote host was completed.
 This time is most often very near to the PRETRANSFER time, except for cases
-such as HTTP pippelining where the pretransfer time can be delayed due to
-waits in line for the pipeline and more. (Added in 7.19.0)
+such as HTTP pipelining where the pretransfer time can be delayed due to waits
+in line for the pipeline and more. (Added in 7.19.0)
 .IP CURLINFO_PRETRANSFER_TIME
 Pass a pointer to a double to receive the time, in seconds, it took from the
 start until the file transfer is just about to begin. This includes all
@@ -222,8 +222,8 @@ request was done. The struct reports how many certs it found and then you can
 extract info for each of those certs by following the linked lists. The info
 chain is provided in a series of data in the format "name:content" where the
 content is for the specific named data. See also the certinfo.c example. NOTE:
-this option is only available in libcurl built with OpenSSL, NSS, GSKit or
-QsoSSL support. (Added in 7.19.1)
+this option is only available in libcurl built with OpenSSL, NSS or GSKit
+support. (Added in 7.19.1)
 .IP CURLINFO_TLS_SESSION
 Pass a pointer to a 'struct curl_tlssessioninfo *'.  The pointer will be
 initialized to refer to a 'struct curl_tlssessioninfo *' that will contain an
--- a/docs/libcurl/curl_easy_init.3
+++ b/docs/libcurl/curl_easy_init.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -26,24 +26,21 @@ curl_easy_init - Start a libcurl easy session
 .B #include <curl/curl.h>

 .BI "CURL *curl_easy_init( );"
-
 .SH DESCRIPTION
 This function must be the first function to call, and it returns a CURL easy
-handle that you must use as input to other easy-functions. curl_easy_init
-initializes curl and this call \fBMUST\fP have a corresponding call to
+handle that you must use as input to other functions in the easy
+interface. This call \fBMUST\fP have a corresponding call to
 \fIcurl_easy_cleanup(3)\fP when the operation is complete.

-If you did not already call \fIcurl_global_init(3)\fP,
-\fIcurl_easy_init(3)\fP does it automatically.
-This may be lethal in multi-threaded cases, since \fIcurl_global_init(3)\fP is
-not thread-safe, and it may result in resource problems because there is
-no corresponding cleanup.
-
-You are strongly advised to not allow this automatic behaviour, by
-calling \fIcurl_global_init(3)\fP yourself properly.
-See the description in \fBlibcurl\fP(3) of global environment
-requirements for details of how to use this function.
+If you did not already call \fIcurl_global_init(3)\fP, \fIcurl_easy_init(3)\fP
+does it automatically.  This may be lethal in multi-threaded cases, since
+\fIcurl_global_init(3)\fP is not thread-safe, and it may result in resource
+problems because there is no corresponding cleanup.

+You are strongly advised to not allow this automatic behaviour, by calling
+\fIcurl_global_init(3)\fP yourself properly.  See the description in
+\fBlibcurl\fP(3) of global environment requirements for details of how to use
+this function.
 .SH RETURN VALUE
 If this function returns NULL, something went wrong and you cannot use the
 other curl functions.
--- a/docs/libcurl/curl_easy_pause.3
+++ b/docs/libcurl/curl_easy_pause.3
@@ -40,9 +40,8 @@ the writing is later unpaused.

 While it may feel tempting, take care and notice that you cannot call this
 function from another thread. To unpause, you may for example call it from the
-progress callback (see \fIcurl_easy_setopt(3)\fP's
-\fICURLOPT_PROGRESSFUNCTION(3)\fP), which gets called at least once per
-second, even if the connection is paused.
+progress callback (\fICURLOPT_PROGRESSFUNCTION(3)\fP), which gets called at
+least once per second, even if the connection is paused.

 When this function is called to unpause reading, the chance is high that you
 will get your write callback called before this function returns.
--- a/docs/libcurl/curl_easy_reset.3
+++ b/docs/libcurl/curl_easy_reset.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -39,5 +39,6 @@ This function was added in libcurl 7.12.1
 .SH RETURN VALUE
 Nothing
 .SH "SEE ALSO"
-.BR curl_easy_init "(3)," curl_easy_cleanup "(3)," curl_easy_setopt "(3)
+.BR curl_easy_init "(3)," curl_easy_cleanup "(3)," curl_easy_setopt "(3),"
+.BR curl_easy_duphandle "(3)"

--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -28,14 +28,14 @@ curl_easy_setopt \- set options for a curl easy handle

 CURLcode curl_easy_setopt(CURL *handle, CURLoption option, parameter);
 .SH DESCRIPTION
-curl_easy_setopt() is used to tell libcurl how to behave. By using the
-appropriate options to \fIcurl_easy_setopt\fP, you can change libcurl's
-behavior.  All options are set with the \fIoption\fP followed by a
-\fIparameter\fP. That parameter can be a \fBlong\fP, a \fBfunction pointer\fP,
-an \fBobject pointer\fP or a \fBcurl_off_t\fP, depending on what the specific
-option expects. Read this manual carefully as bad input values may cause
-libcurl to behave badly!  You can only set one option in each function call. A
-typical application uses many curl_easy_setopt() calls in the setup phase.
+\fIcurl_easy_setopt(3)\fP is used to tell libcurl how to behave. By setting
+the appropriate options, the application can change libcurl's behavior.  All
+options are set with an \fIoption\fP followed by a \fIparameter\fP. That
+parameter can be a \fBlong\fP, a \fBfunction pointer\fP, an \fBobject
+pointer\fP or a \fBcurl_off_t\fP, depending on what the specific option
+expects. Read this manual carefully as bad input values may cause libcurl to
+behave badly!  You can only set one option in each function call. A typical
+application uses many \fIcurl_easy_setopt(3)\fP calls in the setup phase.

 Options set with this function call are valid for all forthcoming transfers
 performed using this \fIhandle\fP.  The options are not in any way reset
@@ -45,8 +45,8 @@ options back to internal default with \fIcurl_easy_reset(3)\fP.

 Strings passed to libcurl as 'char *' arguments, are copied by the library;
 thus the string storage associated to the pointer argument may be overwritten
-after curl_easy_setopt() returns. The only exception to this rule is really
-\fICURLOPT_POSTFIELDS(3)\fP, but the alternative that copies the string
+after \fIcurl_easy_setopt(3)\fP returns. The only exception to this rule is
+really \fICURLOPT_POSTFIELDS(3)\fP, but the alternative that copies the string
 \fICURLOPT_COPYPOSTFIELDS(3)\fP has some usage characteristics you need to
 read up on.

@@ -78,7 +78,7 @@ Data pointer to pass to the read callback. See \fICURLOPT_READDATA(3)\fP
 .IP CURLOPT_IOCTLFUNCTION
 Callback for I/O operations. See \fICURLOPT_IOCTLFUNCTION(3)\fP
 .IP CURLOPT_IOCTLDATA
-Data pointer to pass to the i/o callback. See \fICURLOPT_IOCTLDATA(3)\fP
+Data pointer to pass to the I/O callback. See \fICURLOPT_IOCTLDATA(3)\fP
 .IP CURLOPT_SEEKFUNCTION
 Callback for seek operations. See \fICURLOPT_SEEKFUNCTION(3)\fP
 .IP CURLOPT_SEEKDATA
@@ -112,9 +112,9 @@ Callback for debug information. See \fICURLOPT_DEBUGFUNCTION(3)\fP
 .IP CURLOPT_DEBUGDATA
 Data pointer to pass to the debug callback. See \fICURLOPT_DEBUGDATA(3)\fP
 .IP CURLOPT_SSL_CTX_FUNCTION
-Callback for SSL CTX logic. See \fICURLOPT_SSL_CTX_FUNCTION(3)\fP
+Callback for SSL context logic. See \fICURLOPT_SSL_CTX_FUNCTION(3)\fP
 .IP CURLOPT_SSL_CTX_DATA
-Data pointer to pass to the ssl context callback. See \fICURLOPT_SSL_CTX_DATA(3)\fP
+Data pointer to pass to the SSL context callback. See \fICURLOPT_SSL_CTX_DATA(3)\fP
 .IP CURLOPT_CONV_TO_NETWORK_FUNCTION
 Callback for code base conversion. See \fICURLOPT_CONV_TO_NETWORK_FUNCTION(3)\fP
 .IP CURLOPT_CONV_FROM_NETWORK_FUNCTION
@@ -124,7 +124,7 @@ Callback for code base conversion. See \fICURLOPT_CONV_FROM_UTF8_FUNCTION(3)\fP
 .IP CURLOPT_INTERLEAVEFUNCTION
 Callback for RTSP interleaved data. See \fICURLOPT_INTERLEAVEFUNCTION(3)\fP
 .IP CURLOPT_INTERLEAVEDATA
-Data pointer to pass to the interleave callback. See \fICURLOPT_INTERLEAVEDATA(3)\fP
+Data pointer to pass to the RTSP interleave callback. See \fICURLOPT_INTERLEAVEDATA(3)\fP
 .IP CURLOPT_CHUNK_BGN_FUNCTION
 Callback for wildcard download start of chunk. See \fICURLOPT_CHUNK_BGN_FUNCTION(3)\fP
 .IP CURLOPT_CHUNK_END_FUNCTION
@@ -134,7 +134,7 @@ Data pointer to pass to the chunk callbacks. See \fICURLOPT_CHUNK_DATA(3)\fP
 .IP CURLOPT_FNMATCH_FUNCTION
 Callback for wildcard matching. See \fICURLOPT_FNMATCH_FUNCTION(3)\fP
 .IP CURLOPT_FNMATCH_DATA
-Data pointer to pass to the fnmatch callback. See \fICURLOPT_FNMATCH_DATA(3)\fP
+Data pointer to pass to the wildcard matching callback. See \fICURLOPT_FNMATCH_DATA(3)\fP
 .SH ERROR OPTIONS
 .IP CURLOPT_ERRORBUFFER
 Error message buffer. See \fICURLOPT_ERRORBUFFER(3)\fP
@@ -160,9 +160,9 @@ Filter out hosts from proxy use. \fICURLOPT_NOPROXY(3)\fP
 .IP CURLOPT_HTTPPROXYTUNNEL
 Tunnel through the HTTP proxy. \fICURLOPT_HTTPPROXYTUNNEL(3)\fP
 .IP CURLOPT_SOCKS5_GSSAPI_SERVICE
-Socks5 gassapi service name. \fICURLOPT_SOCKS5_GSSAPI_SERVICE(3)\fP
+Socks5 GSSAPI service name. \fICURLOPT_SOCKS5_GSSAPI_SERVICE(3)\fP
 .IP CURLOPT_SOCKS5_GSSAPI_NEC
-Socks5 gssapi NEC mode. See \fICURLOPT_SOCKS5_GSSAPI_NEC(3)\fP
+Socks5 GSSAPI NEC mode. See \fICURLOPT_SOCKS5_GSSAPI_NEC(3)\fP
 .IP CURLOPT_INTERFACE
 Bind connection locally to this. See \fICURLOPT_INTERFACE(3)\fP
 .IP CURLOPT_LOCALPORT
@@ -193,11 +193,11 @@ Enable .netrc parsing. See \fICURLOPT_NETRC(3)\fP
 .IP CURLOPT_NETRC_FILE
 \&.netrc file name. See \fICURLOPT_NETRC_FILE(3)\fP
 .IP CURLOPT_USERPWD
-User and password. See \fICURLOPT_USERPWD(3)\fP
+User name and password. See \fICURLOPT_USERPWD(3)\fP
 .IP CURLOPT_PROXYUSERPWD
-Proxy user and password. See \fICURLOPT_PROXYUSERPWD(3)\fP
+Proxy user name and password. See \fICURLOPT_PROXYUSERPWD(3)\fP
 .IP CURLOPT_USERNAME
-Username. See \fICURLOPT_USERNAME(3)\fP
+User name. See \fICURLOPT_USERNAME(3)\fP
 .IP CURLOPT_PASSWORD
 Password. See \fICURLOPT_PASSWORD(3)\fP
 .IP CURLOPT_LOGIN_OPTIONS
@@ -217,7 +217,7 @@ HTTP proxy authentication methods. See \fICURLOPT_PROXYAUTH(3)\fP
 .IP CURLOPT_SASL_IR
 Enable SASL initial response. See \fICURLOPT_SASL_IR(3)\fP
 .IP CURLOPT_XOAUTH2_BEARER
-XOAuth2 bearer token. See \fICURLOPT_XOAUTH2_BEARER(3)\fP
+OAuth2 bearer token. See \fICURLOPT_XOAUTH2_BEARER(3)\fP
 .SH HTTP OPTIONS
 .IP CURLOPT_AUTOREFERER
 Automatically set Referer: header. See \fICURLOPT_AUTOREFERER(3)\fP
@@ -228,7 +228,7 @@ Request Transfer-Encoding. See \fICURLOPT_TRANSFER_ENCODING(3)\fP
 .IP CURLOPT_FOLLOWLOCATION
 Follow HTTP redirects. See \fICURLOPT_FOLLOWLOCATION(3)\fP
 .IP CURLOPT_UNRESTRICTED_AUTH
-Do not restrict auth to original host. \fICURLOPT_UNRESTRICTED_AUTH(3)\fP
+Do not restrict authentication to original host. \fICURLOPT_UNRESTRICTED_AUTH(3)\fP
 .IP CURLOPT_MAXREDIRS
 Maximum number of redirects to follow. See \fICURLOPT_MAXREDIRS(3)\fP
 .IP CURLOPT_POSTREDIR
@@ -300,8 +300,6 @@ Commands to run before transfer. See \fICURLOPT_QUOTE(3)\fP
 Commands to run after transfer. See \fICURLOPT_POSTQUOTE(3)\fP
 .IP CURLOPT_PREQUOTE
 Commands to run just before transfer. See \fICURLOPT_PREQUOTE(3)\fP
-.IP CURLOPT_DIRLISTONLY
-List only. See \fICURLOPT_DIRLISTONLY(3)\fP
 .IP CURLOPT_APPEND
 Append to remote file. See \fICURLOPT_APPEND(3)\fP
 .IP CURLOPT_FTP_USE_EPRT
@@ -311,7 +309,7 @@ Use EPSV. See \fICURLOPT_FTP_USE_EPSV(3)\fP
 .IP CURLOPT_FTP_USE_PRET
 Use PRET. See \fICURLOPT_FTP_USE_PRET(3)\fP
 .IP CURLOPT_FTP_CREATE_MISSING_DIRS
-Create missing dirs on the remote server. See \fICURLOPT_FTP_CREATE_MISSING_DIRS(3)\fP
+Create missing directories on the remote server. See \fICURLOPT_FTP_CREATE_MISSING_DIRS(3)\fP
 .IP CURLOPT_FTP_RESPONSE_TIMEOUT
 Timeout for FTP responses. See \fICURLOPT_FTP_RESPONSE_TIMEOUT(3)\fP
 .IP CURLOPT_FTP_ALTERNATIVE_TO_USER
@@ -356,6 +354,8 @@ Resume a transfer. See \fICURLOPT_RESUME_FROM_LARGE(3)\fP
 Custom request/method. See \fICURLOPT_CUSTOMREQUEST(3)\fP
 .IP CURLOPT_FILETIME
 Request file modification date and time. See \fICURLOPT_FILETIME(3)\fP
+.IP CURLOPT_DIRLISTONLY
+List only. See \fICURLOPT_DIRLISTONLY(3)\fP
 .IP CURLOPT_NOBODY
 Do not get the body contents. See \fICURLOPT_NOBODY(3)\fP
 .IP CURLOPT_INFILESIZE
@@ -382,11 +382,11 @@ Low speed limit to abort transfer. See \fICURLOPT_LOW_SPEED_LIMIT(3)\fP
 .IP CURLOPT_LOW_SPEED_TIME
 Time to be below the speed to trigger low speed abort. See \fICURLOPT_LOW_SPEED_TIME(3)\fP
 .IP CURLOPT_MAX_SEND_SPEED_LARGE
-Cap upload speed to this. See \fICURLOPT_MAX_SEND_SPEED_LARGE(3)\fP
+Cap the upload speed to this. See \fICURLOPT_MAX_SEND_SPEED_LARGE(3)\fP
 .IP CURLOPT_MAX_RECV_SPEED_LARGE
-Cap download speed to this. See \fICURLOPT_MAX_RECV_SPEED_LARGE(3)\fP
+Cap the download speed to this. See \fICURLOPT_MAX_RECV_SPEED_LARGE(3)\fP
 .IP CURLOPT_MAXCONNECTS
-Max number of connection is connection pool. See \fICURLOPT_MAXCONNECTS(3)\fP
+Maximum number of connections in the connection pool. See \fICURLOPT_MAXCONNECTS(3)\fP
 .IP CURLOPT_FRESH_CONNECT
 Use a new connection. \fICURLOPT_FRESH_CONNECT(3)\fP
 .IP CURLOPT_FORBID_REUSE
@@ -425,7 +425,7 @@ Client key password. See \fICURLOPT_KEYPASSWD(3)\fP
 .IP CURLOPT_SSL_ENABLE_ALPN
 Enable use of ALPN. See \fICURLOPT_SSL_ENABLE_ALPN(3)\fP
 .IP CURLOPT_SSL_ENABLE_NPN
-)Enable use of NPN. See \fICURLOPT_SSL_ENABLE_NPN(3)\fP
+Enable use of NPN. See \fICURLOPT_SSL_ENABLE_NPN(3)\fP
 .IP CURLOPT_SSLENGINE
 Use identifier with SSL engine. See \fICURLOPT_SSLENGINE(3)\fP
 .IP CURLOPT_SSLENGINE_DEFAULT
@@ -483,7 +483,7 @@ Share object to use. See \fICURLOPT_SHARE(3)\fP
 .IP CURLOPT_NEW_FILE_PERMS
 Mode for creating new remote files. See \fICURLOPT_NEW_FILE_PERMS(3)\fP
 .IP CURLOPT_NEW_DIRECTORY_PERMS
-Mode for creating new remote dirs. See \fICURLOPT_NEW_DIRECTORY_PERMS(3)\fP
+Mode for creating new remote directories. See \fICURLOPT_NEW_DIRECTORY_PERMS(3)\fP
 .SH TELNET OPTIONS
 .IP CURLOPT_TELNETOPTIONS
 TELNET options. See \fICURLOPT_TELNETOPTIONS(3)\fP
@@ -498,4 +498,5 @@ version, this function will return \fICURLE_UNKNOWN_OPTION\fP. If support for
 the option was disabled at compile-time, it will return
 \fICURLE_NOT_BUILT_IN\fP.
 .SH "SEE ALSO"
-.BR curl_easy_init "(3), " curl_easy_cleanup "(3), " curl_easy_reset "(3)"
+.BR curl_easy_init "(3), " curl_easy_cleanup "(3), " curl_easy_reset "(3), "
+.BR curl_multi_setopt "(3), "
--- a/docs/libcurl/curl_easy_strerror.3
+++ b/docs/libcurl/curl_easy_strerror.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -27,8 +27,11 @@ curl_easy_strerror - return string describing error code

 const char *curl_easy_strerror(CURLcode errornum);
 .SH DESCRIPTION
-The curl_easy_strerror() function returns a string describing the CURLcode
-error code passed in the argument \fIerrornum\fP.
+The \fIcurl_easy_strerror(3)\fP function returns a string describing the
+CURLcode error code passed in the argument \fIerrornum\fP.
+
+Typically applications also appreciate \fICURLOPT_ERRORBUFFER(3)\fP for more
+specific error descriptions generated at run-time.
 .SH AVAILABILITY
 This function was added in libcurl 7.12.0
 .SH RETURN VALUE
--- a/docs/libcurl/curl_free.3
+++ b/docs/libcurl/curl_free.3
@@ -29,7 +29,7 @@ curl_free - reclaim memory that has been obtained through a libcurl call
 .ad
 .SH DESCRIPTION
 curl_free reclaims memory that has been obtained through a libcurl call.  Use
-curl_free() instead of free() to avoid anomalies that can result from
+\fIcurl_free(3)\fP instead of free() to avoid anomalies that can result from
 differences in memory management between your application and libcurl.
 .SH "SEE ALSO"
-.BR curl_unescape "(3)"
+.BR curl_easy_unescape "(3), " curl_easy_escape "(3) "
--- a/docs/libcurl/curl_getdate.3
+++ b/docs/libcurl/curl_getdate.3
@@ -102,4 +102,7 @@ number).

 Having a 64 bit time_t is not a guarantee that dates beyond 03:14:07 UTC,
 January 19, 2038 will work fine. On systems with a 64 bit time_t but with a
-crippled mktime(), \fIcurl_getdate\fP will return -1 in this case.
+crippled mktime(), \fIcurl_getdate(3)\fP will return -1 in this case.
+.SH "SEE ALSO"
+.BR curl_easy_escape "(3), " curl_easy_unescape "(3), "
+.BR CURLOPT_TIMECONDITION "(3), " CURLOPT_TIMEVALUE "(3) "
--- a/docs/libcurl/curl_global_init.3
+++ b/docs/libcurl/curl_global_init.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -46,11 +46,11 @@ libcurl.
 \fBThis function is not thread safe.\fP You must not call it when any other
 thread in the program (i.e. a thread sharing the same memory) is running.
 This doesn't just mean no other thread that is using libcurl.  Because
-\fIcurl_global_init()\fP calls functions of other libraries that are similarly
-thread unsafe, it could conflict with any other thread that uses these other
-libraries.
+\fIcurl_global_init(3)\fP calls functions of other libraries that are
+similarly thread unsafe, it could conflict with any other thread that uses
+these other libraries.

-See the description in \fBlibcurl\fP(3) of global environment requirements for
+See the description in \fBlibcurl(3)\fP of global environment requirements for
 details of how to use this function.

 .SH FLAGS
@@ -74,7 +74,8 @@ the functionality of the \fBCURL_GLOBAL_ALL\fP mask.
 .TP
 .B CURL_GLOBAL_ACK_EINTR
 When this flag is set, curl will acknowledge EINTR condition when connecting
-or when waiting for data.  Otherwise, curl waits until full timeout elapses.
+or when waiting for data.  Otherwise, curl waits until full timeout
+elapses. (Added in 7.30.0)
 .SH RETURN VALUE
 If this function returns non-zero, something went wrong and you cannot use the
 other curl functions.
--- a/docs/libcurl/curl_multi_add_handle.3
+++ b/docs/libcurl/curl_multi_add_handle.3
@@ -29,30 +29,35 @@ CURLMcode curl_multi_add_handle(CURLM *multi_handle, CURL *easy_handle);
 .ad
 .SH DESCRIPTION
 Adds a standard easy handle to the multi stack. This function call will make
-this \fImulti_handle\fP control the specified \fIeasy_handle\fP.  Furthermore,
-libcurl now initiates the connection associated with the specified
-\fIeasy_handle\fP.
+this \fImulti_handle\fP control the specified \fIeasy_handle\fP.

 While an easy handle is added to a multi stack, you can not and you must not
-use \fIcurl_easy_perform(3)\fP on that handle. After having removed the handle
-from the multi stack again, it is perfectly fine to use it with the easy
-interface again.
+use \fIcurl_easy_perform(3)\fP on that handle. After having removed the easy
+handle from the multi stack again, it is perfectly fine to use it with the
+easy interface again.

 If the easy handle is not set to use a shared (\fICURLOPT_SHARE(3)\fP) or
 global DNS cache (\fICURLOPT_DNS_USE_GLOBAL_CACHE(3)\fP), it will be made to
 use the DNS cache that is shared between all easy handles within the multi
 handle when \fIcurl_multi_add_handle(3)\fP is called.

+When an easy interface is added to a multi handle, it will use a shared
+connection cache owned by the multi handle. Removing and adding new easy
+handles will not affect the pool of connections or the ability to do
+connection re-use.
+
 If you have CURLMOPT_TIMERFUNCTION set in the multi handle (and you really
 should if you're working event-based with \fIcurl_multi_socket_action(3)\fP
 and friends), that callback will be called from within this function to ask
 for an updated timer so that your main event loop will get the activity on
 this handle to get started.

-The easy handle will remain added until you remove it again with
-\fIcurl_multi_remove_handle(3)\fP. You should remove the easy handle from the
-multi stack before you terminate first the easy handle and then the multi
-handle:
+The easy handle will remain added to the multi handle until you remove it
+again with \fIcurl_multi_remove_handle(3)\fP - even when a transfer with that
+specific easy handle is completed.
+
+You should remove the easy handle from the multi stack before you terminate
+first the easy handle and then the multi handle:

 1 - \fIcurl_multi_remove_handle(3)\fP

@@ -62,4 +67,5 @@ handle:
 .SH RETURN VALUE
 CURLMcode type, general libcurl multi interface error code.
 .SH "SEE ALSO"
-.BR curl_multi_cleanup "(3)," curl_multi_init "(3)"
+.BR curl_multi_cleanup "(3)," curl_multi_init "(3), "
+.BR curl_multi_setopt "(3), " curl_multi_socket_action "(3) "
--- a/docs/libcurl/curl_multi_assign.3
+++ b/docs/libcurl/curl_multi_assign.3
@@ -21,7 +21,7 @@
 .\" **************************************************************************
 .TH curl_multi_assign 3 "9 Jul 2006" "libcurl 7.16.0" "libcurl Manual"
 .SH NAME
-curl_multi_assign \- set data to association with an internal socket
+curl_multi_assign \- set data to associate with an internal socket
 .SH SYNOPSIS
 #include <curl/curl.h>

@@ -30,7 +30,7 @@ CURLMcode curl_multi_assign(CURLM *multi_handle, curl_socket_t sockfd,
 .SH DESCRIPTION
 This function creates an association in the multi handle between the given
 socket and a private pointer of the application. This is designed for
-\fIcurl_multi_socket(3)\fP uses.
+\fIcurl_multi_socket_action(3)\fP uses.

 When set, the \fIsockptr\fP pointer will be passed to all future socket
 callbacks for the specific \fIsockfd\fP socket.
--- a/docs/libcurl/curl_multi_fdset.3
+++ b/docs/libcurl/curl_multi_fdset.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -37,22 +37,34 @@ This function extracts file descriptor information from a given multi_handle.
 libcurl returns its fd_set sets. The application can use these to select() on,
 but be sure to FD_ZERO them before calling this function as
 \fIcurl_multi_fdset(3)\fP only adds its own descriptors, it doesn't zero or
-otherwise remove any others. The \fIcurl_multi_perform(3)\fP function should be
-called as soon as one of them is ready to be read from or written to.
+otherwise remove any others. The \fIcurl_multi_perform(3)\fP function should
+be called as soon as one of them is ready to be read from or written to.
+
+If the \fIread_fd_set\fP argument is not a null pointer, it points to an
+object of type fd_set that on returns specifies the file descriptors to be
+checked for being ready to read.
+
+If the \fIwrite_fd_set\fP argument is not a null pointer, it points to an
+object of type fd_set that on return specifies the file descriptors to be
+checked for being ready to write.
+
+If the \fIexc_fd_set\fP argument is not a null pointer, it points to an object
+of type fd_set that on return specifies the file descriptors to be checked for
+error conditions pending.

 If no file descriptors are set by libcurl, \fImax_fd\fP will contain -1 when
-this function returns. Otherwise it will contain the higher descriptor number
+this function returns. Otherwise it will contain the highest descriptor number
 libcurl set. When libcurl returns -1 in \fImax_fd\fP, it is because libcurl
 currently does something that isn't possible for your application to monitor
 with a socket and unfortunately you can then not know exactly when the current
-action is completed using select(). When max_fd returns with -1, you need to
-wait a while and then proceed and call \fIcurl_multi_perform\fP anyway. How
-long to wait? I would suggest 100 milliseconds at least, but you may want to
-test it out in your own particular conditions to find a suitable value.
+action is completed using select(). You then need to wait a while before you
+proceed and call \fIcurl_multi_perform(3)\fP anyway. How long to wait? We
+suggest 100 milliseconds at least, but you may want to test it out in your own
+particular conditions to find a suitable value.

 When doing select(), you should use \fBcurl_multi_timeout\fP to figure out how
-long to wait for action. Call \fIcurl_multi_perform\fP even if no activity has
-been seen on the fd_sets after the timeout expires as otherwise internal
+long to wait for action. Call \fIcurl_multi_perform(3)\fP even if no activity
+has been seen on the fd_sets after the timeout expires as otherwise internal
 retries and timeouts may not work as you'd think and want.

 If one of the sockets used by libcurl happens to be larger than what can be
@@ -67,4 +79,4 @@ CURLMcode type, general libcurl multi interface error code. See
 \fIlibcurl-errors(3)\fP
 .SH "SEE ALSO"
 .BR curl_multi_cleanup "(3), " curl_multi_init "(3), "
-.BR curl_multi_timeout "(3), " curl_multi_perform "(3) "
+.BR curl_multi_timeout "(3), " curl_multi_perform "(3), " select "(2) "
--- a/docs/libcurl/curl_multi_perform.3
+++ b/docs/libcurl/curl_multi_perform.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -34,7 +34,7 @@ in an non-blocking fashion.
 When an application has found out there's data available for the multi_handle
 or a timeout has elapsed, the application should call this function to
 read/write whatever there is to read or write right now etc.
-curl_multi_perform() returns as soon as the reads/writes are done. This
+\fIcurl_multi_perform(3)\fP returns as soon as the reads/writes are done. This
 function does not require that there actually is any data available for
 reading or that data can be written, it can be called just in case. It will
 write the number of handles that still transfer data in the second argument's
@@ -53,7 +53,7 @@ there is no longer any transfers in progress.
 CURLMcode type, general libcurl multi interface error code.

 Before version 7.20.0: If you receive \fICURLM_CALL_MULTI_PERFORM\fP, this
-basically means that you should call \fIcurl_multi_perform\fP again, before
+basically means that you should call \fIcurl_multi_perform(3)\fP again, before
 you select() on more actions. You don't have to do it immediately, but the
 return code means that libcurl may have more data available to return or that
 there may be more data to send off before it is "satisfied". Do note that
--- a/docs/libcurl/curl_multi_remove_handle.3
+++ b/docs/libcurl/curl_multi_remove_handle.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -28,16 +28,17 @@ curl_multi_remove_handle - remove an easy handle from a multi session
 CURLMcode curl_multi_remove_handle(CURLM *multi_handle, CURL *easy_handle);
 .ad
 .SH DESCRIPTION
-Removes a given easy_handle from the multi_handle. This will make the
-specified easy handle be removed from this multi handle's control.
+Removes a given \fIeasy_handle\fI from the \fImulti_handle\fI. This will make
+the specified easy handle be removed from this multi handle's control.

 When the easy handle has been removed from a multi stack, it is again
-perfectly legal to invoke \fIcurl_easy_perform()\fP on this easy handle.
+perfectly legal to invoke \fIcurl_easy_perform(3)\fP on this easy handle.

-Removing an easy handle while being used, will effectively halt the transfer
-in progress involving that easy handle. All other easy handles and transfers
-will remain unaffected.
+Removing an easy handle while being used is perfectly legal and will
+effectively halt the transfer in progress involving that easy handle. All
+other easy handles and transfers will remain unaffected.
 .SH RETURN VALUE
 CURLMcode type, general libcurl multi interface error code.
 .SH "SEE ALSO"
-.BR curl_multi_cleanup "(3)," curl_multi_init "(3)"
+.BR curl_multi_cleanup "(3)," curl_multi_init "(3), "
+.BR curl_multi_add_handle "(3) "
--- a/docs/libcurl/curl_multi_setopt.3
+++ b/docs/libcurl/curl_multi_setopt.3
@@ -19,7 +19,7 @@
 .\" * KIND, either express or implied.
 .\" *
 .\" **************************************************************************
-.TH curl_multi_setopt 3 "10 Oct 2006" "libcurl 7.16.0" "libcurl Manual"
+.TH curl_multi_setopt 3 "4 Nov 2014" "libcurl 7.39.0" "libcurl Manual"
 .SH NAME
 curl_multi_setopt \- set options for a curl multi handle
 .SH SYNOPSIS
@@ -27,183 +27,40 @@ curl_multi_setopt \- set options for a curl multi handle

 CURLMcode curl_multi_setopt(CURLM * multi_handle, CURLMoption option, param);
 .SH DESCRIPTION
-curl_multi_setopt() is used to tell a libcurl multi handle how to behave. By
-using the appropriate options to \fIcurl_multi_setopt(3)\fP, you can change
-libcurl's behaviour when using that multi handle.  All options are set with
-the \fIoption\fP followed by the parameter \fIparam\fP. That parameter can be
-a \fBlong\fP, a \fBfunction pointer\fP, an \fBobject pointer\fP or a
-\fBcurl_off_t\fP type, depending on what the specific option expects. Read
-this manual carefully as bad input values may cause libcurl to behave badly!
-You can only set one option in each function call.
+\fIcurl_multi_setopt(3)\fP is used to tell a libcurl multi handle how to
+behave. By using the appropriate options to \fIcurl_multi_setopt(3)\fP, you
+can change libcurl's behaviour when using that multi handle.  All options are
+set with the \fIoption\fP followed by the parameter \fIparam\fP. That
+parameter can be a \fBlong\fP, a \fBfunction pointer\fP, an \fBobject
+pointer\fP or a \fBcurl_off_t\fP type, depending on what the specific option
+expects. Read this manual carefully as bad input values may cause libcurl to
+behave badly!  You can only set one option in each function call.

 .SH OPTIONS
 .IP CURLMOPT_SOCKETFUNCTION
-Pass a pointer to a function matching the \fBcurl_socket_callback\fP
-prototype. The \fIcurl_multi_socket_action(3)\fP function informs the
-application about updates in the socket (file descriptor) status by doing
-none, one, or multiple calls to the curl_socket_callback given in the
-\fBparam\fP argument. They update the status with changes since the previous
-time a \fIcurl_multi_socket(3)\fP function was called. If the given callback
-pointer is NULL, no callback will be called. Set the callback's \fBuserp\fP
-argument with \fICURLMOPT_SOCKETDATA\fP.  See \fIcurl_multi_socket(3)\fP for
-more callback details.
+See \fICURLMOPT_SOCKETFUNCTION(3)\fP
 .IP CURLMOPT_SOCKETDATA
-Pass a pointer to whatever you want passed to the \fBcurl_socket_callback\fP's
-fourth argument, the userp pointer. This is not used by libcurl but only
-passed-thru as-is. Set the callback pointer with
-\fICURLMOPT_SOCKETFUNCTION\fP.
+See \fICURLMOPT_SOCKETDATA(3)\fP
 .IP CURLMOPT_PIPELINING
-Pass a long set to 1 to enable or 0 to disable. Enabling pipelining on a multi
-handle will make it attempt to perform HTTP Pipelining as far as possible for
-transfers using this handle. This means that if you add a second request that
-can use an already existing connection, the second request will be \&"piped"
-on the same connection rather than being executed in parallel. (Added in
-7.16.0)
+See \fICURLMOPT_PIPELINING(3)\fP
 .IP CURLMOPT_TIMERFUNCTION
-Pass a pointer to a function matching the \fBcurl_multi_timer_callback\fP
-prototype: int curl_multi_timer_callback(CURLM *multi /* multi handle */,
-long timeout_ms /* timeout in milliseconds */, void *userp /* TIMERDATA */).
-This function will then be called when the timeout value
-changes. The timeout value is at what latest time the application should call
-one of the \&"performing" functions of the multi interface
-(\fIcurl_multi_socket_action(3)\fP and \fIcurl_multi_perform(3)\fP) - to allow
-libcurl to keep timeouts and retries etc to work. A timeout value of -1 means
-that there is no timeout at all, and 0 means that the timeout is already
-reached. Libcurl attempts to limit calling this only when the fixed future
-timeout time actually changes. See also \fICURLMOPT_TIMERDATA\fP. The callback
-should return 0 on success, and -1 on error. This
-callback can be used instead of, or in addition to,
-\fIcurl_multi_timeout(3)\fP. (Added in 7.16.0)
+See \fICURLMOPT_TIMERFUNCTION(3)\fP
 .IP CURLMOPT_TIMERDATA
-Pass a pointer to whatever you want passed to the
-\fBcurl_multi_timer_callback\fP's third argument, the userp pointer.  This is
-not used by libcurl but only passed-thru as-is. Set the callback pointer with
-\fICURLMOPT_TIMERFUNCTION\fP. (Added in 7.16.0)
-.IP CURLMOPT_MAXCONNECTS
-Pass a long. The set number will be used as the maximum amount of
-simultaneously open connections that libcurl may keep in its connection cache
-after completed use. By default libcurl will enlarge the size for each added
-easy handle to make it fit 4 times the number of added easy handles.
-
-By setting this option, you can prevent the cache size from growing beyond the
-limit set by you.
-
-When the cache is full, curl closes the oldest one in the cache to prevent the
-number of open connections from increasing.
-
-This option is for the multi handle's use only, when using the easy interface
-you should instead use the \fICURLOPT_MAXCONNECTS(3)\fP option.
-
-See \fICURLMOPT_MAX_TOTAL_CONNECTIONS\fP for limiting the number of active
-connections.
-
-(Added in 7.16.3)
+See \fICURLMOPT_TIMERDATA(3)\fP
 .IP CURLMOPT_MAX_HOST_CONNECTIONS
-Pass a long. The set number will be used as the maximum amount of
-simultaneously open connections to a single host. For each new session to
-a host, libcurl will open a new connection up to the limit set by
-CURLMOPT_MAX_HOST_CONNECTIONS. When the limit is reached, the sessions will
-be pending until there are available connections. If CURLMOPT_PIPELINING is
-1, libcurl will try to pipeline if the host is capable of it.
-
-The default value is 0, which means that there is no limit.
-However, for backwards compatibility, setting it to 0 when CURLMOPT_PIPELINING
-is 1 will not be treated as unlimited. Instead it will open only 1 connection
-and try to pipeline on it.
-
-(Added in 7.30.0)
+See \fICURLMOPT_MAX_HOST_CONNECTIONS(3)\fP
 .IP CURLMOPT_MAX_PIPELINE_LENGTH
-Pass a long. The set number will be used as the maximum amount of requests
-in a pipelined connection. When this limit is reached, libcurl will use another
-connection to the same host (see CURLMOPT_MAX_HOST_CONNECTIONS), or queue the
-requests until one of the pipelines to the host is ready to accept a request.
-Thus, the total number of requests in-flight is CURLMOPT_MAX_HOST_CONNECTIONS *
-CURLMOPT_MAX_PIPELINE_LENGTH.
-The default value is 5.
-
-(Added in 7.30.0)
+See \fICURLMOPT_MAX_PIPELINE_LENGTH(3)\fP
 .IP CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE
-Pass a long. If a pipelined connection is currently processing a request
-with a Content-Length larger than CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE, that
-connection will not be considered for additional requests, even if it is
-shorter than CURLMOPT_MAX_PIPELINE_LENGTH.
-The default value is 0, which means that the penalization is inactive.
-
-(Added in 7.30.0)
+See \fICURLMOPT_CONTENT_LENGTH_PENALTY_SIZE(3)\fP
 .IP CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE
-Pass a long. If a pipelined connection is currently processing a
-chunked (Transfer-encoding: chunked) request with a current chunk length
-larger than CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE, that connection will not be
-considered for additional requests, even if it is shorter than
-CURLMOPT_MAX_PIPELINE_LENGTH.
-The default value is 0, which means that the penalization is inactive.
-
-(Added in 7.30.0)
+See \fICURLMOPT_CHUNK_LENGTH_PENALTY_SIZE(3)\fP
 .IP CURLMOPT_PIPELINING_SITE_BL
-Pass an array of char *, ending with NULL. This is a list of sites that are
-blacklisted from pipelining, i.e sites that are known to not support HTTP
-pipelining. The array is copied by libcurl.
-
-The default value is NULL, which means that there is no blacklist.
-
-Pass a NULL pointer to clear the blacklist.
-
-Example:
-
-.nf
-  site_blacklist[] =
-  {
-    "www.haxx.se",
-    "www.example.com:1234",
-    NULL
-  };
-
-  curl_multi_setopt(m, CURLMOPT_PIPELINE_SITE_BL, site_blacklist);
-.fi
-
-(Added in 7.30.0)
+See \fICURLMOPT_PIPELINING_SITE_BL(3)\fP
 .IP CURLMOPT_PIPELINING_SERVER_BL
-Pass an array of char *, ending with NULL. This is a list of server types
-prefixes (in the Server: HTTP header) that are blacklisted from pipelining,
-i.e server types that are known to not support HTTP pipelining. The array is
-copied by libcurl.
-
-Note that the comparison matches if the Server: header begins with the string
-in the blacklist, i.e "Server: Ninja 1.2.3" and "Server: Ninja 1.4.0" can 
-both be blacklisted by having "Ninja" in the backlist.
-
-The default value is NULL, which means that there is no blacklist.
-
-Pass a NULL pointer to clear the blacklist.
-
-Example:
-
-.nf
-  server_blacklist[] =
-  {
-    "Microsoft-IIS/6.0",
-    "nginx/0.8.54",
-    NULL
-  };
-
-  curl_multi_setopt(m, CURLMOPT_PIPELINE_SERVER_BL, server_blacklist);
-.fi
-
-(Added in 7.30.0)
+See \fICURLMOPT_PIPELINING_SERVER_BL(3)\fP
 .IP CURLMOPT_MAX_TOTAL_CONNECTIONS
-Pass a long. The set number will be used as the maximum amount of
-simultaneously open connections in total. For each new session, libcurl
-will open a new connection up to the limit set by
-CURLMOPT_MAX_TOTAL_CONNECTIONS. When the limit is reached, the sessions will
-be pending until there are available connections. If CURLMOPT_PIPELINING is
-1, libcurl will try to pipeline if the host is capable of it.
-
-The default value is 0, which means that there is no limit.
-However, for backwards compatibility, setting it to 0 when CURLMOPT_PIPELINING
-is 1 will not be treated as unlimited. Instead it will open only 1 connection
-and try to pipeline on it.
-
-(Added in 7.30.0)
+See \fICURLMOPT_MAX_TOTAL_CONNECTIONS(3)\fP
 .SH RETURNS
 The standard CURLMcode for multi interface error codes. Note that it returns a
 CURLM_UNKNOWN_OPTION if you try setting an option that this version of libcurl
--- a/docs/libcurl/curl_version_info.3
+++ b/docs/libcurl/curl_version_info.3
@@ -124,9 +124,9 @@ libcurl was built with support for IDNA, domain names with international
 letters. (Added in 7.12.0)
 .IP CURL_VERSION_SSPI
 libcurl was built with support for SSPI. This is only available on Windows and
-makes libcurl use Windows-provided functions for NTLM, SPNEGO and SASL DIGEST-MD5
-authentication. It also allows libcurl to use the current user credentials without
-the app having to pass them on. (Added in 7.13.2)
+makes libcurl use Windows-provided functions for Kerberos, NTLM, SPNEGO and
+SASL DIGEST-MD5 authentication. It also allows libcurl to use the current user
+credentials without the app having to pass them on. (Added in 7.13.2)
 .IP CURL_VERSION_GSSAPI
 libcurl was built with support for GSS-API. This makes libcurl use provided
 functions for Kerberos and SPNEGO authentication. It also allows libcurl
--- a/docs/libcurl/libcurl-easy.3
+++ b/docs/libcurl/libcurl-easy.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -19,7 +19,7 @@
 .\" * KIND, either express or implied.
 .\" *
 .\" **************************************************************************
-.TH libcurl 3 "12 Aug 2003" "libcurl 7.10.7" "libcurl easy interface"
+.TH libcurl 3 "19 Sep 2014" "libcurl" "libcurl easy interface"
 .SH NAME
 libcurl-easy \- easy interface overview
 .SH DESCRIPTION
@@ -33,6 +33,17 @@ without a specified URL as you may have figured out yourself). You might want
 to set some callbacks as well that will be called from the library when data
 is available etc. \fIcurl_easy_setopt(3)\fP is used for all this.

+\fICURLOPT_URL(3)\fP is only option you really must set, as otherwise there
+can be no transfer. Another commonly used option is \fICURLOPT_VERBOSE(3)\fP
+that will help you see what libcurl is doing under the hood, very useful when
+debugging for example. The \fIcurl_easy_setopt(3)\fP man page has a full index
+of the over 200 available options.
+
+If you at any point would like to blank all previously set options for a
+single easy handle, you can call \fIcurl_easy_reset(3)\fP and you can also
+make a clone of an easy handle (with all its set options) using
+\fIcurl_easy_duphandle(3)\fP.
+
 When all is setup, you tell libcurl to perform the transfer using
 \fIcurl_easy_perform(3)\fP.  It will then do the entire operation and won't
 return until it is done (successfully or not).
@@ -42,4 +53,6 @@ transfer, or if you're done, cleanup the session by calling
 \fIcurl_easy_cleanup(3)\fP. If you want persistent connections, you don't
 cleanup immediately, but instead run ahead and perform other transfers using
 the same easy handle.
-
+.SH "SEE ALSO"
+.BR curl_easy_init "(3)," curl_easy_cleanup "(3)," curl_easy_setopt "(3), "
+.BR libcurl-errors "(3), " libcurl-multi "(3), " libcurl "(3) "
--- a/docs/libcurl/libcurl-errors.3
+++ b/docs/libcurl/libcurl-errors.3
@@ -297,3 +297,7 @@ Not enough memory was available.
 .IP "CURLSHE_NOT_BUILT_IN (5)"
 The requested sharing could not be done because the library you use don't have
 that particular feature enabled. (Added in 7.23.0)
+.SH "SEE ALSO"
+.BR curl_easy_strerror "(3), " curl_multi_strerror "(3), "
+.BR curl_share_strerror "(3), " CURLOPT_ERRORBUFFER "(3), "
+.BR CURLOPT_VERBOSE "(3), " CURLOPT_DEBUGFUNCTION "(3) "
--- a/docs/libcurl/libcurl-multi.3
+++ b/docs/libcurl/libcurl-multi.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -20,7 +20,7 @@
 .\" *
 .\" **************************************************************************
 .\"
-.TH libcurl-multi 3 "3 Feb 2007" "libcurl 7.16.0" "libcurl multi interface"
+.TH libcurl-multi 3 "19 Sep 2014" "libcurl" "libcurl multi interface"
 .SH NAME
 libcurl-multi \- how to use the multi interface
 .SH DESCRIPTION
@@ -43,18 +43,28 @@ complicated for the application.

 3. Enable the application to wait for action on its own file descriptors and
 curl's file descriptors simultaneous easily.
+
+4. Enable event-based handling and scaling transfers up to and beyond
+thousands of parallel connections.
 .SH "ONE MULTI HANDLE MANY EASY HANDLES"
 To use the multi interface, you must first create a 'multi handle' with
 \fIcurl_multi_init(3)\fP. This handle is then used as input to all further
 curl_multi_* functions.

-Each single transfer is built up with an easy handle. You must create them,
-and setup the appropriate options for each easy handle, as outlined in the
-\fIlibcurl(3)\fP man page, using \fIcurl_easy_setopt(3)\fP.
+With a multi handle and the multi interface you can do any amount of
+simultaneous transfers in parallel. Each single transfer is built up around an
+easy handle. You must create the easy handles you need, and setup the
+appropriate options for each easy handle, as outlined in the \fIlibcurl(3)\fP
+man page, using \fIcurl_easy_setopt(3)\fP.

-When the easy handle is setup for a transfer, then instead of using
-\fIcurl_easy_perform(3)\fP (as when using the easy interface for transfers),
-you should instead add the easy handle to the multi handle using
+There are two flavours of the multi interface, the select() oriented one and
+the event based one we called multi_socket. You will benefit from reading
+through the description of both versions to full understand how they work and
+differentiate. We start out with the select() oriented version.
+
+When an easy handle is setup for a transfer, then instead of using
+\fIcurl_easy_perform(3)\fP like when using the easy interface for transfers,
+you should add the easy handle to the multi handle with
 \fIcurl_multi_add_handle(3)\fP. The multi handle is sometimes referred to as a
 \'multi stack\' because of the fact that it may hold a large amount of easy
 handles.
@@ -71,7 +81,8 @@ application drive. You drive the transfers by invoking
 anything available to transfer. It'll use the callbacks and everything else
 you have setup in the individual easy handles. It'll transfer data on all
 current transfers in the multi stack that are ready to transfer anything. It
-may be all, it may be none.
+may be all, it may be none. When there's nothing more to do for now, it
+returns back to the calling application.

 Your application can acquire knowledge from libcurl when it would like to get
 invoked to transfer data, so that you don't have to busy-loop and call that
@@ -80,7 +91,9 @@ interface using which you can extract fd_sets from libcurl to use in select()
 or poll() calls in order to get to know when the transfers in the multi stack
 might need attention. This also makes it very easy for your program to wait
 for input on your own private file descriptors at the same time or perhaps
-timeout every now and then, should you want that.
+timeout every now and then, should you want that. \fIcurl_multi_timeout(3)\fP
+also helps you with providing a suitable timeout period for your select()
+call.

 \fIcurl_multi_perform(3)\fP stores the number of still running transfers in
 one of its input arguments, and by reading that you can figure out when all
@@ -121,21 +134,39 @@ using large numbers of simultaneous connections.
 When using this API, you add easy handles to the multi handle just as with the
 normal multi interface. Then you also set two callbacks with the
 CURLMOPT_SOCKETFUNCTION and CURLMOPT_TIMERFUNCTION options to
-\fIcurl_multi_setopt(3)\fP.
+\fIcurl_multi_setopt(3)\fP. They are two callback functions that libcurl will
+call with information about what sockets to wait for, and for what activity,
+and what the curret timeout time is - if that expires libcurl should be
+notified.

-The API is then designed to inform your application about which sockets
-libcurl is currently using and for what activities (read and/or write) on
-those sockets your application is expected to wait for.
+The multi_socket API is designed to inform your application about which
+sockets libcurl is currently using and for what activities (read and/or write)
+on those sockets your application is expected to wait for.

-Your application must then make sure to receive all sockets informed about in
-the CURLMOPT_SOCKETFUNCTION callback and make sure it reacts on the given
-activity on them. When a socket has the given activity, you call
+Your application must make sure to receive all sockets informed about in the
+CURLMOPT_SOCKETFUNCTION callback and make sure it reacts on the given activity
+on them. When a socket has the given activity, you call
 \fIcurl_multi_socket_action(3)\fP specifying which socket and action there
 are.

 The CURLMOPT_TIMERFUNCTION callback is called to set a timeout. When that
 timeout expires, your application should call the
 \fIcurl_multi_socket_action(3)\fP function saying it was due to a timeout.
+
+This API is typically used with an event-driven underlying functionality (like
+libevent, libev, kqueue, epoll or similar) which which the application
+"subscribes" on socket changes. This allows applications and libcurl to much
+better scale upward and beyond thousands of simultaneous transfers without
+losing performance.
+
+When you've added your initial set of handles, you call
+\fIcurl_multi_socket_action(3)\fP with CURL_SOCKET_TIMEOUT set in the sockfd
+argument, and you'll get callbacks call that sets you up and you then continue
+to call \fIcurl_multi_socket_action(3)\fP accordingly when you get activity on
+the sockets you've been asked to wait on, or if the timeout timer expires.
+
+You can poll \fIcurl_multi_info_read(3)\fP to see if any transfer has
+completed, as it then has a message saying so.
 .SH "BLOCKING"
 A few areas in the code are still using blocking code, even when used from the
 multi interface. While we certainly want and intend for these to get fixed in
@@ -149,3 +180,5 @@ the future, you should be aware of the following current restrictions:
 - file:// transfers
 - TELNET transfers
 .fi
+.SH "SEE ALSO"
+.BR libcurl-errors "(3), " libcurl-easy "(3), " libcurl "(3) "
--- a/docs/libcurl/libcurl-share.3
+++ b/docs/libcurl/libcurl-share.3
@@ -63,3 +63,4 @@ When you're done using the share, make sure that no easy handle is still using
 it, and call \fIcurl_share_cleanup(3)\fP on the handle.
 .SH "SEE ALSO"
 .BR curl_share_init "(3), " curl_share_setopt "(3), " curl_share_cleanup "(3)"
+.BR libcurl-errors "(3), " libcurl-easy "(3), " libcurl-multi "(3) "
--- a/docs/libcurl/libcurl-tutorial.3
+++ b/docs/libcurl/libcurl-tutorial.3
@@ -20,7 +20,7 @@
 .\" *
 .\" **************************************************************************
 .\"
-.TH libcurl-tutorial 3 "2 Aug 2014" "libcurl" "libcurl programming"
+.TH libcurl-tutorial 3 "19 Sep 2014" "libcurl" "libcurl programming"
 .SH NAME
 libcurl-tutorial \- libcurl programming tutorial
 .SH "Objective"
@@ -137,15 +137,17 @@ rather than at build-time (if possible of course). By calling
 struct, your program can figure out exactly what the currently running libcurl
 supports.

-.SH "Handle the Easy libcurl"
+.SH "Two Interfaces"
 libcurl first introduced the so called easy interface. All operations in the
-easy interface are prefixed with 'curl_easy'.
-
-Recent libcurl versions also offer the multi interface. More about that
-interface, what it is targeted for and how to use it is detailed in a separate
-chapter further down. You still need to understand the easy interface first,
-so please continue reading for better understanding.
+easy interface are prefixed with 'curl_easy'. The easy interface lets you do
+single transfers with a synchronous and blocking function call.

+libcurl also offers another interface that allows multiple simultaneous
+transfers in a single thread, the so called multi interface. More about that
+interface is detailed in a separate chapter further down. You still need to
+understand the easy interface first, so please continue reading for better
+understanding.
+.SH "Handle the Easy libcurl"
 To use the easy interface, you must first create yourself an easy handle. You
 need one handle for each easy session you want to perform. Basically, you
 should use one handle for every thread you plan to use for transferring. You
@@ -162,13 +164,18 @@ transfer or series of transfers.
 You set properties and options for this handle using
 \fIcurl_easy_setopt(3)\fP. They control how the subsequent transfer or
 transfers will be made. Options remain set in the handle until set again to
-something different. Alas, multiple requests using the same handle will use
-the same options.
+something different. They are sticky. Multiple requests using the same handle
+will use the same options.
+
+If you at any point would like to blank all previously set options for a
+single easy handle, you can call \fIcurl_easy_reset(3)\fP and you can also
+make a clone of an easy handle (with all its set options) using
+\fIcurl_easy_duphandle(3)\fP.

 Many of the options you set in libcurl are "strings", pointers to data
 terminated with a zero byte. When you set strings with
-\fIcurl_easy_setopt(3)\fP, libcurl makes its own copy so that they don't
-need to be kept around in your application after being set[4].
+\fIcurl_easy_setopt(3)\fP, libcurl makes its own copy so that they don't need
+to be kept around in your application after being set[4].

 One of the most basic properties to set in the handle is the URL. You set your
 preferred URL to transfer with \fICURLOPT_URL(3)\fP in a manner similar to:
@@ -257,7 +264,7 @@ than one thread at any given time.

 libcurl is completely thread safe, except for two issues: signals and SSL/TLS
 handlers. Signals are used for timing out name resolves (during DNS lookup) -
-when built without c-ares support and not on Windows.
+when built without using either the c-ares or threaded resolver backends.

 If you are accessing HTTPS or FTPS URLs in a multi-threaded manner, you are
 then of course using the underlying SSL library multi-threaded and those libs
@@ -271,7 +278,7 @@ OpenSSL

 GnuTLS

- http://www.gnu.org/software/gnutls/manual/html_node/Multi_002dthreaded-applications.html
+ http://gnutls.org/manual/html_node/Thread-safety.html

 NSS

@@ -1295,39 +1302,44 @@ To avoid this problem, you must of course use your common sense. Often, you
 can just edit out the sensitive data or just search/replace your true
 information with faked data.

-.SH "Multiple Transfers Using the multi Interface"
-
+.SH "The multi Interface"
 The easy interface as described in detail in this document is a synchronous
 interface that transfers one file at a time and doesn't return until it is
 done.

 The multi interface, on the other hand, allows your program to transfer
-multiple files in both directions at the same time, without forcing you
-to use multiple threads.  The name might make it seem that the multi
-interface is for multi-threaded programs, but the truth is almost the
-reverse.  The multi interface can allow a single-threaded application
-to perform the same kinds of multiple, simultaneous transfers that
-multi-threaded programs can perform.  It allows many of the benefits
-of multi-threaded transfers without the complexity of managing and
-synchronizing many threads.
+multiple files in both directions at the same time, without forcing you to use
+multiple threads.  The name might make it seem that the multi interface is for
+multi-threaded programs, but the truth is almost the reverse.  The multi
+interface allows a single-threaded application to perform the same kinds of
+multiple, simultaneous transfers that multi-threaded programs can perform.  It
+allows many of the benefits of multi-threaded transfers without the complexity
+of managing and synchronizing many threads.
+
+To complicate matters somewhat more, there are even two versions of the multi
+interface. The event based one, also called multi_socket and the "normal one"
+designed for using with select(). See the libcurl-multi.3 man page for details
+on the multi_socket event based API, this description here is for the select()
+oriented one.

 To use this interface, you are better off if you first understand the basics
 of how to use the easy interface. The multi interface is simply a way to make
 multiple transfers at the same time by adding up multiple easy handles into
 a "multi stack".

-You create the easy handles you want and you set all the options just like you
-have been told above, and then you create a multi handle with
-\fIcurl_multi_init(3)\fP and add all those easy handles to that multi handle
-with \fIcurl_multi_add_handle(3)\fP.
+You create the easy handles you want, one for each concurrent transfer, and
+you set all the options just like you learned above, and then you create a
+multi handle with \fIcurl_multi_init(3)\fP and add all those easy handles to
+that multi handle with \fIcurl_multi_add_handle(3)\fP.

 When you've added the handles you have for the moment (you can still add new
 ones at any time), you start the transfers by calling
 \fIcurl_multi_perform(3)\fP.

-\fIcurl_multi_perform(3)\fP is asynchronous. It will only execute as little as
-possible and then return back control to your program. It is designed to never
-block.
+\fIcurl_multi_perform(3)\fP is asynchronous. It will only perform what can be
+done now and then return back control to your program. It is designed to never
+block. You need to keep calling the function until all transfers are
+completed.

 The best usage of this interface is when you do a select() on all possible
 file descriptors or sockets to know when to call libcurl again. This also
@@ -1340,11 +1352,12 @@ When you then call select(), it'll return when one of the file handles signal
 action and you then call \fIcurl_multi_perform(3)\fP to allow libcurl to do
 what it wants to do. Take note that libcurl does also feature some time-out
 code so we advise you to never use very long timeouts on select() before you
-call \fIcurl_multi_perform(3)\fP, which thus should be called unconditionally
-every now and then even if none of its file descriptors have signaled
-ready. Another precaution you should use: always call
-\fIcurl_multi_fdset(3)\fP immediately before the select() call since the
-current set of file descriptors may change when calling a curl function.
+call \fIcurl_multi_perform(3)\fP again. \fIcurl_multi_timeout(3)\fP is
+provided to help you get a suitable timeout period.
+
+Another precaution you should use: always call \fIcurl_multi_fdset(3)\fP
+immediately before the select() call since the current set of file descriptors
+may change in any curl function invoke.

 If you want to stop the transfer of one of the easy handles in the stack, you
 can use \fIcurl_multi_remove_handle(3)\fP to remove individual easy
@@ -1395,3 +1408,5 @@ installs the library, header files, man pages etc.
 .IP "[4]"
 This behavior was different in versions before 7.17.0, where strings had to
 remain valid past the end of the \fIcurl_easy_setopt(3)\fP call.
+.SH "SEE ALSO"
+.BR libcurl-errors "(3), " libcurl-multi "(3), " libcurl-easy "(3) "
--- a/docs/libcurl/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3
+++ b/docs/libcurl/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3
@@ -0,0 +1,48 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE 3 "4 Nov 2014" "libcurl 7.39.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE \- chunk length threshold for pipelining
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE, long size);
+.SH DESCRIPTION
+Pass a long with a \fBsize\fP in bytes. If a pipelined connection is currently
+processing a chunked (Transfer-encoding: chunked) request with a current chunk
+length larger than \fICURLMOPT_CHUNK_LENGTH_PENALTY_SIZE(3)\fP, that pipeline
+will not be considered for additional requests, even if it is shorter than
+\fICURLMOPT_MAX_PIPELINE_LENGTH(3)\fP.
+.SH DEFAULT
+The default value is 0, which means that the penalization is inactive.
+.SH PROTOCOLS
+HTTP(S)
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.30.0
+.SH RETURN VALUE
+Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLMOPT_PIPELINING "(3), " CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE "(3), "
+.BR CURLMOPT_MAX_PIPELINE_LENGTH "(3), "
--- a/docs/libcurl/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3
+++ b/docs/libcurl/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3
@@ -0,0 +1,47 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE 3 "4 Nov 2014" "libcurl 7.39.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE \- size threshold for pipelining penalty
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE, long size);
+.SH DESCRIPTION
+Pass a long with a \fBsize\fP in bytes. If a pipelined connection is currently
+processing a request with a Content-Length larger than this
+\fICURLMOPT_CONTENT_LENGTH_PENALTY_SIZE(3)\fP, that pipeline will then not be
+considered for additional requests, even if it is shorter than
+\fICURLMOPT_MAX_PIPELINE_LENGTH(3)\fP.
+.SH DEFAULT
+The default value is 0, which means that the size penalization is inactive.
+.SH PROTOCOLS
+HTTP(S)
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.30.0
+.SH RETURN VALUE
+Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLMOPT_PIPELINING "(3), " CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE "(3), "
--- a/docs/libcurl/opts/CURLMOPT_MAXCONNECTS.3
+++ b/docs/libcurl/opts/CURLMOPT_MAXCONNECTS.3
@@ -0,0 +1,62 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_MAXCONNECTS 3 "17 Jun 2014" "libcurl 7.37.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_MAXCONNECTS \- set size of connection cache
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_MAXCONNECTS, long max);
+.SH DESCRIPTION
+Pass a long indicating the \fBmax\fP. The set number will be used as the
+maximum amount of simultaneously open connections that libcurl may keep in its
+connection cache after completed use. By default libcurl will enlarge the size
+for each added easy handle to make it fit 4 times the number of added easy
+handles.
+
+By setting this option, you can prevent the cache size from growing beyond the
+limit set by you.
+
+When the cache is full, curl closes the oldest one in the cache to prevent the
+number of open connections from increasing.
+
+This option is for the multi handle's use only, when using the easy interface
+you should instead use the \fICURLOPT_MAXCONNECTS(3)\fP option.
+
+See \fICURLMOPT_MAX_TOTAL_CONNECTIONS(3)\fP for limiting the number of active
+connections.
+
+.SH DEFAULT
+See DESCRIPTION
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.16.3
+.SH RETURN VALUE
+Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLMOPT_MAX_HOST_CONNECTIONS "(3), "
+.BR CURLOPT_MAXCONNECTS "(3), "
+
--- a/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.3
+++ b/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.3
@@ -0,0 +1,54 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_MAX_HOST_CONNECTIONS 3 "17 Jun 2014" "libcurl 7.37.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_MAX_HOST_CONNECTIONS \- set max number of connections to a single host
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_MAX_HOST_CONNECTIONS, long max);
+.SH DESCRIPTION
+Pass a long to indicate \fBmax\fP. The set number will be used as the maximum
+amount of simultaneously open connections to a single host. For each new
+session to a host, libcurl will open a new connection up to the limit set by
+\fICURLMOPT_MAX_HOST_CONNECTIONS(3)\fP. When the limit is reached, the
+sessions will be pending until a connection becomes available. If
+\fICURLMOPT_PIPELINING(3)\fP is enabled, libcurl will try to pipeline if the
+host is capable of it.
+
+The default \fBmax\fP value is 0, unlimited.  However, for backwards
+compatibility, setting it to 0 when \fICURLMOPT_PIPELINING(3)\fP is 1 will not
+be treated as unlimited. Instead it will open only 1 connection and try to
+pipeline on it.
+.SH DEFAULT
+0
+.SH PROTOCOLS
+HTTP(S)
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.30.0
+.SH RETURN VALUE
+Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLMOPT_MAXCONNECTS "(3), " CURLMOPT_MAX_TOTAL_CONNECTIONS "(3), "
--- a/docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.3
+++ b/docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.3
@@ -0,0 +1,51 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_MAX_PIPELINE_LENGTH 3 "4 Nov 2014" "libcurl 7.39.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_MAX_PIPELINE_LENGTH \- maximum number of requests in a pipeline
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_MAX_PIPELINE_LENGTH, long max);
+.SH DESCRIPTION
+Pass a long. The set \fBmax\fP number will be used as the maximum amount of
+outstanding requests in a pipelined connection. Only used if pipelining is
+enabled.
+
+When this limit is reached, libcurl will use another connection to the same
+host (see \fICURLMOPT_MAX_HOST_CONNECTIONS(3)\fP), or queue the request until
+one of the pipelines to the host is ready to accept a request.  Thus, the
+total number of requests in-flight is \fICURLMOPT_MAX_HOST_CONNECTIONS(3)\fP *
+\fICURLMOPT_MAX_PIPELINE_LENGTH(3)\fP.
+.SH DEFAULT
+5
+.SH PROTOCOLS
+HTTP(S)
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.30.0
+.SH RETURN VALUE
+Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLMOPT_PIPELINING "(3), " CURLMOPT_MAX_HOST_CONNECTIONS "(3), "
--- a/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3
+++ b/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3
@@ -0,0 +1,50 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_MAX_TOTAL_CONNECTIONS 3 "4 Nov 2014" "libcurl 7.39.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_MAX_TOTAL_CONNECTIONS \- max simultaneously open connections
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_MAX_TOTAL_CONNECTIONS, long amount);
+.SH DESCRIPTION
+Pass a long for the \fBamount\fP. The set number will be used as the maximum
+number of simultaneously open connections in total using this multi
+handle. For each new session, libcurl will open a new connection up to the
+limit set by \fICURLMOPT_MAX_TOTAL_CONNECTIONS(3)\fP. When the limit is
+reached, the sessions will be pending until there are available
+connections. If \fICURLMOPT_PIPELINING(3)\fP is enabled, libcurl will try to
+pipeline if the host is capable of it.
+.SH DEFAULT
+The default value is 0, which means that there is no limit. It is then simply
+controlled by the number of easy handles added.
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.30.0
+.SH RETURN VALUE
+Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLMOPT_MAXCONNECTS "(3), " CURLMOPT_MAX_HOST_CONNECTIONS "(3), "
--- a/docs/libcurl/opts/CURLMOPT_PIPELINING.3
+++ b/docs/libcurl/opts/CURLMOPT_PIPELINING.3
@@ -0,0 +1,57 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_PIPELINING 3 "17 Jun 2014" "libcurl 7.37.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_PIPELINING \- enable/disable HTTP pipelining
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_PIPELINING, bool onoff);
+.SH DESCRIPTION
+Set the \fBonoff\fP parameter to 1 to make libcurl use HTTP pipelining for
+HTTP transfers done using this multi handle, as far as possible. This means
+that if you add a second request that can use an already existing connection,
+the second request will be \&"piped" on the same connection rather than being
+executed in parallel.
+
+When using pipelining, there are also several other related options that are
+interesting to tweak and adjust to alter how libcurl spreads out requests on
+different connections or not etc.
+.SH DEFAULT
+0 (off)
+.SH PROTOCOLS
+HTTP(S)
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.16.0
+.SH RETURN VALUE
+Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLMOPT_MAX_PIPELINE_LENGTH "(3), "
+.BR CURLMOPT_PIPELINING_SITE_BL "(3), "
+.BR CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE "(3), "
+.BR CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE "(3), "
+.BR CURLMOPT_MAX_HOST_CONNECTIONS "(3), "
+.BR CURLMOPT_MAXCONNECTS "(3), "
+.BR CURLMOPT_MAX_HOST_CONNECTIONS "(3), "
--- a/docs/libcurl/opts/CURLMOPT_PIPELINING_SERVER_BL.3
+++ b/docs/libcurl/opts/CURLMOPT_PIPELINING_SERVER_BL.3
@@ -0,0 +1,60 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_PIPELINING_SERVER_BL 3 "4 Nov 2014" "libcurl 7.39.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_PIPELINING_SERVER_BL \- pipelining server blacklist
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_PIPELINING_SERVER_BL, char **servers);
+.SH DESCRIPTION
+Pass a \fBservers\fP array of char *, ending with a NULL entry. This is a list
+of server types prefixes (in the Server: HTTP header) that are blacklisted
+from pipelining, i.e server types that are known to not support HTTP
+pipelining. The array is copied by libcurl.
+
+Note that the comparison matches if the Server: header begins with the string
+in the blacklist, i.e "Server: Ninja 1.2.3" and "Server: Ninja 1.4.0" can 
+both be blacklisted by having "Ninja" in the backlist.
+
+Pass a NULL pointer to clear the blacklist.
+.SH DEFAULT
+The default value is NULL, which means that there is no blacklist.
+.SH PROTOCOLS
+.SH EXAMPLE
+.nf
+  server_blacklist[] =
+  {
+    "Microsoft-IIS/6.0",
+    "nginx/0.8.54",
+    NULL
+  };
+
+  curl_multi_setopt(m, CURLMOPT_PIPELINE_SERVER_BL, server_blacklist);
+.fi
+.SH AVAILABILITY
+Added in 7.30.0
+.SH RETURN VALUE
+Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLMOPT_PIPELINING "(3), " CURLMOPT_PIPELINING_SITE_BL "(3), "
--- a/docs/libcurl/opts/CURLMOPT_PIPELINING_SITE_BL.3
+++ b/docs/libcurl/opts/CURLMOPT_PIPELINING_SITE_BL.3
@@ -0,0 +1,56 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_PIPELINING_SITE_BL 3 "4 Nov 2014" "libcurl 7.39.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_PIPELINING_SITE_BL \- pipelining host blacklist
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_PIPELINING_SITE_BL, char **hosts);
+.SH DESCRIPTION
+Pass a \fBhosts\fP array of char *, ending with a NULL entry. This is a list
+of sites that are blacklisted from pipelining, i.e sites that are known to not
+support HTTP pipelining. The array is copied by libcurl.
+
+Pass a NULL pointer to clear the blacklist.
+.SH DEFAULT
+The default value is NULL, which means that there is no blacklist.
+.SH PROTOCOLS
+HTTP(S)
+.SH EXAMPLE
+.nf
+  site_blacklist[] =
+  {
+    "www.haxx.se",
+    "www.example.com:1234",
+    NULL
+  };
+
+  curl_multi_setopt(m, CURLMOPT_PIPELINE_SITE_BL, site_blacklist);
+.fi
+.SH AVAILABILITY
+Added in 7.30.0
+.SH RETURN VALUE
+Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLMOPT_PIPELINING "(3), " CURLMOPT_PIPELINING_SERVER_BL "(3), "
--- a/docs/libcurl/opts/CURLMOPT_SOCKETDATA.3
+++ b/docs/libcurl/opts/CURLMOPT_SOCKETDATA.3
@@ -0,0 +1,49 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_SOCKETDATA 3 "3 Nov 2014" "libcurl 7.39.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_SOCKETDATA \- custom pointer passed to the socket callback
+.SH SYNOPSIS
+.nf
+#include <curl/curl.h>
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_SOCKETDATA, void *pointer);
+.SH DESCRIPTION
+A data \fIpointer\fP to pass to the socket callback set with the
+\fICURLMOPT_SOCKETFUNCTION(3)\fP option.
+
+This pointer will not be touched by libcurl but will only be passed in to the
+socket callbacks's \fBuserp\fP argument.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.15.4
+.SH RETURN VALUE
+Returns CURLM_OK.
+.SH "SEE ALSO"
+.BR CURLMOPT_SOCKETFUNCTION "(3), " curl_multi_socket_action "(3), "
+.BR CURLMOPT_TIMERFUNCTION "(3) "
--- a/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3
+++ b/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3
@@ -0,0 +1,62 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_SOCKETFUNCTION 3 "3 Nov 2014" "libcurl 7.39.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_SOCKETFUNCTION \- callback informed about what to wait for
+.SH SYNOPSIS
+.nf
+#include <curl/curl.h>
+
+int socket_callback(CURL *easy,      /* easy handle */
+                    curl_socket_t s, /* socket */
+                    int what,        /* see above */
+                    void *userp,     /* private callback pointer */
+                    void *socketp);  /* private socket pointer */
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_SOCKETFUNCTION, socket_callback);
+.SH DESCRIPTION
+Pass a pointer to your callback function, which should match the prototype
+shown above.
+
+When the \fIcurl_multi_socket_action(3)\fP function runs, it informs the
+application about updates in the socket (file descriptor) status by doing
+none, one, or multiple calls to the \fBsocket_callback\fP. The callback gets
+status updates with changes since the previous time the callback was called.
+If the given callback pointer is NULL, no callback will be called. Set the
+callback's \fBuserp\fP argument with \fICURLMOPT_SOCKETDATA(3)\fP.  See
+\fIcurl_multi_socket_action(3)\fP for more details on how the callback is used
+and should work.
+.SH DEFAULT
+NULL (no callback)
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.15.4
+.SH RETURN VALUE
+Returns CURLM_OK.
+.SH "SEE ALSO"
+.BR CURLMOPT_SOCKETDATA "(3), " curl_multi_socket_action "(3), "
+.BR CURLMOPT_TIMERFUNCTION "(3) "
+
--- a/docs/libcurl/opts/CURLMOPT_TIMERDATA.3
+++ b/docs/libcurl/opts/CURLMOPT_TIMERDATA.3
@@ -0,0 +1,48 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_TIMERDATA 3 "17 Jun 2014" "libcurl 7.37.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_TIMERDATA \- custom pointer to pass to timer callback
+.SH SYNOPSIS
+.nf
+#include <curl/curl.h>
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_TIMERDATA, void *pointer);
+.SH DESCRIPTION
+A data \fBpointer\fP to pass to the timer callback set with the
+\fICURLMOPT_TIMERFUNCTION(3)\fP option.
+
+This pointer will not be touched by libcurl but will only be passed in to the
+timer callbacks's \fBuserp\fP argument.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.16.0
+.SH RETURN VALUE
+Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLMOPT_TIMERFUNCTION "(3), " CURLMOPT_SOCKETFUNCTION "(3), "
--- a/docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.3
+++ b/docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.3
@@ -0,0 +1,63 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLMOPT_TIMERFUNCTION 3 "17 Jun 2014" "libcurl 7.37.0" "curl_multi_setopt options"
+.SH NAME
+CURLMOPT_TIMERFUNCTION \- set callback to receive timeout values
+.SH SYNOPSIS
+.nf
+#include <curl/curl.h>
+
+int timer_callback(CURLM *multi,    /* multi handle */
+                   long timeout_ms, /* see above */
+                   void *userp);    /* private callback pointer */
+
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_TIMERFUNCTION, timer_callback);
+.SH DESCRIPTION
+Pass a pointer to your callback function, which should match the prototype
+shown above.
+
+This callback function will be called when the timeout value changes. The
+\fBtimeout_ms\fP value is at what latest time the application should call one
+of the \&"performing" functions of the multi interface
+(\fIcurl_multi_socket_action(3)\fP and \fIcurl_multi_perform(3)\fP) - to allow
+libcurl to keep timeouts and retries etc to work. A \fBtimeout_ms\fP value of
+-1 means that there is no timeout at all, and 0 means that the timeout is
+already expired. libcurl attempts to limit calling this only when the fixed
+future timeout time actually changes.
+
+The \fBuserp\fP pointer is set with \fICURLMOPT_TIMERDATA(3)\fP.
+
+The timer callback should return 0 on success, and -1 on error. This callback
+can be used instead of, or in addition to, \fIcurl_multi_timeout(3)\fP.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.16.0
+.SH RETURN VALUE
+Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLMOPT_TIMERDATA "(3), " CURLMOPT_SOCKETFUNCTION "(3), "
--- a/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3
+++ b/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3
@@ -60,3 +60,4 @@ Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
 CURLE_OUT_OF_MEMORY if there was insufficient heap space.
 .SH "SEE ALSO"
 .BR CURLOPT_TRANSFER_ENCODING "(3), " CURLOPT_HTTPHEADER "(3), "
+.BR CURLOPT_HTTP_CONTENT_DECODING "(3), "
--- a/docs/libcurl/opts/CURLOPT_CERTINFO.3
+++ b/docs/libcurl/opts/CURLOPT_CERTINFO.3
@@ -29,7 +29,7 @@ CURLOPT_CERTINFO \- request SSL certificate information
 CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CERTINFO, long certinfo);
 .SH DESCRIPTION
 Pass a long set to 1 to enable libcurl's certificate chain info gatherer. With
-this enabled, libcurl (if built with OpenSSL, NSS, GSKit or QsoSSL) will
+this enabled, libcurl (if built with OpenSSL, NSS or GSKit) will
 extract lots of information and data about the certificates in the certificate
 chain used in the SSL connection. This data may then be retrieved after a
 transfer using \fIcurl_easy_getinfo(3)\fP and its option
--- a/docs/libcurl/opts/CURLOPT_CONNECT_ONLY.3
+++ b/docs/libcurl/opts/CURLOPT_CONNECT_ONLY.3
@@ -30,7 +30,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CONNECT_ONLY, long only);
 .SH DESCRIPTION
 Pass a long. If the parameter equals 1, it tells the library to perform all
 the required proxy authentication and connection setup, but no data transfer,
-and then return. This option is implemented for HTTP, SMTP and POP3.
+and then return.

 The option can be used to simply test a connection to a server, but is more
 useful when used with the \fICURLINFO_LASTSOCKET\fP option to
@@ -40,7 +40,7 @@ transfers.
 .SH DEFAULT
 0
 .SH PROTOCOLS
-HTTP, SMTP and POP3
+HTTP, SMTP, POP3 and IMAP
 .SH EXAMPLE
 TODO
 .SH AVAILABILITY
--- a/docs/libcurl/opts/CURLOPT_COOKIE.3
+++ b/docs/libcurl/opts/CURLOPT_COOKIE.3
@@ -58,5 +58,5 @@ If HTTP is enabled
 Returns CURLE_OK if HTTP is enabled, CURLE_UNKNOWN_OPTION if not, or
 CURLE_OUT_OF_MEMORY if there was insufficient heap space.
 .SH "SEE ALSO"
-.BR CURLOPT_COOKIEFILE "(3), " CURLOPT_COOKIEJAR "(3), "
+.BR CURLOPT_COOKIEFILE "(3), " CURLOPT_COOKIEJAR "(3), "  CURLOPT_COOKIELIST "(3), "
 .BR CURLOPT_HTTPHEADER "(3), "
--- a/docs/libcurl/opts/CURLOPT_COOKIEJAR.3
+++ b/docs/libcurl/opts/CURLOPT_COOKIEJAR.3
@@ -55,4 +55,4 @@ Along with HTTP
 Returns CURLE_OK if HTTP is supported, CURLE_UNKNOWN_OPTION if not, or
 CURLE_OUT_OF_MEMORY if there was insufficient heap space.
 .SH "SEE ALSO"
-.BR CURLOPT_COOKIEFILE "(3), " CURLOPT_COOKIE "(3), "
+.BR CURLOPT_COOKIEFILE "(3), " CURLOPT_COOKIE "(3), " CURLOPT_COOKIELIST "(3), "
--- a/docs/libcurl/opts/CURLOPT_COOKIELIST.3
+++ b/docs/libcurl/opts/CURLOPT_COOKIELIST.3
@@ -46,6 +46,10 @@ erases all session cookies held in memory

 .IP FLUSH
 writes all known cookies to the file specified by \fICURLOPT_COOKIEJAR(3)\fP
+
+.IP RELOAD
+loads all cookies from the files specified by \fICURLOPT_COOKIEFILE(3)\fP
+
 .SH DEFAULT
 NULL
 .SH PROTOCOLS
@@ -58,8 +62,10 @@ ALL was added in 7.14.1
 SESS was added in 7.15.4

 FLUSH was added in 7.17.1
+
+RELOAD was added in 7.39.0
 .SH RETURN VALUE
 Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
 CURLE_OUT_OF_MEMORY if there was insufficient heap space.
 .SH "SEE ALSO"
-.BR CURLOPT_COOKIEFILE "(3), " CURLOPT_COOKIEJAR "(3), "
+.BR CURLOPT_COOKIEFILE "(3), " CURLOPT_COOKIEJAR "(3), "  CURLOPT_COOKIE "(3), "
--- a/docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.3
+++ b/docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.3
@@ -28,10 +28,10 @@ CURLOPT_COPYPOSTFIELDS \- have libcurl copy data to POST

 CURLcode curl_easy_setopt(CURL *handle, CURLOPT_COPYPOSTFIELDS, char *data);
 .SH DESCRIPTION
-Pass a char * as parameter, which should be the full data to post in a HTTP
-POST operation. It behaves as the \fICURLOPT_POSTFIELDS(3)\fP option, but the
-original data is instead copied by the library, allowing the application to
-overwrite the original data after setting this option.
+Pass a char * as parameter, which should be the full \fIdata\fP to post in a
+HTTP POST operation. It behaves as the \fICURLOPT_POSTFIELDS(3)\fP option, but
+the original data is instead copied by the library, allowing the application
+to overwrite the original data after setting this option.

 Because data are copied, care must be taken when using this option in
 conjunction with \fICURLOPT_POSTFIELDSIZE(3)\fP or
@@ -44,9 +44,23 @@ copy. In any case, the size must not be changed after
 .SH DEFAULT
 NULL
 .SH PROTOCOLS
-HTTP
+HTTP(S)
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  char local_buffer[1024]="data to send";
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* size of the data to copy from the buffer and send in the request */
+  curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, 12L);
+
+  /* send data from the local stack */
+  curl_easy_setopt(curl, CURLOPT_COPYPOSTFIELDS, local_buffer);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Added in 7.17.1
 .SH RETURN VALUE
--- a/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3
+++ b/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3
@@ -83,7 +83,7 @@ issue NOOP and RSET commands.
 .SH DEFAULT
 NULL
 .SH PROTOCOLS
-HTTP, FTP, IMAP, POP3
+HTTP, FTP, IMAP, POP3 and SMTP
 .SH EXAMPLE
 TODO
 .SH AVAILABILITY
--- a/docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.3
@@ -79,7 +79,103 @@ NULL
 .SH PROTOCOLS
 All
 .SH EXAMPLE
-http://curl.haxx.se/libcurl/c/debug.html
+.nf
+static
+void dump(const char *text,
+          FILE *stream, unsigned char *ptr, size_t size)
+{
+  size_t i;
+  size_t c;
+  unsigned int width=0x10;
+
+  fprintf(stream, "%s, %10.10ld bytes (0x%8.8lx)\n",
+          text, (long)size, (long)size);
+
+  for(i=0; i<size; i+= width) {
+    fprintf(stream, "%4.4lx: ", (long)i);
+
+    /* show hex to the left */
+    for(c = 0; c < width; c++) {
+      if(i+c < size)
+        fprintf(stream, "%02x ", ptr[i+c]);
+      else
+        fputs("   ", stream);
+    }
+
+    /* show data on the right */
+    for(c = 0; (c < width) && (i+c < size); c++)
+      fputc(ptr[i+c]>=0x20) && (ptr[i+c]<0x80)?ptr[i+c]:'.', stream);
+
+    fputc('\n', stream); /* newline */
+  }
+}
+
+static
+int my_trace(CURL *handle, curl_infotype type,
+             char *data, size_t size,
+             void *userp)
+{
+  const char *text;
+  (void)handle; /* prevent compiler warning */
+
+  switch (type) {
+  case CURLINFO_TEXT:
+    fprintf(stderr, "== Info: %s", data);
+  default: /* in case a new one is introduced to shock us */
+    return 0;
+
+  case CURLINFO_HEADER_OUT:
+    text = "=> Send header";
+    break;
+  case CURLINFO_DATA_OUT:
+    text = "=> Send data";
+    break;
+  case CURLINFO_SSL_DATA_OUT:
+    text = "=> Send SSL data";
+    break;
+  case CURLINFO_HEADER_IN:
+    text = "<= Recv header";
+    break;
+  case CURLINFO_DATA_IN:
+    text = "<= Recv data";
+    break;
+  case CURLINFO_SSL_DATA_IN:
+    text = "<= Recv SSL data";
+    break;
+  }
+
+  dump(text, stderr, (unsigned char *)data, size);
+  return 0;
+}
+
+int main(void)
+{
+  CURL *curl;
+  CURLcode res;
+
+  curl = curl_easy_init();
+  if(curl) {
+    curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, my_trace);
+
+    /* the DEBUGFUNCTION has no effect until we enable VERBOSE */
+    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
+
+    /* example.com is redirected, so we tell libcurl to follow redirection */
+    curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/");
+    res = curl_easy_perform(curl);
+    /* Check for errors */
+    if(res != CURLE_OK)
+      fprintf(stderr, "curl_easy_perform() failed: %s\n",
+              curl_easy_strerror(res));
+
+    /* always cleanup */
+    curl_easy_cleanup(curl);
+  }
+  return 0;
+}
+.fi
 .SH AVAILABILITY
 Always
 .SH RETURN VALUE
--- a/docs/libcurl/opts/CURLOPT_DIRLISTONLY.3
+++ b/docs/libcurl/opts/CURLOPT_DIRLISTONLY.3
@@ -28,13 +28,18 @@ CURLOPT_DIRLISTONLY \- ask for names only in a directory listing

 CURLcode curl_easy_setopt(CURL *handle, CURLOPT_DIRLISTONLY, long listonly);
 .SH DESCRIPTION
-A parameter set to 1 tells the library to just list the names of files in a
-directory, instead of doing a full directory listing that would include file
-sizes, dates etc. This works for FTP and SFTP URLs.
+For FTP and SFTP based URLs a parameter set to 1 tells the library to list the
+names of files in a directory, rather than performing a full directory listing
+that would normally include file sizes, dates etc.

-This causes an FTP NLST command to be sent on an FTP server.  Beware that some
-FTP servers list only files in their response to NLST; they might not include
-subdirectories and symbolic links.
+For POP3 a parameter of 1 tells the library to list the email message or
+messages on the POP3 server. This can be used to change the default behaviour
+of libcurl, when combined with a URL that contains a message ID, to perform a
+"scan listing" which can then be used to determine the size of an email.
+
+Note: For FTP this causes a NLST command to be sent to the FTP server.  Beware
+that some FTP servers list only files in their response to NLST; they might not
+include subdirectories and symbolic links.

 Setting this option to 1 also implies a directory listing even if the URL
 doesn't end with a slash, which otherwise is necessary.
@@ -44,11 +49,12 @@ will effectively break that feature then.
 .SH DEFAULT
 0, disabled
 .SH PROTOCOLS
-FTP and SFTP
+FTP, SFTP and POP3
 .SH EXAMPLE
 TODO
 .SH AVAILABILITY
-This option was known as CURLOPT_FTPLISTONLY up to 7.16.4
+This option was known as CURLOPT_FTPLISTONLY up to 7.16.4. POP3 is supported
+since 7.21.5.
 .SH RETURN VALUE
 Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"
--- a/docs/libcurl/opts/CURLOPT_ERRORBUFFER.3
+++ b/docs/libcurl/opts/CURLOPT_ERRORBUFFER.3
@@ -48,10 +48,25 @@ NULL
 .SH PROTOCOLS
 All
 .SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+  char error[CURL_ERROR_SIZE]
+
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* provide a buffer to store errors in */
+  curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, error);
+
+  /* Perform the request */
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Always
 .SH RETURN VALUE
 Returns CURLE_OK
 .SH "SEE ALSO"
 .BR CURLOPT_DEBUGFUNCTION "(3), " CURLOPT_VERBOSE "(3), "
+.BR curl_easy_strerror "(3), " curl_multi_strerror "(3), "
+.BR curl_share_strerror "(3) "
--- a/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.3
+++ b/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.3
@@ -39,15 +39,32 @@ redirects libcurl will follow.
 libcurl can limit to what protocols it will automatically follow. The accepted
 protocols are set with \fICURLOPT_REDIR_PROTOCOLS(3)\fP and it excludes the
 FILE protocol by default.
+
+For users who think the existing location following is too naive, too simple
+or just lacks features, it is very easy to instead implement your own redirect
+follow logic with the use of \fIcurl_easy_getinfo(3)\fP's
+\fICURLINFO_REDIRECT_URL\fP option instead of using
+\fICURLOPT_FOLLOWLOCATION(3)\fP.
 .SH DEFAULT
 0, disabled
 .SH PROTOCOLS
-HTTP
+HTTP(S)
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* example.com is redirected, so we tell libcurl to follow redirection */
+  curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Along with HTTP
 .SH RETURN VALUE
 Returns CURLE_OK if HTTP is supported, and CURLE_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"
 .BR CURLOPT_REDIR_PROTOCOLS "(3), " CURLOPT_PROTOCOLS "(3), "
+.BR CURLOPT_POSTREDIR "(3), "
--- a/docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.3
+++ b/docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.3
@@ -32,7 +32,7 @@ Set the long parameter \fIlevel\fP to CURLGSSAPI_DELEGATION_FLAG to allow
 unconditional GSSAPI credential delegation.  The delegation is disabled by
 default since 7.21.7.  Set the parameter to CURLGSSAPI_DELEGATION_POLICY_FLAG
 to delegate only if the OK-AS-DELEGATE flag is set in the service ticket in
-case this feature is supported by the GSSAPI implementation and the definition
+case this feature is supported by the GSS-API implementation and the definition
 of GSS_C_DELEG_POLICY_FLAG was available at compile-time.
 .SH DEFAULT
 CURLGSSAPI_DELEGATION_NONE
--- a/docs/libcurl/opts/CURLOPT_HTTPGET.3
+++ b/docs/libcurl/opts/CURLOPT_HTTPGET.3
@@ -37,9 +37,20 @@ When setting \fICURLOPT_HTTPGET(3)\fP to 1, it will automatically set
 .SH DEFAULT
 0
 .SH PROTOCOLS
-HTTP
+HTTP(S)
 .SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* use a GET to fetch this */ 
+  curl_easy_setopt(curl, CURLOPT_HTTPGET, 1L);
+
+  /* Perform the request */ 
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Along with HTTP
 .SH RETURN VALUE
--- a/docs/libcurl/opts/CURLOPT_HTTPHEADER.3
+++ b/docs/libcurl/opts/CURLOPT_HTTPHEADER.3
@@ -54,6 +54,11 @@ following the request-line are headers. Adding this method line in this list
 of headers will only cause your request to send an invalid header. Use
 \fICURLOPT_CUSTOMREQUEST(3)\fP to change the method.

+When this option is passed to \fIcurl_easy_setopt(3)\fP, libcurl will not copy
+the entire list so you \fBmust\fP keep it around until you no longer use this
+\fIhandle\fP for a transfer before you call \fIcurl_slist_free_all(3)\fP on
+the list.
+
 Pass a NULL to this option to reset back to no custom headers.

 The most commonly replaced headers have "shortcuts" in the options
--- a/docs/libcurl/opts/CURLOPT_HTTPPOST.3
+++ b/docs/libcurl/opts/CURLOPT_HTTPPOST.3
@@ -47,7 +47,29 @@ NULL
 .SH PROTOCOLS
 HTTP
 .SH EXAMPLE
-TODO
+.nf
+/* Fill in the file upload field. This makes libcurl load data from
+   the given file name when curl_easy_perform() is called. */
+curl_formadd(&formpost,
+             &lastptr,
+             CURLFORM_COPYNAME, "sendfile",
+             CURLFORM_FILE, "postit2.c",
+             CURLFORM_END);
+
+/* Fill in the filename field */
+curl_formadd(&formpost,
+             &lastptr,
+             CURLFORM_COPYNAME, "filename",
+             CURLFORM_COPYCONTENTS, "postit2.c",
+             CURLFORM_END);
+
+/* Fill in the submit field too, even if this is rarely needed */
+curl_formadd(&formpost,
+             &lastptr,
+             CURLFORM_COPYNAME, "submit",
+             CURLFORM_COPYCONTENTS, "send",
+             CURLFORM_END);
+.fi
 .SH AVAILABILITY
 As long as HTTP is enabled
 .SH RETURN VALUE
--- a/docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.3
+++ b/docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.3
@@ -46,3 +46,4 @@ Added in 7.16.2
 Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"
 .BR CURLOPT_STDERR "(3), " CURLOPT_DEBUGFUNCTION "(3), "
+.BR CURLOPT_ACCEPT_ENCODING "(3) "
--- a/docs/libcurl/opts/CURLOPT_MAIL_AUTH.3
+++ b/docs/libcurl/opts/CURLOPT_MAIL_AUTH.3
@@ -22,7 +22,7 @@
 .\"
 .TH CURLOPT_MAIL_AUTH 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options"
 .SH NAME
-CURLOPT_MAIL_AUTH \- specify SMTP authentication address
+CURLOPT_MAIL_AUTH \- SMTP authentication address
 .SH SYNOPSIS
 #include <curl/curl.h>

--- a/docs/libcurl/opts/CURLOPT_MAIL_FROM.3
+++ b/docs/libcurl/opts/CURLOPT_MAIL_FROM.3
@@ -22,7 +22,7 @@
 .\"
 .TH CURLOPT_MAIL_FROM 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options"
 .SH NAME
-CURLOPT_MAIL_FROM \- smtp mail FROM address
+CURLOPT_MAIL_FROM \- SMTP sender address
 .SH SYNOPSIS
 #include <curl/curl.h>

--- a/docs/libcurl/opts/CURLOPT_MAIL_RCPT.3
+++ b/docs/libcurl/opts/CURLOPT_MAIL_RCPT.3
@@ -22,7 +22,7 @@
 .\"
 .TH CURLOPT_MAIL_RCPT 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options"
 .SH NAME
-CURLOPT_MAIL_RCPT \- provide list of mail recipients
+CURLOPT_MAIL_RCPT \- list of SMTP mail recipients
 .SH SYNOPSIS
 .nf
 #include <curl/curl.h>
--- a/docs/libcurl/opts/CURLOPT_MAXCONNECTS.3
+++ b/docs/libcurl/opts/CURLOPT_MAXCONNECTS.3
@@ -22,18 +22,18 @@
 .\"
 .TH CURLOPT_MAXCONNECTS 3 "17 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options"
 .SH NAME
-CURLOPT_MAXCONNECTS \- set connection cache size
+CURLOPT_MAXCONNECTS \- maximum connection cache size
 .SH SYNOPSIS
 #include <curl/curl.h>

 CURLcode curl_easy_setopt(CURL *handle, CURLOPT_MAXCONNECTS, long amount);
 .SH DESCRIPTION
-Pass a long. The set number will be the persistent connection cache size. The
-set \fIamount\fP will be the maximum amount of simultaneously open connections
-that libcurl may cache in cache associated with this handle. Default is 5, and
-there isn't much point in changing this value unless you are perfectly aware
-of how this works and changes libcurl's behaviour. This concerns connections
-using any of the protocols that support persistent connections.
+Pass a long. The set \fIamount\fP will be the maximum number of simultaneously
+open persistent connections that libcurl may cache in the pool associated with
+this handle. The default is 5, and there isn't much point in changing this
+value unless you are perfectly aware of how this works and changes libcurl's
+behaviour. This concerns connections using any of the protocols that support
+persistent connections.

 When reaching the maximum limit, curl closes the oldest one in the cache to
 prevent increasing the number of open connections.
--- a/docs/libcurl/opts/CURLOPT_MAXREDIRS.3
+++ b/docs/libcurl/opts/CURLOPT_MAXREDIRS.3
@@ -39,9 +39,23 @@ Set it to -1 for an infinite number of redirects.
 .SH DEFAULT
 -1, unlimited
 .SH PROTOCOLS
-HTTP
+HTTP(S)
 .SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/");
+
+  /* enable redirect following */
+  curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+
+  /* allow three redirects */
+  curl_easy_setopt(curl, CURLOPT_MAXREDIRS, 3L);
+
+  /* Perform the request */
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Along with HTTP
 .SH RETURN VALUE
--- a/docs/libcurl/opts/CURLOPT_NOBODY.3
+++ b/docs/libcurl/opts/CURLOPT_NOBODY.3
@@ -39,7 +39,18 @@ Enabling this option means asking for a download but without a body.
 .SH PROTOCOLS
 Most
 .SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* get us the resource without a body! */ 
+  curl_easy_setopt(curl, CURLOPT_NOBODY, 1L);
+
+  /* Perform the request */ 
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Always
 .SH RETURN VALUE
--- a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
+++ b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
@@ -0,0 +1,65 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PINNEDPUBLICKEY 3 "27 Aug 2014" "libcurl 7.38.0" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PINNEDPUBLICKEY \- set pinned public key
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PINNEDPUBLICKEY, char *pinnedpubkey);
+.SH DESCRIPTION
+Pass a pointer to a zero terminated string as parameter. The string should be
+the file name of your pinned public key. The format expected is "DER".
+
+When negotiating a TLS or SSL connection, the server sends a certificate
+indicating its identity. A public key is extracted from this certificate and
+if it does not exactly match the public key provided to this option, curl will
+abort the connection before sending or receiving any data.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3, SMTPS etc.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
+  curl_easy_setopt(curl, CURLOPT_PINNEDPUBLICKEY, "/etc/publickey.der");
+
+  /* Perform the request */
+  curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+If built TLS enabled. This is currently only implemented in the OpenSSL,
+GnuTLS and GSKit backends.
+
+Added in libcurl 7.39.0
+.SH RETURN VALUE
+Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_SSL_VERIFYPEER "(3), "
+.BR CURLOPT_SSL_VERIFYHOST "(3), "
+.BR CURLOPT_CAINFO "(3), "
+.BR CURLOPT_CAPATH "(3), "
--- a/docs/libcurl/opts/CURLOPT_POSTFIELDS.3
+++ b/docs/libcurl/opts/CURLOPT_POSTFIELDS.3
@@ -58,7 +58,22 @@ NULL
 .SH PROTOCOLS
 HTTP
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  const char *data = "data to send";
+
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* size of the POST data */
+  curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, 12L);
+
+  /* pass in a pointer to the data - libcurl will not copy */
+  curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Always
 .SH RETURN VALUE
--- a/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.3
+++ b/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.3
@@ -39,7 +39,21 @@ If you post more than 2GB, use \fICURLOPT_POSTFIELDSIZE_LARGE(3)\fP.
 .SH PROTOCOLS
 HTTP
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  const char *data = "data to send";
+
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* size of the POST data */
+  curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long) strlen(data));
+
+  curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Along with HTTP
 .SH RETURN VALUE
--- a/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.3
+++ b/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.3
@@ -37,12 +37,28 @@ set to -1, the library will use strlen() to get the size.
 .SH DEFAULT
 -1
 .SH PROTOCOLS
-HTTP
+HTTP(S)
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  const char *data = large_chunk;
+  curl_off_t length_of_data; /* set somehow */
+
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* size of the POST data */
+  curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE_LARGE, length_of_data);
+
+  curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Along with HTTP
 .SH RETURN VALUE
 Returns CURLE_OK if HTTP is supported, and CURLE_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"
 .BR CURLOPT_POSTFIELDS "(3), " CURLOPT_COPYPOSTFIELDS "(3), "
+.BR CURLOPT_POSTFIELDSIZE "(3), "
--- a/docs/libcurl/opts/CURLOPT_POSTREDIR.3
+++ b/docs/libcurl/opts/CURLOPT_POSTREDIR.3
@@ -47,12 +47,26 @@ when setting \fICURLOPT_FOLLOWLOCATION(3)\fP.
 .SH DEFAULT
 0
 .SH PROTOCOLS
-HTTP
+HTTP(S)
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* a silly POST example */
+  curl_easy_setopt(curl, CURLOPT_POSTFIELDS, "data=true");
+
+  /* example.com is redirected, so we tell libcurl to send POST on 301, 302 and
+     303 HTTP response codes */
+  curl_easy_setopt(curl, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Added in 7.17.1. This option was known as CURLOPT_POST301 up to 7.19.0 as it
-only supported the 301 then.
+only supported the 301 then. CURL_REDIR_POST_303 was added in 7.26.0.
 .SH RETURN VALUE
 Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"
--- a/docs/libcurl/opts/CURLOPT_PROTOCOLS.3
+++ b/docs/libcurl/opts/CURLOPT_PROTOCOLS.3
@@ -32,17 +32,60 @@ Pass a long that holds a bitmask of CURLPROTO_* defines. If used, this bitmask
 limits what protocols libcurl may use in the transfer. This allows you to have
 a libcurl built to support a wide range of protocols but still limit specific
 transfers to only be allowed to use a subset of them. By default libcurl will
-accept all protocols it supports. See also
+accept all protocols it supports (\fICURLPROTO_ALL\fP). See also
 \fICURLOPT_REDIR_PROTOCOLS(3)\fP.
+
+These are the available protocol defines:
+.nf
+CURLPROTO_DICT
+CURLPROTO_FILE
+CURLPROTO_FTP
+CURLPROTO_FTPS
+CURLPROTO_GOPHER
+CURLPROTO_HTTP
+CURLPROTO_HTTPS
+CURLPROTO_IMAP
+CURLPROTO_IMAPS
+CURLPROTO_LDAP
+CURLPROTO_LDAPS
+CURLPROTO_POP3
+CURLPROTO_POP3S
+CURLPROTO_RTMP
+CURLPROTO_RTMPE
+CURLPROTO_RTMPS
+CURLPROTO_RTMPT
+CURLPROTO_RTMPTE
+CURLPROTO_RTMPTS
+CURLPROTO_RTSP
+CURLPROTO_SCP
+CURLPROTO_SFTP
+CURLPROTO_SMTP
+CURLPROTO_SMTPS
+CURLPROTO_TELNET
+CURLPROTO_TFTP
+.fi
 .SH DEFAULT
 All protocols built-in
 .SH PROTOCOLS
 All
 .SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+  /* pass in the URL from an external source */
+  curl_easy_setopt(curl, CURLOPT_URL, argv[1]);
+
+  /* only allow HTTP, TFTP and SFTP */
+  curl_easy_setopt(curl, CURLOPT_PROTOCOLS,
+                   CURLPROTO_HTTP | CURLPROTO_TFTP | CURLPROTO_SFTP);
+
+  /* Perform the request */
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Added in 7.19.4
 .SH RETURN VALUE
 Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"
-.BR CURLOPT_REDIR_PROTOCOLS "(3), "
+.BR CURLOPT_REDIR_PROTOCOLS "(3), " CURLOPT_URL "(3), "
--- a/docs/libcurl/opts/CURLOPT_PROXYPASSWORD.3
+++ b/docs/libcurl/opts/CURLOPT_PROXYPASSWORD.3
@@ -22,7 +22,7 @@
 .\"
 .TH CURLOPT_PROXYPASSWORD 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options"
 .SH NAME
-CURLOPT_PROXYPASSWORD \- password to use in authentication with proxy
+CURLOPT_PROXYPASSWORD \- password to use with proxy authentication
 .SH SYNOPSIS
 #include <curl/curl.h>

--- a/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3
+++ b/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3
@@ -22,7 +22,7 @@
 .\"
 .TH CURLOPT_PROXYUSERNAME 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options"
 .SH NAME
-CURLOPT_PROXYUSERNAME \- username to authenticate with a proxy
+CURLOPT_PROXYUSERNAME \- user name to use for proxy authentication
 .SH SYNOPSIS
 .nf
 #include <curl/curl.h>
--- a/Show More
+++ b/Show More