RELEASE-NOTES: updated for 7.42.0

When doing HTTP requests Negotiate authenticated, the entire connnection
may become authenticated and not just the specific HTTP request which is
otherwise how HTTP works, as Negotiate can basically use NTLM under the
hood. curl was not adhering to this fact but would assume that such
requests would also be authenticated per request.

CVE-2015-3148

Bug: http://curl.haxx.se/docs/adv_20150422B.html
Reported-by: Isaac Boukris

.gitignore

@@ -45,5 +45,7 @@ CHANGES.dist
 .project
 .cproject
 .settings
-/[0-9]*.patch
 .dirstamp
+test-driver
+/build/
+/builds/

.travis.yml

@@ -3,6 +3,8 @@ language: c
 before_script:
   - ./buildconf
 
+script: ./configure --enable-debug && make && make test-full
+
 compiler:
   - clang
   - gcc

CHANGES.0

@@ -267,7 +267,7 @@ Daniel Stenberg (16 Apr 2010)
 Daniel Stenberg (15 Apr 2010)
 - Rainer Canavan filed bug report #2987196 that identified libcurl doing
   unnecesary reverse name lookups in many cases when built to use IPv4 and
-  getaddrinfo(). The logic for ipv6 is now used for ipv4 too.
+  getaddrinfo(). The logic for IPv6 is now used for IPv4 too.
 
   (http://curl.haxx.se/bug/view.cgi?id=2963679)
 
@@ -4271,7 +4271,7 @@ Daniel S (15 Nov 2007)
   list.
 
 - Michal Marek fixed the test suite to better deal with the case when the HTTP
-  ipv6 server can't run.
+  IPv6 server can't run.
 
 Yang Tse (14 Nov 2007)
 - Fix a variable potential wrapping in add_buffer() when using absolutely
@@ -6109,7 +6109,7 @@ Daniel (22 August 2006)
 - David McCreedy fixed a remaining mistake from the August 19 TYPE change.
 
 - Peter Sylvester pointed out a flaw in the AllowServerConnect() in the FTP
-  code when doing pure ipv6 EPRT connections.
+  code when doing pure IPv6 EPRT connections.
 
 Daniel (19 August 2006)
 - Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE
@@ -6666,8 +6666,8 @@ Daniel (24 January 2006)
 
 Daniel (20 January 2006)
 - Duane Cathey was one of our friends who reported that curl -P [IP]
-  (CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a
-  "native" IP while it works fine for ipv6-disabled builds!
+  (CURLOPT_FTPPORT) didn't work for IPv6-enabed curls if the IP wasn't a
+  "native" IP while it works fine for IPv6-disabled builds!
 
   In the process of fixing this, I removed the support for LPRT since I can't
   think of many reasons to keep doing it and asking on the mailing list didn't
@@ -6676,7 +6676,7 @@ Daniel (20 January 2006)
 
 Daniel (19 January 2006)
 - Jon Turner pointed out that doing -P [hostname] (CURLOPT_FTPPORT) with curl
-  (built ipv4-only) didn't work.
+  (built IPv4-only) didn't work.
 
 Daniel (18 January 2006)
 - As reported in bug #1408742 (http://curl.haxx.se/bug/view.cgi?id=1408742),
@@ -7557,7 +7557,7 @@ Daniel (29 March 2005)
 Daniel (16 March 2005)
 - Tru64 and some IRIX boxes seem to not like test 237 as it is. Their
   inet_addr() functions seems to use &255 on all numericals in a ipv4 dotted
-  address which makes a different failure... Now I've modified the ipv4
+  address which makes a different failure... Now I've modified the IPv4
   resolve code to use inet_pton() instead in an attempt to make these systems
   better detect this as a bad IP address rather than creating a toally bogus
   address that is then passed on and used.
@@ -7750,7 +7750,7 @@ Daniel (7 February 2005)
 
 Daniel (5 February 2005)
 - Eric Vergnaud found a use of an uninitialised variable in the ftp when doing
-  PORT on ipv6-enabled hosts.
+  PORT on IPv6-enabled hosts.
 
 - David Byron pointed out we could use BUFSIZE to read data (in
   lib/transfer.c) instead of using BUFSIZE -1.
@@ -7822,7 +7822,7 @@ Daniel (28 January 2005)
   8. fetch a URL from the same server as before (re-using the connection)
 
 - Stephen More pointed out that CURLOPT_FTPPORT and the -P option didn't work
-  when built ipv6-enabled. I've now made a fix for it. Writing test cases for
+  when built IPv6-enabled. I've now made a fix for it. Writing test cases for
   custom port hosts turned too tricky so unfortunately there's none.
 
 Daniel (25 January 2005)
@@ -8560,9 +8560,9 @@ Daniel (20 August 2004)
   byte file is downloaded.
 
 Daniel (18 August 2004)
-- Ling Thio pointed out that when libcurl is built ipv6-enabled, it still did
+- Ling Thio pointed out that when libcurl is built IPv6-enabled, it still did
   reverse DNS lookups when fed with a numerical IP-address (like
-  http://127.0.0.1/), although it doesn't when built ipv6-disabled. libcurl
+  http://127.0.0.1/), although it doesn't when built IPv6-disabled. libcurl
   should never do reverse lookups.
 
 Daniel (17 August 2004)
@@ -8714,7 +8714,7 @@ Daniel (27 June 2004)
 Daniel (24 June 2004)
 - The standard curl_version() string now only includes version info about
   involved libraries and not about particular features. Thus it will no longer
-  include info about ipv6 nor GSS. That info is of course still available in
+  include info about IPv6 nor GSS. That info is of course still available in
   the feature bitmask curl_version_info() offers.
 
 - Replaced all occurances of sprintf() with snprintf(). This is mostly because
@@ -8729,8 +8729,8 @@ Daniel (24 June 2004)
 
   Internally, this means amongst other things that we can stop doing the weird
   "increase buffer size until it works" trick when resolving hosts on
-  ipv4-only with gethostbyname_r(), we support socks even on libcurls built
-  with ipv6 enabled (but only to socks servers that resolve to an ipv4
+  IPv4-only with gethostbyname_r(), we support socks even on libcurls built
+  with IPv6 enabled (but only to socks servers that resolve to an IPv4
   address) and we no longer deep-copy or relocate hostent structs (we create
   Curl_addrinfo chains instead).
 
@@ -9074,7 +9074,7 @@ Daniel (27 April 2004)
   and proxy name to the ACE encoded version to use internally for resolves and
   cookies etc. They are now using one 'struct hostname' each that keep both
   the original name and the possibly encoded name. IDN resolves work for me
-  now using ipv6, ipv4 and ares resolving. Even cookies on IDN sites seem to
+  now using IPv6, IPv4 and ares resolving. Even cookies on IDN sites seem to
   do right. I got some failures at first when CHARSET wasn't set at all which
   confused libidn completely and it decided by encoding of choice was
   'ANSI_X3.4-1968'...
@@ -9115,7 +9115,7 @@ Daniel (25 April 2004)
 
   CURLRES_ARES - is defined if libcurl is built to use c-ares for asynchronous
   name resolves. It cannot have ENABLE_IPV6 defined at the same time, as
-  c-ares has no ipv6 support. This can be Windows or *nix.
+  c-ares has no IPv6 support. This can be Windows or *nix.
 
   CURLRES_THREADED - is defined if libcurl is built to run under (native)
   Windows, and then the name resolve will be done in a new thread, and the
@@ -9132,8 +9132,8 @@ Daniel (25 April 2004)
   hostsyn.c  - functions for synchronous name resolves
   hostares.c - functions for ares-using name resolves
   hostthre.c - functions for threaded name resolves
-  hostip4.c  - ipv4-specific functions
-  hostip6.c  - ipv6-specific functions
+  hostip4.c  - IPv4 specific functions
+  hostip6.c  - IPv6 specific functions
 
   The hostip.h is the single united header file for all this. It defines the
   CURLRES_* defines based on the config*.h and setup.h defines.
@@ -9225,7 +9225,7 @@ Daniel (15 April 2004)
   for the typical (not very deep) case.
 
 Daniel (14 April 2004)
-- Asking for CURL_IPRESOLVE_V6 when ipv6 addresses can't be resolved will
+- Asking for CURL_IPRESOLVE_V6 when IPv6 addresses can't be resolved will
   now cause the resolve function to return NULL immediately. This flaw was
   pointed out by Gisle Vanem.
 
@@ -9380,7 +9380,7 @@ Daniel (29 March 2004)
 - The postit2.c source example used the wrong struct name for the post data.
 
 Daniel (26 March 2004)
-- Gisle Vanem improved ipv6 support on windows by making the curl build to use
+- Gisle Vanem improved IPv6 support on Windows by making the curl build use
   the correct getaddrinfo() function.
 
 Daniel (25 March 2004)
@@ -9673,7 +9673,7 @@ Daniel (16 February 2004)
   and re-use that same handle during the entire curl handle's life-time. It
   improves performance.
 
-- Fixed a problem when displaying verbose for ipv6-enabled libcurls and
+- Fixed a problem when displaying verbose for IPv6-enabled libcurls and
   re-used connections. Problem reported and fix verified by Grigory Entin.
 
 - Jeff Lawson fixed the version-check in the SOCKS5 code.
@@ -9725,7 +9725,7 @@ Daniel (9 February 2004)
 
 - Tor Arntsen provided a patch that makes libcurl work-around a bug in the
   AIX5 implementation of getaddrinfo(). This makes the FTP PORT stuff work on
-  ipv6-enabled AIX builds.
+  IPv6-enabled AIX builds.
 
 - Ken Rastatter provided portability fixes for the curlgtk.c example, and now
   it runs on windows with GTK as well!
@@ -9754,7 +9754,7 @@ Daniel (5 February 2004)
   verifies this functionality.
 
 - Tor Arntsen fixed a weird getaddrinfo() usage in the FTP code, preventing
-  the ipv6-code for PORT work on AIX 5.2. We now also provide (better) error
+  the IPv6-code for PORT work on AIX 5.2. We now also provide (better) error
   messages when bailing out in the that function.
 
 - Tor Arntsen now provides AIX and IRIX (using gcc, xlc and the MIPSPro
@@ -10133,10 +10133,10 @@ Daniel (13 November)
   possibly other platforms too.
 
 - Peter Sylvester identified a problem in the connect code, which made the
-  multi interface on a ipv6-enabled solaris box do bad. Test case 504 to be
+  multi interface on a IPv6-enabled Solaris box do bad. Test case 504 to be
   specific. I've spent some time to clean-up the Curl_connecthost() function
-  now to use less duplicated code for the two different sections: ipv6 and
-  ipv4.
+  now to use less duplicated code for the two different sections: IPv6 and
+  IPv4.
 
 Daniel (11 November)
 - Added CURLOPT_NETRC_FILE. Use this to tell libcurl which file to use instead
@@ -10234,7 +10234,7 @@ Daniel (29 October)
 Daniel (28 October)
 - Dan C tracked down yet another weird behavior in the glibc gethostbyname_r()
   function for some specific versions (reported on 2.2.5 and 2.1.1), and
-  provided a fix. On Linux machines with these glibc versions, non-ipv6
+  provided a fix. On Linux machines with these glibc versions, non-IPv6
   builds of libcurl would often fail to resolve perfectly resolvable host
   names.
 
@@ -10353,7 +10353,7 @@ Version 7.10.8-pre3 (8 October 2003)
 
 Daniel (8 October)
 - Frank Ticheler provided a patch that fixes how libcurl connects to multiple
-  addresses, if one of them fails (ipv4-code).
+  addresses, if one of them fails (IPv4 code).
 
 Daniel (7 October)
 - Neil Dunbar provided a patch that now makes libcurl check SSL
@@ -11865,7 +11865,7 @@ Daniel (30 Sep 2002)
   updated the man page accordingly.
 
 - Cris Bailiff found out that the pre-releases crashed on name lookups on
-  names such as "a:" or "baz:" (on Linux versions not being ipv6-enabled) due
+  names such as "a:" or "baz:" (on Linux versions not being IPv6-enabled) due
   to some weird return codes from gethostbyname_r(). I'll blame the complete
   lack of docs in that department. Cris provided a fix, which I modified only
   slightly.
@@ -17598,7 +17598,7 @@ Version 4.8.4
  - As Julian Romero Nieto reported, curl reported wrong version number.
  - As Teemu Yli-Elsila pointed out, the win32 version of 4.8 (and probably all
    other versions for win32) didn't work with binary files since I'm too used
-   to the UNIX style fopen() where binary and text don't differ...
+   to the Unix style fopen() where binary and text don't differ...
  - Ralph Beckmann brought me some changes that lets curl compile error and
    warning free with -Wall -pedantic with g++. I also took the opportunity to
    clean off some unused variables and similar.
@@ -17851,7 +17851,7 @@ Version 2.7
    rewrite the former -l kludge in an external script that'll use urlget to
    fetch multipart files like that.
  - '-f' is introduced, it means Fail without output in case of HTTP server
-   errors (return code >=300).
+   errors (return code >=400).
  - Added support for -r, ranges. Specify which part of a document you
    want, and only that part is returned. Only with HTTP/1.1-servers.
  - Split up the source in 3 parts. Now all pure URL functions are in

CMake/FindGSS.cmake

@@ -155,7 +155,7 @@ message(STATUS "LDFLAGS: ${_GSS_LIB_FLAGS}")
                 set(GSS_FLAVOUR "MIT")
             else()
                 # prevent compiling the header - just check if we can include it
-                set(CMAKE_REQUIRED_DEFINITIONS "-D__ROKEN_H__")
+                set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -D__ROKEN_H__")
                 check_include_file( "roken.h" _GSS_HAVE_ROKEN_H)
 
                 check_include_file( "heimdal/roken.h" _GSS_HAVE_HEIMDAL_ROKEN_H)

CMake/Macros.cmake

@@ -1,18 +1,24 @@
 #File defines convenience macros for available feature testing
 
 # This macro checks if the symbol exists in the library and if it
-# does, it appends library to the list.
+# does, it prepends library to the list.  It is intended to be called
+# multiple times with a sequence of possibly dependent libraries in
+# order of least-to-most-dependent.  Some libraries depend on others
+# to link correctly.
 macro(CHECK_LIBRARY_EXISTS_CONCAT LIBRARY SYMBOL VARIABLE)
-  check_library_exists("${CURL_LIBS};${LIBRARY}" ${SYMBOL} "${CMAKE_LIBRARY_PATH}"
+  check_library_exists("${LIBRARY};${CURL_LIBS}" ${SYMBOL} "${CMAKE_LIBRARY_PATH}"
     ${VARIABLE})
   if(${VARIABLE})
-    list(APPEND CURL_LIBS ${LIBRARY})
+    set(CURL_LIBS ${LIBRARY} ${CURL_LIBS})
   endif(${VARIABLE})
 endmacro(CHECK_LIBRARY_EXISTS_CONCAT)
 
 # Check if header file exists and add it to the list.
+# This macro is intended to be called multiple times with a sequence of
+# possibly dependent header files.  Some headers depend on others to be
+# compiled correctly.
 macro(CHECK_INCLUDE_FILE_CONCAT FILE VARIABLE)
-  check_include_file("${FILE}" ${VARIABLE})
+  check_include_files("${CURL_INCLUDES};${FILE}" ${VARIABLE})
   if(${VARIABLE})
     set(CURL_INCLUDES ${CURL_INCLUDES} ${FILE})
     set(CURL_TEST_DEFINES "${CURL_TEST_DEFINES} -D${VARIABLE}")
@@ -21,7 +27,7 @@ endmacro(CHECK_INCLUDE_FILE_CONCAT)
 
 # For other curl specific tests, use this macro.
 macro(CURL_INTERNAL_TEST CURL_TEST)
-  if("${CURL_TEST}" MATCHES "^${CURL_TEST}$")
+  if(NOT DEFINED "${CURL_TEST}")
     set(MACRO_CHECK_FUNCTION_DEFINITIONS
       "-D${CURL_TEST} ${CURL_TEST_DEFINES} ${CMAKE_REQUIRED_FLAGS}")
     if(CMAKE_REQUIRED_LIBRARIES)
@@ -49,11 +55,11 @@ macro(CURL_INTERNAL_TEST CURL_TEST)
         "Performing Curl Test ${CURL_TEST} failed with the following output:\n"
         "${OUTPUT}\n")
     endif(${CURL_TEST})
-  endif("${CURL_TEST}" MATCHES "^${CURL_TEST}$")
+  endif()
 endmacro(CURL_INTERNAL_TEST)
 
 macro(CURL_INTERNAL_TEST_RUN CURL_TEST)
-  if("${CURL_TEST}_COMPILE" MATCHES "^${CURL_TEST}_COMPILE$")
+  if(NOT DEFINED "${CURL_TEST}_COMPILE")
     set(MACRO_CHECK_FUNCTION_DEFINITIONS
       "-D${CURL_TEST} ${CMAKE_REQUIRED_FLAGS}")
     if(CMAKE_REQUIRED_LIBRARIES)
@@ -85,5 +91,5 @@ macro(CURL_INTERNAL_TEST_RUN CURL_TEST)
       file(APPEND "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeError.log"
         "\n\n")
     endif(${CURL_TEST}_COMPILE AND NOT ${CURL_TEST})
-  endif("${CURL_TEST}_COMPILE" MATCHES "^${CURL_TEST}_COMPILE$")
+  endif()
 endmacro(CURL_INTERNAL_TEST_RUN)

CMake/Platforms/WindowsCache.cmake

@@ -5,6 +5,7 @@ if(NOT UNIX)
     set(HAVE_LIBSOCKET 0)
     set(NOT_NEED_LIBNSL 0)
     set(HAVE_LIBNSL 0)
+    set(HAVE_GETHOSTNAME 1)
     set(HAVE_LIBZ 0)
     set(HAVE_LIBCRYPTO 0)
 

CMakeLists.txt

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -74,12 +74,35 @@ include_directories( ${CURL_SOURCE_DIR}/include )
 option(BUILD_CURL_EXE "Set to ON to build cURL executable." ON)
 option(BUILD_CURL_TESTS "Set to ON to build cURL tests." ON)
 option(CURL_STATICLIB "Set to ON to build libcurl with static linking." OFF)
-option(CURL_USE_ARES "Set to ON to enable c-ares support" OFF)
+option(ENABLE_ARES "Set to ON to enable c-ares support" OFF)
+option(ENABLE_THREADED_RESOLVER "Set to ON to enable POSIX threaded DNS lookup" OFF)
+
+option(ENABLE_DEBUG "Set to ON to enable curl debug features" OFF)
+option(ENABLE_CURLDEBUG "Set to ON to build with TrackMemory feature enabled" OFF)
+
+if (ENABLE_DEBUG)
+  # DEBUGBUILD will be defined only for Debug builds
+  if(NOT CMAKE_VERSION VERSION_LESS 3.0)
+    set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS $<$<CONFIG:Debug>:DEBUGBUILD>)
+  else()
+    set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS_DEBUG DEBUGBUILD)
+  endif()
+  set(ENABLE_CURLDEBUG ON)
+endif()
+
+if (ENABLE_CURLDEBUG)
+  set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS CURLDEBUG)
+endif()
+
 # initialize CURL_LIBS
 set(CURL_LIBS "")
 
-if(CURL_USE_ARES)
-  set(USE_ARES ${CURL_USE_ARES})
+if(ENABLE_THREADED_RESOLVER AND ENABLE_ARES)
+  message(FATAL_ERROR "Options ENABLE_THREADED_RESOLVER and ENABLE_ARES are mutually exclusive")
+endif()
+
+if(ENABLE_ARES)
+  set(USE_ARES 1)
   find_package(CARES REQUIRED)
   list(APPEND CURL_LIBS ${CARES_LIBRARY} )
   set(CURL_LIBS ${CURL_LIBS} ${CARES_LIBRARY})
@@ -233,9 +256,22 @@ include (CheckCSourceCompiles)
 
 # On windows preload settings
 if(WIN32)
+  set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -D_WINSOCKAPI_")
   include(${CMAKE_CURRENT_SOURCE_DIR}/CMake/Platforms/WindowsCache.cmake)
 endif(WIN32)
 
+if(ENABLE_THREADED_RESOLVER)
+  check_include_file_concat("pthread.h" HAVE_PTHREAD_H)
+  if(HAVE_PTHREAD_H)
+    set(CMAKE_THREAD_PREFER_PTHREAD 1)
+    find_package(Threads)
+    if(CMAKE_USE_PTHREADS_INIT)
+      set(CURL_LIBS ${CURL_LIBS} ${CMAKE_THREAD_LIBS_INIT})
+      set(USE_THREADS_POSIX 1)
+    endif()
+  endif()
+endif()
+
 # Check for all needed libraries
 check_library_exists_concat("dl"     dlopen       HAVE_LIBDL)
 check_library_exists_concat("socket" connect      HAVE_LIBSOCKET)
@@ -252,6 +288,8 @@ if(NOT NOT_NEED_LIBNSL)
   check_library_exists_concat("nsl"    gethostbyname  HAVE_LIBNSL)
 endif(NOT NOT_NEED_LIBNSL)
 
+check_function_exists(gethostname HAVE_GETHOSTNAME)
+
 if(WIN32)
   check_library_exists_concat("ws2_32" getch        HAVE_LIBWS2_32)
   check_library_exists_concat("winmm"  getch        HAVE_LIBWINMM)
@@ -260,7 +298,6 @@ endif()
 option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ON)
 mark_as_advanced(CMAKE_USE_OPENSSL)
 
-set(USE_SSLEAY OFF)
 set(USE_OPENSSL OFF)
 set(HAVE_LIBCRYPTO OFF)
 set(HAVE_LIBSSL OFF)
@@ -269,32 +306,31 @@ if(CMAKE_USE_OPENSSL)
   find_package(OpenSSL)
   if(OPENSSL_FOUND)
     list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES})
-    set(USE_SSLEAY ON)
     set(USE_OPENSSL ON)
     set(HAVE_LIBCRYPTO ON)
     set(HAVE_LIBSSL ON)
     include_directories(${OPENSSL_INCLUDE_DIR})
     set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
-    check_include_file_concat("openssl/crypto.h" HAVE_OPENSSL_CRYPTO_H)
-    check_include_file_concat("openssl/engine.h" HAVE_OPENSSL_ENGINE_H)
-    check_include_file_concat("openssl/err.h"    HAVE_OPENSSL_ERR_H)
-    check_include_file_concat("openssl/pem.h"    HAVE_OPENSSL_PEM_H)
-    check_include_file_concat("openssl/pkcs12.h" HAVE_OPENSSL_PKCS12_H)
-    check_include_file_concat("openssl/rsa.h"    HAVE_OPENSSL_RSA_H)
-    check_include_file_concat("openssl/ssl.h"    HAVE_OPENSSL_SSL_H)
-    check_include_file_concat("openssl/x509.h"   HAVE_OPENSSL_X509_H)
-    check_include_file_concat("openssl/rand.h"   HAVE_OPENSSL_RAND_H)
+    check_include_file("openssl/crypto.h" HAVE_OPENSSL_CRYPTO_H)
+    check_include_file("openssl/engine.h" HAVE_OPENSSL_ENGINE_H)
+    check_include_file("openssl/err.h"    HAVE_OPENSSL_ERR_H)
+    check_include_file("openssl/pem.h"    HAVE_OPENSSL_PEM_H)
+    check_include_file("openssl/pkcs12.h" HAVE_OPENSSL_PKCS12_H)
+    check_include_file("openssl/rsa.h"    HAVE_OPENSSL_RSA_H)
+    check_include_file("openssl/ssl.h"    HAVE_OPENSSL_SSL_H)
+    check_include_file("openssl/x509.h"   HAVE_OPENSSL_X509_H)
+    check_include_file("openssl/rand.h"   HAVE_OPENSSL_RAND_H)
   endif()
 endif()
 
 if(NOT CURL_DISABLE_LDAP)
 
   if(WIN32)
-    option(CURL_LDAP_WIN "Use Windows LDAP implementation" ON)
-    if(CURL_LDAP_WIN)
+    option(USE_WIN32_LDAP "Use Windows LDAP implementation" ON)
+    if(USE_WIN32_LDAP)
       check_library_exists("wldap32" cldap_open "" HAVE_WLDAP32)
       if(NOT HAVE_WLDAP32)
-        set(CURL_LDAP_WIN OFF)
+        set(USE_WIN32_LDAP OFF)
       endif()
     endif()
   endif()
@@ -304,12 +340,12 @@ if(NOT CURL_DISABLE_LDAP)
   set(CMAKE_LDAP_LIB "ldap" CACHE STRING "Name or full path to ldap library")
   set(CMAKE_LBER_LIB "lber" CACHE STRING "Name or full path to lber library")
 
-  if(CMAKE_USE_OPENLDAP AND CURL_LDAP_WIN)
-    message(FATAL_ERROR "Cannot use CURL_LDAP_WIN and CMAKE_USE_OPENLDAP at the same time")
+  if(CMAKE_USE_OPENLDAP AND USE_WIN32_LDAP)
+    message(FATAL_ERROR "Cannot use USE_WIN32_LDAP and CMAKE_USE_OPENLDAP at the same time")
   endif()
   
   # Now that we know, we're not using windows LDAP...
-  if(NOT CURL_LDAP_WIN)
+  if(NOT USE_WIN32_LDAP)
     # Check for LDAP
     set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_LIBRARIES})
     check_library_exists_concat(${CMAKE_LDAP_LIB} ldap_init HAVE_LIBLDAP)
@@ -365,7 +401,7 @@ if(NOT CURL_DISABLE_LDAP)
         return 0;
       }"
     )
-    set(CMAKE_REQUIRED_DEFINITIONS "-DLDAP_DEPRECATED=1" "-DWIN32_LEAN_AND_MEAN")
+    set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -DLDAP_DEPRECATED=1")
     list(APPEND CMAKE_REQUIRED_LIBRARIES ${CMAKE_LDAP_LIB})
     if(HAVE_LIBLBER)
       list(APPEND CMAKE_REQUIRED_LIBRARIES ${CMAKE_LBER_LIB})
@@ -508,17 +544,23 @@ if(CMAKE_USE_GSSAPI)
   endif()
 endif()
 
+option(ENABLE_UNIX_SOCKETS "Define if you want Unix domain sockets support" ON)
+if(ENABLE_UNIX_SOCKETS)
+  include(CheckStructHasMember)
+  check_struct_has_member("struct sockaddr_un" sun_path "sys/un.h" USE_UNIX_SOCKETS)
+else()
+  unset(USE_UNIX_SOCKETS CACHE)
+endif()
+
 # Check for header files
-if(NOT UNIX)
-  check_include_file_concat("ws2tcpip.h"     HAVE_WS2TCPIP_H)
-  check_include_file_concat("winsock2.h"     HAVE_WINSOCK2_H)
-endif(NOT UNIX)
-check_include_file_concat("stdio.h"          HAVE_STDIO_H)
 if(NOT UNIX)
   check_include_file_concat("windows.h"      HAVE_WINDOWS_H)
   check_include_file_concat("winsock.h"      HAVE_WINSOCK_H)
+  check_include_file_concat("ws2tcpip.h"     HAVE_WS2TCPIP_H)
+  check_include_file_concat("winsock2.h"     HAVE_WINSOCK2_H)
 endif(NOT UNIX)
 
+check_include_file_concat("stdio.h"          HAVE_STDIO_H)
 check_include_file_concat("inttypes.h"       HAVE_INTTYPES_H)
 check_include_file_concat("sys/filio.h"      HAVE_SYS_FILIO_H)
 check_include_file_concat("sys/ioctl.h"      HAVE_SYS_IOCTL_H)
@@ -710,7 +752,6 @@ if(CMAKE_USE_OPENSSL)
     HAVE_CRYPTO_CLEANUP_ALL_EX_DATA)
   if(HAVE_LIBCRYPTO AND HAVE_LIBSSL)
     set(USE_OPENSSL 1)
-    set(USE_SSLEAY 1)
   endif(HAVE_LIBCRYPTO AND HAVE_LIBSSL)
 endif(CMAKE_USE_OPENSSL)
 check_symbol_exists(gmtime_r      "${CURL_INCLUDES}" HAVE_GMTIME_R)
@@ -1001,9 +1042,7 @@ _add_if("SSL"           SSL_ENABLED)
 _add_if("IPv6"          ENABLE_IPV6)
 _add_if("unix-sockets"  USE_UNIX_SOCKETS)
 _add_if("libz"          HAVE_LIBZ)
-find_package(Threads)
-# AsynchDNS depends or USE_ARES or pthreads (mutually exclusive)
-_add_if("AsynchDNS"     USE_ARES OR CMAKE_USE_PTHREADS_INIT)
+_add_if("AsynchDNS"     USE_ARES OR USE_THREADS_POSIX)
 _add_if("IDN"           HAVE_LIBIDN)
 # TODO SSP1 (WinSSL) check is missing
 _add_if("SSPI"          USE_WINDOWS_SSPI)
@@ -1011,13 +1050,15 @@ _add_if("GSS-API"       HAVE_GSS_API)
 # TODO SSP1 missing for SPNEGO
 _add_if("SPNEGO"        NOT CURL_DISABLE_CRYPTO_AUTH AND
                         (HAVE_GSS_API OR USE_WINDOWS_SSPI))
+_add_if("Kerberos"      NOT CURL_DISABLE_CRYPTO_AUTH AND
+                        (HAVE_GSS_API OR USE_WINDOWS_SSPI))
 # NTLM support requires crypto function adaptions from various SSL libs
 # TODO alternative SSL libs tests for SSP1, GNUTLS, NSS, DARWINSSL
-if(NOT CURL_DISABLE_HTTP AND NOT CURL_DISABLE_CRYPTO_AUTH AND (USE_OPENSSL OR
+if(NOT CURL_DISABLE_CRYPTO_AUTH AND (USE_OPENSSL OR
    USE_WINDOWS_SSPI OR GNUTLS_ENABLED OR NSS_ENABLED OR DARWINSSL_ENABLED))
   _add_if("NTLM"        1)
   # TODO missing option (autoconf: --enable-ntlm-wb)
-  _add_if("NTLM_WB"     NTLM_WB_ENABLED)
+  _add_if("NTLM_WB"     NOT CURL_DISABLE_HTTP AND NTLM_WB_ENABLED)
 endif()
 # TODO missing option (--enable-tls-srp), depends on GNUTLS_SRP/OPENSSL_SRP
 _add_if("TLS-SRP"       USE_TLS_SRP)

CONTRIBUTING.md

@@ -0,0 +1,27 @@
+How to contribute to curl
+=========================
+
+Join the community
+------------------
+
+ 1. Click 'watch' on the github repo
+
+ 2. Subscribe to the suitable [mailing lists](http://curl.haxx.se/mail/)
+
+Read [docs/CONTRIBUTE](docs/CONTRIBUTE)
+---------------------------------------
+
+Send your suggestions using one of these methods:
+-------------------------------------------------
+
+ 1. in a mail to the mailing list
+
+ 2. in the [bug tracker](https://sourceforge.net/p/curl/bugs/)
+
+ 3. as a pull request on github
+
+ 4. as an issue on github
+   
+
+/ The cURL team!
+

COPYING

@@ -1,6 +1,6 @@
 COPYRIGHT AND PERMISSION NOTICE
 
-Copyright (c) 1996 - 2014, Daniel Stenberg, <daniel@haxx.se>.
+Copyright (c) 1996 - 2015, Daniel Stenberg, <daniel@haxx.se>.
 
 All rights reserved.
 

MacOSX-Framework

@@ -94,7 +94,7 @@ if test ! -z $SDK32; then
   rm -r libcurl.framework
   mkdir -p libcurl.framework/${FRAMEWORK_VERSION}/Resources
   cp lib/.libs/libcurl.dylib libcurl.framework/${FRAMEWORK_VERSION}/libcurl
-  install_name_tool -id @executable_path/../Frameworks/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl
+  install_name_tool -id @rpath/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl
   /usr/bin/sed -e "s/7\.12\.3/$VERSION/" lib/libcurl.plist >libcurl.framework/${FRAMEWORK_VERSION}/Resources/Info.plist
   mkdir -p libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl
   cp include/curl/*.h libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl
@@ -121,7 +121,7 @@ if test ! -z $SDK32; then
 
     echo "----Appending 64 bit framework to 32 bit framework..."
     cp lib/.libs/libcurl.dylib libcurl.framework/${FRAMEWORK_VERSION}/libcurl64
-    install_name_tool -id @executable_path/../Frameworks/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl64
+    install_name_tool -id @rpath/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl64
     cp libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl32
     pwd
     lipo libcurl.framework/${FRAMEWORK_VERSION}/libcurl32 libcurl.framework/${FRAMEWORK_VERSION}/libcurl64 -create -output libcurl.framework/${FRAMEWORK_VERSION}/libcurl

Makefile.am

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -30,88 +30,88 @@ CMAKE_DIST = CMakeLists.txt CMake/CMakeConfigurableFile.in	\
  include/curl/curlbuild.h.cmake CMake/Macros.cmake
 
 VC6_LIBTMPL = projects/Windows/VC6/lib/libcurl.tmpl
-VC6_LIBDSP = projects/Windows/VC6/lib/libcurl.dsp
+VC6_LIBDSP = projects/Windows/VC6/lib/libcurl.dsp.dist
 VC6_LIBDSP_DEPS = $(VC6_LIBTMPL) Makefile.am lib/Makefile.inc
 VC6_SRCTMPL = projects/Windows/VC6/src/curlsrc.tmpl
-VC6_SRCDSP = projects/Windows/VC6/src/curlsrc.dsp
+VC6_SRCDSP = projects/Windows/VC6/src/curlsrc.dsp.dist
 VC6_SRCDSP_DEPS = $(VC6_SRCTMPL) Makefile.am src/Makefile.inc
 
 VC7_LIBTMPL = projects/Windows/VC7/lib/libcurl.tmpl
-VC7_LIBVCPROJ = projects/Windows/VC7/lib/libcurl.vcproj
+VC7_LIBVCPROJ = projects/Windows/VC7/lib/libcurl.vcproj.dist
 VC7_LIBVCPROJ_DEPS = $(VC7_LIBTMPL) Makefile.am lib/Makefile.inc
 VC7_SRCTMPL = projects/Windows/VC7/src/curlsrc.tmpl
-VC7_SRCVCPROJ = projects/Windows/VC7/src/curlsrc.vcproj
+VC7_SRCVCPROJ = projects/Windows/VC7/src/curlsrc.vcproj.dist
 VC7_SRCVCPROJ_DEPS = $(VC7_SRCTMPL) Makefile.am src/Makefile.inc
 
 VC71_LIBTMPL = projects/Windows/VC7.1/lib/libcurl.tmpl
-VC71_LIBVCPROJ = projects/Windows/VC7.1/lib/libcurl.vcproj
+VC71_LIBVCPROJ = projects/Windows/VC7.1/lib/libcurl.vcproj.dist
 VC71_LIBVCPROJ_DEPS = $(VC71_LIBTMPL) Makefile.am lib/Makefile.inc
 VC71_SRCTMPL = projects/Windows/VC7.1/src/curlsrc.tmpl
-VC71_SRCVCPROJ = projects/Windows/VC7.1/src/curlsrc.vcproj
+VC71_SRCVCPROJ = projects/Windows/VC7.1/src/curlsrc.vcproj.dist
 VC71_SRCVCPROJ_DEPS = $(VC71_SRCTMPL) Makefile.am src/Makefile.inc
 
 VC8_LIBTMPL = projects/Windows/VC8/lib/libcurl.tmpl
-VC8_LIBVCPROJ = projects/Windows/VC8/lib/libcurl.vcproj
+VC8_LIBVCPROJ = projects/Windows/VC8/lib/libcurl.vcproj.dist
 VC8_LIBVCPROJ_DEPS = $(VC8_LIBTMPL) Makefile.am lib/Makefile.inc
 VC8_SRCTMPL = projects/Windows/VC8/src/curlsrc.tmpl
-VC8_SRCVCPROJ = projects/Windows/VC8/src/curlsrc.vcproj
+VC8_SRCVCPROJ = projects/Windows/VC8/src/curlsrc.vcproj.dist
 VC8_SRCVCPROJ_DEPS = $(VC8_SRCTMPL) Makefile.am src/Makefile.inc
 
 VC9_LIBTMPL = projects/Windows/VC9/lib/libcurl.tmpl
-VC9_LIBVCPROJ = projects/Windows/VC9/lib/libcurl.vcproj
+VC9_LIBVCPROJ = projects/Windows/VC9/lib/libcurl.vcproj.dist
 VC9_LIBVCPROJ_DEPS = $(VC9_LIBTMPL) Makefile.am lib/Makefile.inc
 VC9_SRCTMPL = projects/Windows/VC9/src/curlsrc.tmpl
-VC9_SRCVCPROJ = projects/Windows/VC9/src/curlsrc.vcproj
+VC9_SRCVCPROJ = projects/Windows/VC9/src/curlsrc.vcproj.dist
 VC9_SRCVCPROJ_DEPS = $(VC9_SRCTMPL) Makefile.am src/Makefile.inc
 
 VC10_LIBTMPL = projects/Windows/VC10/lib/libcurl.tmpl
-VC10_LIBVCXPROJ = projects/Windows/VC10/lib/libcurl.vcxproj
+VC10_LIBVCXPROJ = projects/Windows/VC10/lib/libcurl.vcxproj.dist
 VC10_LIBVCXPROJ_DEPS = $(VC10_LIBTMPL) Makefile.am lib/Makefile.inc
 VC10_SRCTMPL = projects/Windows/VC10/src/curlsrc.tmpl
-VC10_SRCVCXPROJ = projects/Windows/VC10/src/curlsrc.vcxproj
+VC10_SRCVCXPROJ = projects/Windows/VC10/src/curlsrc.vcxproj.dist
 VC10_SRCVCXPROJ_DEPS = $(VC10_SRCTMPL) Makefile.am src/Makefile.inc
 
 VC11_LIBTMPL = projects/Windows/VC11/lib/libcurl.tmpl
-VC11_LIBVCXPROJ = projects/Windows/VC11/lib/libcurl.vcxproj
+VC11_LIBVCXPROJ = projects/Windows/VC11/lib/libcurl.vcxproj.dist
 VC11_LIBVCXPROJ_DEPS = $(VC11_LIBTMPL) Makefile.am lib/Makefile.inc
 VC11_SRCTMPL = projects/Windows/VC11/src/curlsrc.tmpl
-VC11_SRCVCXPROJ = projects/Windows/VC11/src/curlsrc.vcxproj
+VC11_SRCVCXPROJ = projects/Windows/VC11/src/curlsrc.vcxproj.dist
 VC11_SRCVCXPROJ_DEPS = $(VC11_SRCTMPL) Makefile.am src/Makefile.inc
 
 VC12_LIBTMPL = projects/Windows/VC12/lib/libcurl.tmpl
-VC12_LIBVCXPROJ = projects/Windows/VC12/lib/libcurl.vcxproj
+VC12_LIBVCXPROJ = projects/Windows/VC12/lib/libcurl.vcxproj.dist
 VC12_LIBVCXPROJ_DEPS = $(VC12_LIBTMPL) Makefile.am lib/Makefile.inc
 VC12_SRCTMPL = projects/Windows/VC12/src/curlsrc.tmpl
-VC12_SRCVCXPROJ = projects/Windows/VC12/src/curlsrc.vcxproj
+VC12_SRCVCXPROJ = projects/Windows/VC12/src/curlsrc.vcxproj.dist
 VC12_SRCVCXPROJ_DEPS = $(VC12_SRCTMPL) Makefile.am src/Makefile.inc
 
 VC_DIST = projects/README	\
  projects/build-openssl.bat	\
  projects/checksrc.bat	\
- projects/Windows/VC6/curl.dsw	\
- projects/Windows/VC6/lib/libcurl.dsw $(VC6_LIBDSP)	\
- projects/Windows/VC6/src/curlsrc.dsw $(VC6_SRCDSP)	\
- projects/Windows/VC7/curl.sln	\
- projects/Windows/VC7/lib/libcurl.sln $(VC7_LIBVCPROJ)	\
- projects/Windows/VC7/src/curlsrc.sln $(VC7_SRCVCPROJ)	\
- projects/Windows/VC7.1/curl.sln	\
- projects/Windows/VC7.1/lib/libcurl.sln $(VC71_LIBVCPROJ)	\
- projects/Windows/VC7.1/src/curlsrc.sln $(VC71_SRCVCPROJ)	\
- projects/Windows/VC8/curl.sln	\
- projects/Windows/VC8/lib/libcurl.sln $(VC8_LIBVCPROJ)	\
- projects/Windows/VC8/src/curlsrc.sln $(VC8_SRCVCPROJ)	\
- projects/Windows/VC9/curl.sln	\
- projects/Windows/VC9/lib/libcurl.sln $(VC9_LIBVCPROJ)	\
- projects/Windows/VC9/src/curlsrc.sln $(VC9_SRCVCPROJ)	\
- projects/Windows/VC10/curl.sln	\
- projects/Windows/VC10/lib/libcurl.sln $(VC10_LIBVCXPROJ)	\
- projects/Windows/VC10/src/curlsrc.sln $(VC10_SRCVCXPROJ)	\
- projects/Windows/VC11/curl.sln	\
- projects/Windows/VC11/lib/libcurl.sln $(VC11_LIBVCXPROJ)	\
- projects/Windows/VC11/src/curlsrc.sln $(VC11_SRCVCXPROJ)	\
- projects/Windows/VC12/curl.sln	\
- projects/Windows/VC12/lib/libcurl.sln $(VC12_LIBVCXPROJ)	\
- projects/Windows/VC12/src/curlsrc.sln $(VC12_SRCVCXPROJ)
+ projects/Windows/VC6/curl-all.dsw	\
+ projects/Windows/VC6/lib/libcurl.dsw \
+ projects/Windows/VC6/src/curlsrc.dsw \
+ projects/Windows/VC7/curl-all.sln	\
+ projects/Windows/VC7/lib/libcurl.sln 	\
+ projects/Windows/VC7/src/curlsrc.sln 	\
+ projects/Windows/VC7.1/curl-all.sln	\
+ projects/Windows/VC7.1/lib/libcurl.sln \
+ projects/Windows/VC7.1/src/curlsrc.sln \
+ projects/Windows/VC8/curl-all.sln	\
+ projects/Windows/VC8/lib/libcurl.sln 	\
+ projects/Windows/VC8/src/curlsrc.sln 	\
+ projects/Windows/VC9/curl-all.sln	\
+ projects/Windows/VC9/lib/libcurl.sln 	\
+ projects/Windows/VC9/src/curlsrc.sln 	\
+ projects/Windows/VC10/curl-all.sln	\
+ projects/Windows/VC10/lib/libcurl.sln 	\
+ projects/Windows/VC10/src/curlsrc.sln  \
+ projects/Windows/VC11/curl-all.sln	\
+ projects/Windows/VC11/lib/libcurl.sln 	\
+ projects/Windows/VC11/src/curlsrc.sln 	\
+ projects/Windows/VC12/curl-all.sln	\
+ projects/Windows/VC12/lib/libcurl.sln 	\
+ projects/Windows/VC12/src/curlsrc.sln
 
 WINBUILD_DIST = winbuild/BUILD.WINDOWS.txt winbuild/gen_resp_file.bat	\
  winbuild/MakefileBuild.vc winbuild/Makefile.vc				\
@@ -153,7 +153,7 @@ html:
 pdf:
 	cd docs; make pdf
 
-check: test examples
+check: test examples check-docs
 
 if CROSSCOMPILING
 test-full: test
@@ -181,6 +181,9 @@ endif
 examples:
 	@(cd docs/examples; $(MAKE) check)
 
+check-docs:
+	@(cd docs/libcurl; $(MAKE) check)
+
 # This is a hook to have 'make clean' also clean up the docs and the tests
 # dir. The extra check for the Makefiles being present is necessary because
 # 'make distcheck' will make clean first in these directories _before_ it runs

Makefile.dist

@@ -130,6 +130,42 @@ vc-x64: $(VC)
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release
 
+vc-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release WINDOWS_SSPI=1
+
+vc-x64-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release WINDOWS_SSPI=1
+
+vc-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release USE_IDN=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release USE_IDN=1
+
+vc-x64-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1
+
+vc-idn-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release USE_IDN=1 WINDOWS_SSPI=1
+
+vc-x64-idn-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1 WINDOWS_SSPI=1
+
 vc-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-zlib
@@ -142,29 +178,89 @@ vc-x64-zlib: $(VC)
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib
 
+vc-zlib-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-zlib WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-zlib WINDOWS_SSPI=1
+
+vc-x64-zlib-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib WINDOWS_SSPI=1
+
+vc-zlib-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1
+
+vc-x64-zlib-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1
+
+vc-zlib-idn-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1 WINDOWS_SSPI=1
+
+vc-x64-zlib-idn-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1 WINDOWS_SSPI=1
+
 vc-ssl: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl
 
-vc-winssl: $(VC)
-	cd lib
-	nmake /f Makefile.$(VC) cfg=release-winssl WINDOWS_SSPI=1
-	cd ..\src
-	nmake /f Makefile.$(VC) cfg=release-winssl WINDOWS_SSPI=1
-
 vc-x64-ssl: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl
 
-vc-x64-winssl: $(VC)
+vc-ssl-sspi: $(VC)
 	cd lib
-	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl WINDOWS_SSPI=1
+	nmake /f Makefile.$(VC) cfg=release-ssl WINDOWS_SSPI=1
 	cd ..\src
-	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl WINDOWS_SSPI=1
+	nmake /f Makefile.$(VC) cfg=release-ssl WINDOWS_SSPI=1
+
+vc-x64-ssl-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl WINDOWS_SSPI=1
+
+vc-ssl-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1
+
+vc-x64-ssl-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1
+
+vc-ssl-idn-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1 WINDOWS_SSPI=1
+
+vc-x64-ssl-idn-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1 WINDOWS_SSPI=1
 
 vc-ssl-zlib: $(VC)
 	cd lib
@@ -172,35 +268,143 @@ vc-ssl-zlib: $(VC)
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib
 
-vc-ssl-ssh2-zlib: $(VC)
-	cd lib
-	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib
-	cd ..\src
-	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib
-
-vc-winssl-zlib: $(VC)
-	cd lib
-	nmake /f Makefile.$(VC) cfg=release-winssl-zlib
-	cd ..\src
-	nmake /f Makefile.$(VC) cfg=release-winssl-zlib
-
 vc-x64-ssl-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib
 
+vc-ssl-zlib-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-ssl-zlib WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-ssl-zlib WINDOWS_SSPI=1
+
+vc-x64-ssl-zlib-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib WINDOWS_SSPI=1
+
+vc-ssl-zlib-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1
+
+vc-x64-ssl-zlib-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1
+
+vc-ssl-zlib-idn-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1 WINDOWS_SSPI=1
+
+vc-x64-ssl-zlib-idn-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1 WINDOWS_SSPI=1
+
+vc-ssl-ssh2-zlib: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib
+
 vc-x64-ssl-ssh2-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib
 
+vc-ssl-ssh2-zlib-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib WINDOWS_SSPI=1
+
+vc-x64-ssl-ssh2-zlib-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib WINDOWS_SSPI=1
+
+vc-ssl-ssh2-zlib-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1
+
+vc-x64-ssl-ssh2-zlib-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1
+
+vc-ssl-ssh2-zlib-idn-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1 WINDOWS_SSPI=1
+
+vc-x64-ssl-ssh2-zlib-idn-sspi: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1 WINDOWS_SSPI=1
+
+vc-winssl: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-winssl WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-winssl WINDOWS_SSPI=1
+
+vc-x64-winssl: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl WINDOWS_SSPI=1
+
+vc-winssl-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-winssl USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-winssl USE_IDN=1 WINDOWS_SSPI=1
+
+vc-x64-winssl-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl USE_IDN=1 WINDOWS_SSPI=1
+
+vc-winssl-zlib: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-winssl-zlib WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-winssl-zlib WINDOWS_SSPI=1
+
 vc-x64-winssl-zlib: $(VC)
 	cd lib
-	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib WINDOWS_SSPI=1
 	cd ..\src
-	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib WINDOWS_SSPI=1
+
+vc-winssl-zlib-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) cfg=release-winssl-zlib USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) cfg=release-winssl-zlib USE_IDN=1 WINDOWS_SSPI=1
+
+vc-x64-winssl-zlib-idn: $(VC)
+	cd lib
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib USE_IDN=1 WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib USE_IDN=1 WINDOWS_SSPI=1
 
 vc-ssl-dll: $(VC)
 	cd lib
@@ -244,12 +448,6 @@ vc-zlib-dll: $(VC)
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-zlib-dll
 
-vc-sspi: $(VC)
-	cd lib
-	nmake /f Makefile.$(VC) cfg=release WINDOWS_SSPI=1
-	cd ..\src
-	nmake /f Makefile.$(VC) cfg=release WINDOWS_SSPI=1
-
 djgpp:
 	$(MAKE) -C lib -f Makefile.dj
 	$(MAKE) -C src -f Makefile.dj

RELEASE-NOTES

@@ -1,88 +1,141 @@
-Curl and libcurl 7.39.0
+Curl and libcurl 7.42.0
 
- Public curl releases:         142
- Command line options:         162
- curl_easy_setopt() options:   208
+ Public curl releases:         145
+ Command line options:         173
+ curl_easy_setopt() options:   216
  Public functions in libcurl:  58
- Contributors:                 1216
+ Contributors:                 1265
 
 This release includes the following changes:
 
- o SSLv3 is disabled by default
- o CURLOPT_COOKIELIST: Added "RELOAD" command [5]
- o build: Added WinIDN build configuration options to Visual Studio projects
- o ssh: improve key file search
- o SSL: public key pinning. Use CURLOPT_PINNEDPUBLICKEY and --pinnedpubkey
- o vtls: remove QsoSSL support, use gskit!
- o mk-ca-bundle: added SHA-384 signature algorithm
- o docs: added many examples for libcurl opts and other doc improvements
- o build: Added VC ssh2 target to main Makefile
- o MinGW: Added support to build with nghttp2
- o NetWare: Added support to build with nghttp2
- o build: added Watcom support to build with WinSSL
- o build: Added optional specific version generation of VC project files
+ o openssl: show the cipher selection to use in verbose text
+ o gtls: implement CURLOPT_CERTINFO
+ o add CURLOPT_SSL_FALSESTART option (darwinssl and NSS)
+ o curl: add --false-start option
+ o add CURLOPT_PATH_AS_IS
+ o curl: add --path-as-is option
+ o curl: create output file on successful download of an empty file [21]
 
 This release includes the following bugfixes:
 
- o curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds [9]
- o openssl: build fix for versions < 0.9.8e [1]
- o newlines: fix mixed newlines to LF-only [2]
- o ntlm: Fixed HTTP proxy authentication when using Windows SSPI [3]
- o sasl_sspi: Fixed Unicode build [4]
- o file: reject paths using embedded %00
- o threaded-resolver: revert Curl_expire_latest() switch [6]
- o configure: allow --with-ca-path with PolarSSL too
- o HTTP/2: Fix busy loop when EOF is encountered
- o CURLOPT_CAPATH: return failure if set without backend support
- o nss: do not fail if a CRL is already cached
- o smtp: Fixed intermittent "SSL3_WRITE_PENDING: bad write retry" error
- o fixed 20+ nits/memory leaks identified by Coverity scans
- o curl_schannel.c: Fixed possible memory or handle leak
- o multi-uv.c: call curl_multi_info_read() better
- o Cmake: Check for OpenSSL before OpenLDAP
- o Cmake: Fix library list provided to cURL tests
- o Cmake: Avoid cycle directory dependencies
- o Cmake: Build with GSS-API libraries (MIT or Heimdal)
- o vtls: provide backend defines for internal source code
- o nss: fix a connection failure when FTPS handle is reused
- o tests/http_pipe.py: Python 3 support
- o cmake: build tool_hugehelp (ENABLE_MANUAL)
- o cmake: enable IPv6 by default if available
- o tests: move TESTCASES to Makefile.inc, add show for cmake
- o ntlm: Avoid unnecessary buffer allocation for SSPI based type-2 token
- o ntlm: Fixed empty/bad base-64 decoded buffer return codes
- o ntlm: Fixed empty type-2 decoded message info text
- o cmake: add CMake/Macros.cmake to the release tarball
- o cmake: add SUPPORT_FEATURES and SUPPORT_PROTOCOLS
- o cmake: use LIBCURL_VERSION from curlver.h
- o cmake: generate pkg-config and curl-config
- o fixed several superfluous variable assignements identified by cppcheck
- o cleanup of 'CURLcode result' return code
- o pipelining: only output "is not blacklisted" in debug builds
- o SSL: Remove SSLv3 from SSL default due to POODLE attack
- o gskit.c: remove SSLv3 from SSL default
- o darwinssl: detect possible future removal of SSLv3 from the framework
- o ntlm: Only define ntlm data structure when USE_NTLM is defined
- o ntlm: Return CURLcode from Curl_ntlm_core_mk_lm_hash()
- o ntlm: Return all errors from Curl_ntlm_core_mk_nt_hash()
- o sspi: Only call CompleteAuthToken() when complete is needed
- o http_negotiate: Fixed missing check for USE_SPNEGO
- o HTTP: return larger than 3 digit response codes too [7]
- o openssl: Check for NPN / ALPN via OpenSSL version number
- o openssl: enable NPN separately from ALPN
- o sasl_sspi: Allow DIGEST-MD5 to use current windows credentials
- o sspi: Return CURLE_LOGIN_DENIED on AcquireCredentialsHandle() failure
- o resume: consider a resume from [content-length] to be OK [8]
- o sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is used
- o build-openssl.bat: Fix x64 release build
- o cmake: drop _BSD_SOURCE macro usage
- o cmake: fix gethostby{addr,name}_r in CurlTests
- o cmake: clean OtherTests, fixing -Werror
- o cmake: fix struct sockaddr_storage check
- o Curl_single_getsock: fix hold/pause sock handling
- o SSL: PolarSSL default min SSL version TLS 1.0
- o cmake: fix ZLIB_INCLUDE_DIRS use [10]
- o buildconf: stop checking for libtool
+ o ConnectionExists: for NTLM re-use, require credentials to match [26]
+ o cookie: cookie parser out of boundary memory access [27]
+ o fix_hostname: zero length host name caused -1 index offset [28]
+ o http_done: close Negotiate connections when done [29]
+ o sws: timeout idle CONNECT connections
+ o nss: improve error handling in Curl_nss_random()
+ o nss: do not skip Curl_nss_seed() if data is NULL
+ o curl-config.in: eliminate double quotes around CURL_CA_BUNDLE
+ o http2: move lots of verbose output to be debug-only
+ o dist: add extern-scan.pl to the tarball
+ o http2: return recv error on unexpected EOF [1]
+ o build: Use default RandomizedBaseAddress directive in VC9+ project files
+ o build: Removed DataExecutionPrevention directive from VC9+ project files
+ o tool: Updated the warnf() function to use the GlobalConfig structure
+ o http2: Return error if stream was closed with other than NO_ERROR
+ o mprintf.h: remove #ifdef CURLDEBUG
+ o libtest: fixed linker errors on msvc [6]
+ o tool: use ENABLE_CURLX_PRINTF instead of _MPRINTF_REPLACE
+ o curl.1: fix "The the" typo
+ o cmake: handle build definitions CURLDEBUG/DEBUGBUILD
+ o openssl: remove all uses of USE_SSLEAY
+ o multi: fix memory-leak on timeout (regression) [4]
+ o curl_easy_setopt.3: added CURLOPT_SSL_VERIFYSTATUS
+ o metalink: add some error checks [3]
+ o TLS: make it possible to enable ALPN/NPN without HTTP/2
+ o http2: use CURL_HTTP_VERSION_* symbols instead of NPN_*
+ o conncontrol: only log changes to the connection bit
+ o multi: fix *getsock() with CONNECT [2]
+ o symbols.pl: handle '-' in the deprecated field [5]
+ o MacOSX-Framework: use @rpath instead of @executable_path [7]
+ o GnuTLS: add support for CURLOPT_CAPATH
+ o GnuTLS: print negotiated TLS version and full cipher suite name
+ o GnuTLS: don't print double newline after certificate dates
+ o memanalyze.pl: handle free(NULL)
+ o proxy: re-use proxy connections (regression) [8]
+ o mk-ca-bundle: Don't report SHA1 numbers with "-q"
+ o http: always send Host: header as first header [9]
+ o openssl: sort ciphers to use based on strength [10]
+ o openssl: use colons properly in the ciphers list
+ o http2: detect premature close without data transfered [11]
+ o hostip: Fix signal race in Curl_resolv_timeout
+ o closesocket: call multi socket cb on close even with custom close [12]
+ o mksymbolsmanpage.pl: use std header and generate better nroff header
+ o connect: Fix happy eyeballs logic for IPv4-only builds [13]
+ o curl_easy_perform.3: remove superfluous close brace from example
+ o HTTP: don't use Expect: headers when on HTTP/2 [14]
+ o Curl_sh_entry: remove unused 'timestamp'
+ o docs/libcurl: makefile portability fix
+ o mkhelp: Remove trailing carriage return from every line of input
+ o nss: explicitly tell NSS to disable NPN/ALPN when libcurl disables it
+ o curl_easy_setopt.3: added a few missing options
+ o metalink: fix resource leak in OOM
+ o axtls: version 1.5.2 now requires that config.h be manually included
+ o HTTP: don't switch to HTTP/2 from 1.1 until we get the 101
+ o cyassl: detect the library as renamed wolfssl
+ o CURLOPT_HTTPHEADER.3: add a "SECURITY CONCERNS" section
+ o CURLOPT_URL.3: Added "SECURITY CONCERNS
+ o openssl: try to avoid accessing OCSP structs when possible
+ o test938: added missing closing tags
+ o testcurl: Allow '=' in values given on command line
+ o tests/certs: added make target to rebuild certificates
+ o tests/certs: rebuild certificates with modified key usage bits
+ o gtls: avoid uninitialized variable
+ o gtls: dereferencing NULL pointer
+ o gtls: add check of return code
+ o test1513: eliminated race condition in test run
+ o dict: rename byte to avoid compiler shadowed declaration warning
+ o curl_easy_recv/send: make them work with the multi interface
+ o vtls: fix compile with --disable-crypto-auth but with SSL
+ o openssl: adapt to ASN1/X509 things gone opaque in 1.1
+ o openssl: verifystatus: only use the OCSP work-around <= 1.0.2a [15]
+ o curl_memory: make curl_memory.h the second-last header file loaded
+ o testcurl.pl: add the --notes option to supply more info about a build
+ o cyassl: If wolfSSL then identify as such in version string
+ o cyassl: Check for invalid length parameter in Curl_cyassl_random
+ o cyassl: default to highest possible TLS version
+ o Curl_ssl_md5sum: return CURLcode (fixes OOM)
+ o polarssl: remove dead code
+ o polarssl: called mbedTLS in 1.3.10 and later
+ o globbing: fix step parsing for character globbing ranges
+ o globbing: fix url number calculation when using range with step
+ o multi: on a request completion, check all CONNECT_PEND transfers [16]
+ o build: link curl to openssl libraries when openssl support is enabled
+ o url: Don't accept CURLOPT_SSLVERSION unless USE_SSL is defined
+ o vtls: Don't accept unknown CURLOPT_SSLVERSION values
+ o build: Fix libcurl.sln erroneous mixed configurations
+ o cyassl: remove undefined reference to CyaSSL_no_filesystem_verify
+ o cyassl: add SSL context callback support for CyaSSL
+ o tool: only set SSL options if SSL is enabled
+ o multi: remove_handle: move pending connections [17]
+ o configure: Use KRB5CONFIG for krb5-config [18]
+ o axtls: add timeout within Curl_axtls_connect
+ o CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200"
+ o cyassl: Fix library initialization return value
+ o cookie: handle spaces after the name in Set-Cookie [19]
+ o http2: Fix missing nghttp2_session_send call in Curl_http2_switched [20]
+ o cyassl: Fix certificate load check
+ o build-openssl.bat: Fix mixed line endings
+ o checksrc.bat: Check lib\vtls source
+ o DNS: fix refreshing of obsolete dns cache entries
+ o CURLOPT_RESOLVE: actually implement removals
+ o checksrc.bat: quotes to support an SRC_DIR with spaces
+ o cyassl: Remove 'Connecting to' message from cyassl_connect_step2
+ o cyassl: Use CYASSL_MAX_ERROR_SZ for error buffer size
+ o lib/transfer.c: Remove factor of 8 from sleep time calculation
+ o lib/makefile.m32: add missing libs to build libcurl.dll
+ o build: Generate source prerequisites for Visual Studio in generate.bat
+ o cyassl: Include the CyaSSL build config
+ o firefox-db2pem: fix wildcard to find Firefox default profile
+ o BUGS: refer to the github issue tracker now as primary
+ o vtls_openssl: improve several certificate error messages
+ o cyassl: Add support for TLS extension SNI
+ o parsecfg: do not continue past a zero termination
+ o configure --with-nss=PATH: query pkg-config if available [22]
+ o configure --with-nss: drop redundant if statement
+ o cyassl: Fix include order [23]
+ o HTTP: fix PUT regression with Negotiate [24]
+ o curl_version_info.3: fixed the 'protocols' variable type [25]
 
 This release includes the following known bugs:
 
@@ -91,26 +144,49 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Askar Safin, Balaji Salunke, Bill Nagel, Bruno Thomsen, Carlo Wood,
-  Catalin Patulea, Dan Fandrich, Daniel Stenberg, Dimitar Boevski, Fabian Keil,
-  Guenter Knauf, Jakub Zakrzewski, Jeremy Lin, Jonathan Cardoso Machado,
-  Kamil Dudka, K. R. Walker, Luan Cestari, Lucas Pardue, Marcel Raad,
-  Marc Hoersken, Michael Wallner, Nick Zitzmann, Patrick Monnerat,
-  Paul Howarth, Peter Wu, Ray Satiro, Steve Holme, Symeon Paraschoudis,
-  Tatsuhiro Tsujikawa, Ulrich Telle, Viktor Szakáts, Waldek Kozba,
-  Yousuke Kimoto,
+  Alessandro Ghedini, Alexander Pepper, Ben Darnell, Brad King,
+  Charles Romestant, Christian Weisgerber, Dagobert Michelsen, Dan Fandrich,
+  Daniel Stenberg, Da-Yoon Chung, Emil Lerner, Fabian Keil, Frank Gevaerts,
+  Frank Meier, Hanno Böck, Isaac Boukris, Jeroen Ooms, Jiri Dvorak,
+  John Marshall, Jonathan Cardoso Machado, Jon Seymour, Kamil Dudka,
+  Kyle L. Huff, Markus Elfring, Matthew Hall, Michael Osipov,
+  Michael Stapelberg, Michel Promonet, Mostyn Bramley-Moore, Nick Zitzmann,
+  Paras Sethia, Patrick Monnerat, Paul Howarth, Peter Laser, Rainer Canavan,
+  Ray Satiro, Richard Moore, Sergei Nikulov, Stefan Bühler, Stefan Eissing,
+  Steve Havelka, Steve Holme, Tatsuhiro Tsujikawa, Thomas Ruecker,
+  Tobias Stoeckmann, Viktor Szakáts, Yamada Yasuharu,
+  (47 contributors)
 
         Thanks! (and sorry if I forgot to mention someone)
 
 References to bug reports and discussions on issues:
 
- [1] = http://curl.haxx.se/mail/lib-2014-09/0064.html
- [2] = http://curl.haxx.se/mail/lib-2014-09/0075.html
- [3] = http://curl.haxx.se/mail/lib-2014-08/0273.html
- [4] = http://curl.haxx.se/bug/view.cgi?id=1422
- [5] = http://curl.haxx.se/libcurl/c/CURLOPT_COOKIELIST.html
- [6] = http://curl.haxx.se/bug/view.cgi?id=1426
- [7] = http://curl.haxx.se/bug/view.cgi?id=1441
- [8] = http://curl.haxx.se/bug/view.cgi?id=1443
- [9] = http://curl.haxx.se/docs/adv_20141105.html
- [10] = https://github.com/bagder/curl/pull/123
+ [1] = http://curl.haxx.se/bug/view.cgi?id=1487
+ [2] = http://curl.haxx.se/mail/lib-2015-01/0170.html
+ [3] = https://github.com/bagder/curl/issues/150
+ [4] = https://github.com/bagder/curl/issues/147
+ [5] = http://curl.haxx.se/mail/lib-2015-03/0052.html
+ [6] = https://github.com/bagder/curl/pull/144
+ [7] = https://github.com/bagder/curl/pull/157
+ [8] = http://curl.haxx.se/bug/view.cgi?id=1492
+ [9] = http://curl.haxx.se/bug/view.cgi?id=1491
+ [10] = http://curl.haxx.se/bug/view.cgi?id=1487
+ [11] = https://github.com/bagder/curl/issues/166
+ [12] = http://curl.haxx.se/bug/view.cgi?id=1493
+ [13] = https://github.com/bagder/curl/pull/168
+ [14] = https://github.com/bagder/curl/issues/169
+ [15] = http://curl.haxx.se/mail/lib-2015-03/0205.html
+ [16] = http://curl.haxx.se/bug/view.cgi?id=1465
+ [17] = http://curl.haxx.se/bug/view.cgi?id=1465
+ [18] = http://curl.haxx.se/bug/view.cgi?id=1486
+ [19] = https://github.com/bagder/curl/issues/195
+ [20] = https://github.com/bagder/curl/issues/192
+ [21] = https://github.com/bagder/curl/issues/183
+ [22] = https://github.com/bagder/curl/pull/171
+ [23] = http://curl.haxx.se/mail/lib-2015-04/0069.html
+ [24] = https://github.com/bagder/curl/issues/223
+ [25] = https://github.com/bagder/curl/issues/225
+ [26] = http://curl.haxx.se/docs/adv_20150422A.html
+ [27] = http://curl.haxx.se/docs/adv_20150422C.html
+ [28] = http://curl.haxx.se/docs/adv_20150422D.html
+ [29] = http://curl.haxx.se/docs/adv_20150422B.html

TODO-RELEASE

@@ -1,4 +0,0 @@
-To be addressed in ...
-=======================
-
-327 - 

acinclude.m4

@@ -2607,15 +2607,16 @@ AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
   if test "x$want_ca" != "xno" -a "x$want_ca" != "xunset" -a \
           "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
     dnl both given
-    AC_MSG_ERROR([Can't specify both --with-ca-bundle and --with-ca-path.])
+    ca="$want_ca"
+    capath="$want_capath"
   elif test "x$want_ca" != "xno" -a "x$want_ca" != "xunset"; then
     dnl --with-ca-bundle given
     ca="$want_ca"
     capath="no"
   elif test "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
     dnl --with-ca-path given
-    if test "x$OPENSSL_ENABLED" != "x1" -a "x$POLARSSL_ENABLED" != "x1"; then
-      AC_MSG_ERROR([--with-ca-path only works with openSSL or PolarSSL])
+    if test "x$OPENSSL_ENABLED" != "x1" -a "x$GNUTLS_ENABLED" != "x1" -a "x$POLARSSL_ENABLED" != "x1"; then
+      AC_MSG_ERROR([--with-ca-path only works with OpenSSL, GnuTLS or PolarSSL])
     fi
     capath="$want_capath"
     ca="no"
@@ -2669,11 +2670,13 @@ AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
     AC_DEFINE_UNQUOTED(CURL_CA_BUNDLE, "$ca", [Location of default ca bundle])
     AC_SUBST(CURL_CA_BUNDLE)
     AC_MSG_RESULT([$ca])
-  elif test "x$capath" != "xno"; then
+  fi
+  if test "x$capath" != "xno"; then
     CURL_CA_PATH="\"$capath\""
     AC_DEFINE_UNQUOTED(CURL_CA_PATH, "$capath", [Location of default ca path])
     AC_MSG_RESULT([$capath (capath)])
-  else
+  fi
+  if test "x$ca" == "xno" && test "x$capath" == "xno"; then
     AC_MSG_RESULT([no])
   fi
 ])

configure.ac

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -154,6 +154,7 @@ dnl initialize all the info variables
 curl_tls_srp_msg="no      (--enable-tls-srp)"
     curl_res_msg="default (--enable-ares / --enable-threaded-resolver)"
    curl_ipv6_msg="no      (--enable-ipv6)"
+curl_unix_sockets_msg="no      (--enable-unix-sockets)"
     curl_idn_msg="no      (--with-{libidn,winidn})"
  curl_manual_msg="no      (--enable-manual)"
 curl_libcurl_msg="enabled (--disable-libcurl-option)"
@@ -574,6 +575,22 @@ AC_HELP_STRING([--disable-imap],[Disable IMAP support]),
 )
 
 
+AC_MSG_CHECKING([whether to support smb])
+AC_ARG_ENABLE(smb,
+AC_HELP_STRING([--enable-smb],[Enable SMB/CIFS support])
+AC_HELP_STRING([--disable-smb],[Disable SMB/CIFS support]),
+[ case "$enableval" in
+  no)
+       AC_MSG_RESULT(no)
+       AC_DEFINE(CURL_DISABLE_SMB, 1, [to disable SMB/CIFS])
+       AC_SUBST(CURL_DISABLE_SMB, [1])
+       ;;
+  *)   AC_MSG_RESULT(yes)
+       ;;
+  esac ],
+       AC_MSG_RESULT(yes)
+)
+
 AC_MSG_CHECKING([whether to support smtp])
 AC_ARG_ENABLE(smtp,
 AC_HELP_STRING([--enable-smtp],[Enable SMTP support])
@@ -1029,7 +1046,7 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
 
   if test "$LDAPLIBNAME" = "wldap32"; then
     curl_ldap_msg="enabled (winldap)"
-    AC_DEFINE(CURL_LDAP_WIN, 1, [Use Windows LDAP implementation])
+    AC_DEFINE(USE_WIN32_LDAP, 1, [Use Windows LDAP implementation])
   else
     curl_ldap_msg="enabled (OpenLDAP)"
     if test "x$ac_cv_func_ldap_init_fd" = "xyes"; then
@@ -1047,10 +1064,10 @@ dnl **********************************************************************
 dnl Checks for IPv6
 dnl **********************************************************************
 
-AC_MSG_CHECKING([whether to enable ipv6])
+AC_MSG_CHECKING([whether to enable IPv6])
 AC_ARG_ENABLE(ipv6,
-AC_HELP_STRING([--enable-ipv6],[Enable ipv6 (with ipv4) support])
-AC_HELP_STRING([--disable-ipv6],[Disable ipv6 support]),
+AC_HELP_STRING([--enable-ipv6],[Enable IPv6 (with IPv4) support])
+AC_HELP_STRING([--disable-ipv6],[Disable IPv6 support]),
 [ case "$enableval" in
   no)
        AC_MSG_RESULT(no)
@@ -1167,6 +1184,8 @@ AC_ARG_WITH(gssapi,
   fi
 ])
 
+: ${KRB5CONFIG:="$GSSAPI_ROOT/bin/krb5-config"}
+
 save_CPPFLAGS="$CPPFLAGS"
 AC_MSG_CHECKING([if GSS-API support is requested])
 if test x"$want_gss" = xyes; then
@@ -1177,6 +1196,8 @@ if test x"$want_gss" = xyes; then
         GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi`
      elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
         GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
+     elif test -f "$KRB5CONFIG"; then
+        GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi`
      elif test "$GSSAPI_ROOT" != "yes"; then
         GSSAPI_INCS="-I$GSSAPI_ROOT/include"
      fi
@@ -1266,10 +1287,10 @@ if test x"$want_gss" = xyes; then
            dnl into LIBS
            gss_libs=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --libs gssapi`
            LIBS="$gss_libs $LIBS"
-        elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
+        elif test -f "$KRB5CONFIG"; then
            dnl krb5-config doesn't have --libs-only-L or similar, put everything
            dnl into LIBS
-           gss_libs=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
+           gss_libs=`$KRB5CONFIG --libs gssapi`
            LIBS="$gss_libs $LIBS"
         else
            case $host in
@@ -1434,6 +1455,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
       SSL_CPPFLAGS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl
         $PKGCONFIG --cflags-only-I openssl 2>/dev/null`
 
+      AC_SUBST(SSL_LIBS)
       AC_MSG_NOTICE([pkg-config: SSL_LIBS: "$SSL_LIBS"])
       AC_MSG_NOTICE([pkg-config: SSL_LDFLAGS: "$SSL_LDFLAGS"])
       AC_MSG_NOTICE([pkg-config: SSL_CPPFLAGS: "$SSL_CPPFLAGS"])
@@ -1510,7 +1532,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
 
     else
 
-      dnl Have the libraries--check for SSLeay/OpenSSL headers
+      dnl Have the libraries--check for OpenSSL headers
       AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \
                        openssl/pem.h openssl/ssl.h openssl/err.h,
         curl_ssl_msg="enabled (OpenSSL)"
@@ -1534,17 +1556,11 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
     fi
 
     if test X"$OPENSSL_ENABLED" = X"1"; then
-       AC_DEFINE(USE_SSLEAY, 1, [if SSL is enabled])
-
        dnl is there a pkcs12.h header present?
        AC_CHECK_HEADERS(openssl/pkcs12.h)
     else
        LIBS="$CLEANLIBS"
     fi
-    dnl USE_SSLEAY is the historical name for what configure calls
-    dnl OPENSSL_ENABLED; the names should really be unified
-    USE_SSLEAY="$OPENSSL_ENABLED"
-    AC_SUBST(USE_SSLEAY)
 
     if test X"$OPT_SSL" != Xoff &&
        test "$OPENSSL_ENABLED" != "1"; then
@@ -1561,8 +1577,11 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
                 AC_CHECK_FUNCS( ENGINE_load_builtin_engines )
               ])
 
-    dnl these can only exist if openssl exists
-    dnl yassl doesn't have SSL_get_shutdown
+    dnl These can only exist if OpenSSL exists
+    dnl Older versions of Cyassl (some time before 2.9.4) don't have
+    dnl SSL_get_shutdown (but this check won't actually detect it there
+    dnl as it's a macro that needs the header files be included)
+    dnl BoringSSL doesn't have DES_set_odd_parity
 
     AC_CHECK_FUNCS( RAND_status \
                     RAND_screen \
@@ -1570,28 +1589,30 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
                     ENGINE_cleanup \
                     CRYPTO_cleanup_all_ex_data \
                     SSL_get_shutdown \
-                    SSLv2_client_method )
+                    SSLv2_client_method \
+                    DES_set_odd_parity )
 
-    dnl Make an attempt to detect if this is actually yassl's headers and
-    dnl OpenSSL emulation layer. We still leave everything else believing
-    dnl and acting like OpenSSL.
-
-    AC_MSG_CHECKING([for yaSSL using OpenSSL compatibility mode])
+    AC_MSG_CHECKING([for BoringSSL])
+    if test "x$ac_cv_func_DES_set_odd_parity" != "xyes"; then
+      curl_ssl_msg="enabled (BoringSSL)"
+      AC_DEFINE_UNQUOTED(HAVE_BORINGSSL, 1,
+        [Define to 1 if using BoringSSL.])
+      AC_MSG_RESULT([yes])
+    else
+      AC_MSG_RESULT([no])
+    fi
+    AC_MSG_CHECKING([for libressl])
     AC_COMPILE_IFELSE([
       AC_LANG_PROGRAM([[
-#include <openssl/ssl.h>
+#include <openssl/opensslv.h>
       ]],[[
-#if defined(YASSL_VERSION) && defined(OPENSSL_VERSION_NUMBER)
-        int dummy = SSL_ERROR_NONE;
-#else
-        Not the yaSSL OpenSSL compatibility header.
-#endif
+        int dummy = LIBRESSL_VERSION_NUMBER;
       ]])
     ],[
       AC_MSG_RESULT([yes])
-      AC_DEFINE_UNQUOTED(USE_YASSLEMUL, 1,
-        [Define to 1 if using yaSSL in OpenSSL compatibility mode.])
-      curl_ssl_msg="enabled (OpenSSL emulation by yaSSL)"
+      AC_DEFINE_UNQUOTED(HAVE_LIBRESSL, 1,
+        [Define to 1 if using libressl.])
+      curl_ssl_msg="enabled (libressl)"
     ],[
       AC_MSG_RESULT([no])
     ])
@@ -1655,8 +1676,8 @@ dnl ---
 if test "$OPENSSL_ENABLED" = "1"; then
   AC_CHECK_LIB(crypto, SRP_Calc_client_key,
    [
-     AC_DEFINE(HAVE_SSLEAY_SRP, 1, [if you have the function SRP_Calc_client_key])
-     AC_SUBST(HAVE_SSLEAY_SRP, [1])
+     AC_DEFINE(HAVE_OPENSSL_SRP, 1, [if you have the function SRP_Calc_client_key])
+     AC_SUBST(HAVE_OPENSSL_SRP, [1])
    ])
 fi
 
@@ -1926,6 +1947,10 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
       OPT_CYASSL=""
     fi
 
+    dnl This should be reworked to use pkg-config instead
+
+    cyassllibname=cyassl
+
     if test -z "$OPT_CYASSL" ; then
       dnl check for lib in system default first
 
@@ -1967,19 +1992,70 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
        [
          CPPFLAGS=$_cppflags
          LDFLAGS=$_ldflags
+         cyassllib=""
        ])
     fi
 
+    addld=""
+    addlib=""
+    addcflags=""
+
+    if test "x$USE_CYASSL" != "xyes"; then
+      dnl libcyassl renamed to libwolfssl as of 3.4.0
+      addld=-L$OPT_CYASSL/lib$libsuff
+      addcflags=-I$OPT_CYASSL/include
+      cyassllib=$OPT_CYASSL/lib$libsuff
+
+      LDFLAGS="$LDFLAGS $addld"
+      if test "$addcflags" != "-I/usr/include"; then
+         CPPFLAGS="$CPPFLAGS $addcflags"
+      fi
+
+      cyassllibname=wolfssl
+      my_ac_save_LIBS="$LIBS"
+      LIBS="-l$cyassllibname -lm $LIBS"
+
+      AC_MSG_CHECKING([for CyaSSL_Init in -lwolfssl])
+      AC_LINK_IFELSE([
+	AC_LANG_PROGRAM([[
+/* These aren't needed for detection and confuse WolfSSL.
+   They are set up properly later if it is detected.  */
+#undef SIZEOF_LONG
+#undef SIZEOF_LONG_LONG
+#include <cyassl/ssl.h>
+	]],[[
+	  return CyaSSL_Init();
+	]])
+      ],[
+         AC_MSG_RESULT(yes)
+         AC_DEFINE(USE_CYASSL, 1, [if CyaSSL is enabled])
+         AC_SUBST(USE_CYASSL, [1])
+         CYASSL_ENABLED=1
+         USE_CYASSL="yes"
+         curl_ssl_msg="enabled (CyaSSL)"
+       ],
+       [
+         AC_MSG_RESULT(no)
+         CPPFLAGS=$_cppflags
+         LDFLAGS=$_ldflags
+         cyassllib=""
+       ])
+      LIBS="$my_ac_save_LIBS"
+    fi
+
     if test "x$USE_CYASSL" = "xyes"; then
       AC_MSG_NOTICE([detected CyaSSL])
 
       dnl cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined!
       AC_CHECK_SIZEOF(long long)
 
+      dnl Versions since at least 2.6.0 may have options.h
+      AC_CHECK_HEADERS(cyassl/options.h)
+
       dnl Versions since at least 2.9.4 renamed error.h to error-ssl.h
       AC_CHECK_HEADERS(cyassl/error-ssl.h)
 
-      LIBS="-lcyassl -lm $LIBS"
+      LIBS="-l$cyassllibname -lm $LIBS"
 
       if test -n "$cyassllib"; then
         dnl when shared libs were found in a path that the run-time
@@ -2046,57 +2122,73 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
         fi
       fi
     else
-        # Without pkg-config, we'll kludge in some defaults
-        addlib="-L$OPT_NSS/lib -lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4 -lpthread -ldl"
-        addcflags="-I$OPT_NSS/include"
-        version="unknown"
-        nssprefix=$OPT_NSS
-    fi
-
-    if test -n "$addlib"; then
-
-      CLEANLIBS="$LIBS"
-      CLEANCPPFLAGS="$CPPFLAGS"
-
-      LIBS="$addlib $LIBS"
-      if test "$addcflags" != "-I/usr/include"; then
-         CPPFLAGS="$CPPFLAGS $addcflags"
-      fi
-
-      dnl The function SSL_VersionRangeSet() is needed to enable TLS > 1.0
-      AC_CHECK_LIB(nss3, SSL_VersionRangeSet,
-       [
-       AC_DEFINE(USE_NSS, 1, [if NSS is enabled])
-       AC_SUBST(USE_NSS, [1])
-       USE_NSS="yes"
-       NSS_ENABLED=1
-       curl_ssl_msg="enabled (NSS)"
-       ],
-       [
-         LIBS="$CLEANLIBS"
-         CPPFLAGS="$CLEANCPPFLAGS"
-       ])
-
-      if test "x$USE_NSS" = "xyes"; then
-        AC_MSG_NOTICE([detected NSS version $version])
-
-        dnl needed when linking the curl tool without USE_EXPLICIT_LIB_DEPS
-        NSS_LIBS=$addlib
-        AC_SUBST([NSS_LIBS])
-
-        dnl when shared libs were found in a path that the run-time
-        dnl linker doesn't search through, we need to add it to
-        dnl LD_LIBRARY_PATH to prevent further configure tests to fail
-        dnl due to this
-        if test "x$cross_compiling" != "xyes"; then
-          LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$nssprefix/lib$libsuff"
-          export LD_LIBRARY_PATH
-          AC_MSG_NOTICE([Added $nssprefix/lib$libsuff to LD_LIBRARY_PATH])
+      NSS_PCDIR="$OPT_NSS/lib/pkgconfig"
+      if test -f "$NSS_PCDIR/nss.pc"; then
+        CURL_CHECK_PKGCONFIG(nss, [$NSS_PCDIR])
+        if test "$PKGCONFIG" != "no" ; then
+          addld=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --libs-only-L nss`
+          addlib=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --libs-only-l nss`
+          addcflags=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --cflags nss`
+          version=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --modversion nss`
+          nssprefix=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --variable=prefix nss`
         fi
       fi
-
     fi
 
+    if test -z "$addlib"; then
+      # Without pkg-config, we'll kludge in some defaults
+      AC_MSG_WARN([Using hard-wired libraries and compilation flags for NSS.])
+      addld="-L$OPT_NSS/lib"
+      addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4"
+      addcflags="-I$OPT_NSS/include"
+      version="unknown"
+      nssprefix=$OPT_NSS
+    fi
+
+    CLEANLDFLAGS="$LDFLAGS"
+    CLEANLIBS="$LIBS"
+    CLEANCPPFLAGS="$CPPFLAGS"
+
+    LDFLAGS="$addld $LDFLAGS"
+    LIBS="$addlib $LIBS"
+    if test "$addcflags" != "-I/usr/include"; then
+       CPPFLAGS="$CPPFLAGS $addcflags"
+    fi
+
+    dnl The function SSL_VersionRangeSet() is needed to enable TLS > 1.0
+    AC_CHECK_LIB(nss3, SSL_VersionRangeSet,
+     [
+     AC_DEFINE(USE_NSS, 1, [if NSS is enabled])
+     AC_SUBST(USE_NSS, [1])
+     USE_NSS="yes"
+     NSS_ENABLED=1
+     curl_ssl_msg="enabled (NSS)"
+     ],
+     [
+       LDFLAGS="$CLEANLDFLAGS"
+       LIBS="$CLEANLIBS"
+       CPPFLAGS="$CLEANCPPFLAGS"
+     ])
+
+    if test "x$USE_NSS" = "xyes"; then
+      AC_MSG_NOTICE([detected NSS version $version])
+
+      dnl needed when linking the curl tool without USE_EXPLICIT_LIB_DEPS
+      NSS_LIBS=$addlib
+      AC_SUBST([NSS_LIBS])
+
+      dnl when shared libs were found in a path that the run-time
+      dnl linker doesn't search through, we need to add it to
+      dnl LD_LIBRARY_PATH to prevent further configure tests to fail
+      dnl due to this
+      if test "x$cross_compiling" != "xyes"; then
+        LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$nssprefix/lib$libsuff"
+        export LD_LIBRARY_PATH
+        AC_MSG_NOTICE([Added $nssprefix/lib$libsuff to LD_LIBRARY_PATH])
+      fi
+
+    fi dnl NSS found
+
   fi dnl NSS not disabled
 
 fi dnl curl_ssl_msg = init_ssl_msg
@@ -2332,12 +2424,6 @@ if test X"$OPT_LIBSSH2" != Xno; then
        dnl linker doesn't search through, we need to add it to LD_LIBRARY_PATH
        dnl to prevent further configure tests to fail due to this
 
-       dnl libssh2_version is a post 1.0 addition
-       dnl libssh2_init and libssh2_exit were added in 1.2.5
-       dnl libssh2_scp_send64 was added in 1.2.6
-       dnl libssh2_session_handshake was added in 1.2.8
-       AC_CHECK_FUNCS( libssh2_version libssh2_init libssh2_exit \
-                       libssh2_scp_send64 libssh2_session_handshake)
        if test "x$cross_compiling" != "xyes"; then
          LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$DIR_SSH2"
          export LD_LIBRARY_PATH
@@ -3257,12 +3343,45 @@ AC_HELP_STRING([--disable-tls-srp],[Disable TLS-SRP authentication]),
        want_tls_srp=yes
 )
 
-if test "$want_tls_srp" = "yes" && ( test "x$HAVE_GNUTLS_SRP" = "x1" || test "x$HAVE_SSLEAY_SRP" = "x1") ; then
+if test "$want_tls_srp" = "yes" && ( test "x$HAVE_GNUTLS_SRP" = "x1" || test "x$HAVE_OPENSSL_SRP" = "x1") ; then
    AC_DEFINE(USE_TLS_SRP, 1, [Use TLS-SRP authentication])
    USE_TLS_SRP=1
    curl_tls_srp_msg="enabled"
 fi
 
+dnl ************************************************************
+dnl disable Unix domain sockets support
+dnl
+AC_MSG_CHECKING([whether to enable Unix domain sockets])
+AC_ARG_ENABLE(unix-sockets,
+AC_HELP_STRING([--enable-unix-sockets],[Enable Unix domain sockets])
+AC_HELP_STRING([--disable-unix-sockets],[Disable Unix domain sockets]),
+[ case "$enableval" in
+  no)  AC_MSG_RESULT(no)
+       want_unix_sockets=no
+       ;;
+  *)   AC_MSG_RESULT(yes)
+       want_unix_sockets=yes
+       ;;
+  esac ], [
+       AC_MSG_RESULT(auto)
+       want_unix_sockets=auto
+       ]
+)
+if test "x$want_unix_sockets" != "xno"; then
+  AC_CHECK_MEMBER([struct sockaddr_un.sun_path], [
+    AC_DEFINE(USE_UNIX_SOCKETS, 1, [Use Unix domain sockets])
+    AC_SUBST(USE_UNIX_SOCKETS, [1])
+    curl_unix_sockets_msg="enabled"
+  ], [
+    if test "x$want_unix_sockets" = "xyes"; then
+      AC_MSG_ERROR([--enable-unix-sockets is not available on this platform!])
+    fi
+  ], [
+    #include <sys/un.h>
+  ])
+fi
+
 dnl ************************************************************
 dnl disable cookies support
 dnl
@@ -3338,7 +3457,7 @@ dnl For keeping supported features and protocols also in pkg-config file
 dnl since it is more cross-compile friendly than curl-config
 dnl
 
-if test "x$USE_SSLEAY" = "x1"; then
+if test "x$OPENSSL_ENABLED" = "x1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES SSL"
 elif test -n "$SSL_ENABLED"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES SSL"
@@ -3346,6 +3465,9 @@ fi
 if test "x$IPV6_ENABLED" = "x1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES IPv6"
 fi
+if test "x$USE_UNIX_SOCKETS" = "x1"; then
+  SUPPORT_FEATURES="$SUPPORT_FEATURES UnixSockets"
+fi
 if test "x$HAVE_LIBZ" = "x1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES libz"
 fi
@@ -3368,17 +3490,24 @@ if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" -a \
   SUPPORT_FEATURES="$SUPPORT_FEATURES SPNEGO"
 fi
 
-if test "x$CURL_DISABLE_HTTP" != "x1" -a \
-    "x$CURL_DISABLE_CRYPTO_AUTH" != "x1"; then
-  if test "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
+if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" -a \
+    \( "x$HAVE_GSSAPI" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \); then
+  SUPPORT_FEATURES="$SUPPORT_FEATURES Kerberos"
+fi
+
+if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1"; then
+  if test "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
       -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \
       -o "x$DARWINSSL_ENABLED" = "x1"; then
     SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
-    if test "x$NTLM_WB_ENABLED" = "x1"; then
+
+    if test "x$CURL_DISABLE_HTTP" != "x1" -a \
+        "x$NTLM_WB_ENABLED" = "x1"; then
       SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM_WB"
     fi
   fi
 fi
+
 if test "x$USE_TLS_SRP" = "x1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES TLS-SRP"
 fi
@@ -3438,6 +3567,16 @@ if test "x$CURL_DISABLE_IMAP" != "x1"; then
     SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS IMAPS"
   fi
 fi
+if test "x$CURL_DISABLE_SMB" != "x1" \
+    -a "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" \
+    -a \( "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
+      -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \
+      -o "x$DARWINSSL_ENABLED" = "x1" \); then
+  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMB"
+  if test "x$SSL_ENABLED" = "x1"; then
+    SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMBS"
+  fi
+fi
 if test "x$CURL_DISABLE_SMTP" != "x1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMTP"
   if test "x$SSL_ENABLED" = "x1"; then
@@ -3536,7 +3675,8 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
   GSS-API support:  ${curl_gss_msg}
   TLS-SRP support:  ${curl_tls_srp_msg}
   resolver:         ${curl_res_msg}
-  ipv6 support:     ${curl_ipv6_msg}
+  IPv6 support:     ${curl_ipv6_msg}
+  Unix sockets support: ${curl_unix_sockets_msg}
   IDN support:      ${curl_idn_msg}
   Build libcurl:    Shared=${enable_shared}, Static=${enable_static}
   Built-in manual:  ${curl_manual_msg}

contributors.sh

@@ -6,7 +6,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 2013-2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 2013-2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -25,28 +25,49 @@
 # This script shows all mentioned contributors from <hash> until HEAD. To aid
 # when writing RELEASE-NOTES and THANKS.
 #
+# Use --releasenotes to also include the names from the existing RELEASE-NOTES
+# file, which is handy when we've added names manually in there that should be
+# included in an updated list.
+#
 
 start=$1
 
 if test -z "$start"; then
-  echo "Usage: $0 <since this tag/hash>"
+    echo "Usage: $0 <since this tag/hash> [--releasenotes]"
+    exit
 fi
 
 # filter out Author:, Commit: and *by: lines
 # cut off the email parts
 # split list of names at comma
+# split list of names at " and "
 # cut off spaces first and last on the line
+# filter alternatives through THANKS-filter
 # only count names with a space (ie more than one word)
 # sort all unique names
 # awk them into RELEASE-NOTES format
+(
 git log $start..HEAD | \
 egrep -i '(Author|Commit|by):' | \
 cut -d: -f2- | \
 cut '-d<' -f1 | \
 tr , '\012' | \
-sed -e 's/^ //' -e 's/ $//g' | \
+sed 's/ and /\n/' | \
+sed -e 's/^ //' -e 's/ $//g'
+
+if echo "$*" | grep -qw -- '--releasenotes';then
+    # if --releasenotes was used
+    # grep out the list of names from RELEASE-NOTES
+    # split on ", "
+    # remove leading white spaces
+grep "^  [^ \(]" RELEASE-NOTES| \
+sed 's/, */\n/g'| \
+sed 's/^ *//'
+fi
+)| \
+sed -f ./docs/THANKS-filter | \
 grep ' ' | \
-sort -fu |
+sort -fu | \
 awk '{
  num++;
  n = sprintf("%s%s%s,", n, length(n)?" ":"", $0);

contrithanks.sh

@@ -0,0 +1,57 @@
+#!/bin/sh
+#***************************************************************************
+#                                  _   _ ____  _
+#  Project                     ___| | | |  _ \| |
+#                             / __| | | | |_) | |
+#                            | (__| |_| |  _ <| |___
+#                             \___|\___/|_| \_\_____|
+#
+# Copyright (C) 2013-2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at http://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+###########################################################################
+
+#
+# This script shows all mentioned contributors from <hash> until HEAD and
+# puts them at the end of the THANKS document on stdout
+#
+
+start=$1
+
+if test -z "$start"; then
+  echo "Usage: $0 <since this tag/hash>"
+fi
+
+cat ./docs/THANKS
+
+(
+git log $start..HEAD | \
+egrep -i '(Author|Commit|by):' | \
+cut -d: -f2- | \
+cut '-d<' -f1 | \
+tr , '\012' | \
+sed 's/ and /\n/' | \
+sed -e 's/^ //' -e 's/ $//g'
+
+# grep out the list of names from RELEASE-NOTES
+# split on ", "
+# remove leading white spaces
+grep "^  [^ (]" RELEASE-NOTES| \
+sed 's/, */\n/g'| \
+sed 's/^ *//'
+
+)| \
+sed -f ./docs/THANKS-filter | \
+grep ' ' | \
+sort -fu | \
+grep -xvf ./docs/THANKS 

curl-config.in

@@ -71,7 +71,7 @@ while test $# -gt 0; do
         ;;
 
     --ca)
-        echo "@CURL_CA_BUNDLE@"
+        echo @CURL_CA_BUNDLE@
         ;;
 
     --cc)

docs/BINDINGS

@@ -90,6 +90,11 @@ Guile:
   Written by Michael L. Gran
   http://www.lonelycactus.com/guile-curl.html
 
+Harbour
+
+  Written by Viktor Szakáts
+  https://github.com/vszakats/harbour-core/tree/master/contrib/hbcurl
+
 Haskell
 
   Written by Galois, Inc
@@ -115,7 +120,7 @@ Lua
   luacurl by Alexander Marinov
   http://luacurl.luaforge.net/
 
-  Lua-cURL by J<EFBFBD>rgen H<EFBFBD>tzel
+  Lua-cURL by Jürgen Hötzel
   http://luaforge.net/projects/lua-curl/
 
 Mono
@@ -219,8 +224,8 @@ SPL
 
 Tcl
 
-  Tclcurl by Andr<EFBFBD>s Garc<EFBFBD>a
-  http://personal1.iddeo.es/andresgarci/tclcurl/english/docs.html
+  Tclcurl by Andrés García
+  http://mirror.yellow5.com/tclcurl/
 
 Visual Basic
 

docs/BUGS

@@ -35,11 +35,9 @@ BUGS
   have a go at a solution. You can optionally also post your bug/problem at
   curl's bug tracking system over at
 
-        https://sourceforge.net/p/curl/bugs/
+        https://github.com/bagder/curl/issues
 
-  Please read the rest of this document below first before doing that! Also,
-  you need to login to your sourceforge account before being able to submit a
-  bug report (necessary evil done to avoid spam).
+  Please read the rest of this document below first before doing that!
 
   If you feel you need to ask around first, find a suitable mailing list and
   post there. The lists are available on http://curl.haxx.se/mail/

docs/CONTRIBUTE

@@ -34,7 +34,7 @@
  3.3 How To Make a Patch without git
  3.4 How to get your changes into the main sources
  3.5 Write good commit messages
- 3.6 Please don't send pull requests
+ 3.6 About pull requests
 
 ==============================================================================
 
@@ -52,6 +52,10 @@
 
  We also hang out on IRC in #curl on irc.freenode.net
 
+ If you're at all interested in the code side of things, consider clicking
+ 'watch' on the curl repo at github to get notified on pull requests and new
+ issues posted there.
+
 1.2. License
 
  When contributing with code, you agree to put your changes and new code under
@@ -78,10 +82,10 @@
 
 1.3 What To Read
 
- Source code, the man pages, the INTERNALS document, TODO, KNOWN_BUGS, the
- most recent CHANGES. Just lurking on the curl-library mailing list is gonna
- give you a lot of insights on what's going on right now. Asking there is a
- good idea too.
+ Source code, the man pages, the INTERNALS document, TODO, KNOWN_BUGS and the
+ most recent changes in the git log. Just lurking on the curl-library mailing
+ list is gonna give you a lot of insights on what's going on right now. Asking
+ there is a good idea too.
 
 2. cURL Coding Standards
 
@@ -288,27 +292,15 @@
  and make sure that you have your own user and email setup correctly in git
  before you commit
 
-3.6 Please don't send pull requests
+3.6 About pull requests
 
  With git (and especially github) it is easy and tempting to send a pull
- request to one or more people in the curl project to have changes merged this
- way instead of mailing patches to the curl-library mailing list.
+ request to the curl project to have changes merged this way instead of
+ mailing patches to the curl-library mailing list.
 
- We don't like that. We want them mailed for these reasons:
+ We used to dislike this but we're trying to change that and accept that this
+ is a frictionless way for people to contribute to the project. We now welcome
+ pull requests!
 
- - Peer review. Anyone and everyone on the list can review, comment and
-   improve on the patch. Pull requests limit this ability.
-
- - Anyone can merge the patch into their own trees for testing and those who
-   have push rights can push it to the main repo. It doesn't have to be anyone
-   the patch author knows beforehand.
-
- - Commit messages can be tweaked and changed if merged locally instead of
-   using github. Merges directly on github requires the changes to be perfect
-   already, which they seldom are.
-
- - Merges on github prevents rebases and even enforces --no-ff which is a git
-   style we don't otherwise use in the project
-
- However: once patches have been reviewed and deemed fine on list they are
- perfectly OK to be pulled from a published git tree.
+ We will continue to avoid using github's merge tools to make the history
+ linear and to make sure commits follow our style guidelines.

docs/FAQ

@@ -81,6 +81,7 @@ FAQ
   4.18 file:// URLs containing drive letters (Windows, NetWare)
   4.19 Why doesn't cURL return an error when the network cable is unplugged?
   4.20 curl doesn't return error for HTTP non-200 responses!
+  4.21 Why is there a HTTP/1.1 in my HTTP/2 request?
 
  5. libcurl Issues
   5.1 Is libcurl thread-safe?
@@ -134,7 +135,7 @@ FAQ
 
     A free and easy-to-use client-side URL transfer library, supporting DICT,
     FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3,
-    POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
+    POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP.
 
     libcurl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading,
     Kerberos, SPNEGO, HTTP form based upload, proxies, cookies, user+password
@@ -764,8 +765,9 @@ FAQ
   request-body in a GET request with something like "curl -X GET -d data
   [URL]"
 
-  Note that -X doesn't change curl's behavior. It only modifies the actual
-  string sent in the request.
+  Note that -X doesn't actually change curl's behavior as it only modifies the
+  actual string sent in the request, but that may of course trigger a
+  different set of events.
 
   Accordingly, by using -XPOST on a command line that for example would follow
   a 303 redirect, you will effectively prevent curl from behaving
@@ -1115,6 +1117,16 @@ FAQ
   You can also use the -w option and the variable %{response_code} to extract
   the exact response code that was return in the response.
 
+  4.21 Why is there a HTTP/1.1 in my HTTP/2 request?
+
+  If you use verbose to see the HTTP request when you send off a HTTP/2
+  request, it will still say 1.1.
+
+  The reason for this is that we first generate the request to send using the
+  old 1.1 style and show that request in the verbose output, and then we
+  convert it over to the binary header-compressed HTTP/2 style. The actual
+  "1.1" part from that request is then not actually used in the transfer. The
+  binary HTTP/2 headers are not human readable.
 
 5. libcurl Issues
 
@@ -1274,7 +1286,7 @@ FAQ
   you want to change name resolver function you must rebuild libcurl and tell
   it to use a different function.
 
-  - The non-ipv6 resolver that can use one out of four host name resolve calls
+  - The non-IPv6 resolver that can use one out of four host name resolve calls
     (depending on what your system supports):
 
       A - gethostbyname()
@@ -1282,15 +1294,15 @@ FAQ
       C - gethostbyname_r() with 5 arguments
       D - gethostbyname_r() with 6 arguments
 
-  - The ipv6-resolver that uses getaddrinfo()
+  - The IPv6-resolver that uses getaddrinfo()
 
   - The c-ares based name resolver that uses the c-ares library for resolves.
     Using this offers asynchronous name resolves.
 
   - The threaded resolver (default option on Windows). It uses:
 
-      A - gethostbyname() on plain ipv4 hosts
-      B - getaddrinfo() on ipv6-enabled hosts
+      A - gethostbyname() on plain IPv4 hosts
+      B - getaddrinfo() on IPv6 enabled hosts
 
   Also note that libcurl never resolves or reverse-lookups addresses given as
   pure numbers, such as 127.0.0.1 or ::1.

docs/FEATURES

@@ -127,9 +127,15 @@ FILE
  - upload
  - resume
 
+SMB
+ - SMBv1 over TCP and SSL
+ - download
+ - upload
+ - authentication with NTLMv1
+
 SMTP
- - authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9) and Kerberos 5
-   (*4)
+ - authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9), Kerberos 5
+   (*4) and External.
  - send e-mails
  - mail from support
  - mail size support
@@ -144,8 +150,8 @@ SMTPS (*1)
 
 POP3
  - authentication: Clear Text, APOP and SASL
- - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9) and
-   Kerberos 5 (*4)
+ - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9),
+   Kerberos 5 (*4) and External.
  - list e-mails
  - retrieve e-mails
  - enhanced command support for: CAPA, DELE, TOP, STAT, UIDL and NOOP via
@@ -159,8 +165,8 @@ POP3S (*1)
 
 IMAP
  - authentication: Clear Text and SASL
- - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9) and
-   Kerberos 5 (*4)
+ - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9),
+   Kerberos 5 (*4) and External.
  - list the folders of a mailbox
  - select a mailbox with support for verifying the UIDVALIDITY
  - fetch e-mails with support for specifying the UID and SECTION

docs/INSTALL

@@ -20,10 +20,10 @@ Building from git
    If you get your code off a git repository, see the GIT-INFO file in the
    root directory for specific instructions on how to proceed.
 
-UNIX
+Unix
 ====
 
-   A normal unix installation is made in three or four steps (after you've
+   A normal Unix installation is made in three or four steps (after you've
    unpacked the source archive):
 
         ./configure
@@ -209,7 +209,7 @@ Win32
    environment variables, for example:
 
      set ZLIB_PATH=c:\zlib-1.2.8
-     set OPENSSL_PATH=c:\openssl-0.9.8y
+     set OPENSSL_PATH=c:\openssl-0.9.8zc
      set LIBSSH2_PATH=c:\libssh2-1.4.3
 
    ATTENTION: if you want to build with libssh2 support you have to use latest
@@ -317,7 +317,7 @@ Win32
    Before running nmake define the OPENSSL_PATH environment variable with
    the root/base directory of OpenSSL, for example:
 
-     set OPENSSL_PATH=c:\openssl-0.9.8y
+     set OPENSSL_PATH=c:\openssl-0.9.8zc
 
    Then run 'nmake vc-ssl' or 'nmake vc-ssl-dll' in curl's root
    directory.  'nmake vc-ssl' will create a libcurl static and dynamic
@@ -416,15 +416,21 @@ Win32
    CURL_DISABLE_FILE     disables FILE
    CURL_DISABLE_TFTP     disables TFTP
    CURL_DISABLE_HTTP     disables HTTP
+   CURL_DISABLE_IMAP     disables IMAP
+   CURL_DISABLE_POP3     disables POP3
+   CURL_DISABLE_SMTP     disables SMTP
 
-   If you want to set any of these defines you have the following
-   possibilities:
+   If you want to set any of these defines you have the following options:
 
    - Modify lib/config-win32.h
    - Modify lib/curl_setup.h
    - Modify lib/Makefile.vc6
-   - Add defines to Project/Settings/C/C++/General/Preprocessor Definitions
-     in the vc6libcurl.dsw/vc6libcurl.dsp Visual C++ 6 IDE project.
+   - Modify the "Preprocessor Definitions" in the libcurl project
+
+   Note: The pre-processor settings can be found using the Visual Studio IDE
+   under "Project -> Settings -> C/C++ -> General" in VC6 and "Project ->
+   Properties -> Configuration Properties -> C/C++ -> Preprocessor" in later
+   versions.
 
    Using BSD-style lwIP instead of Winsock TCP/IP stack in Win32 builds
    --------------------------------------------------------------------
@@ -436,8 +442,12 @@ Win32
 
    - Modify lib/config-win32.h and src/config-win32.h
    - Modify lib/Makefile.vc6
-   - Add definition to Project/Settings/C/C++/General/Preprocessor Definitions
-     in the vc6libcurl.dsw/vc6libcurl.dsp Visual C++ 6 IDE project.
+   - Modify the "Preprocessor Definitions" in the libcurl project
+
+   Note: The pre-processor settings can be found using the Visual Studio IDE
+   under "Project -> Settings -> C/C++ -> General" in VC6 and "Project ->
+   Properties -> Configuration Properties -> C/C++ -> Preprocessor" in later
+   versions.
 
    Once that libcurl has been built with BSD-style lwIP TCP/IP stack support,
    in order to use it with your program it is mandatory that your program

docs/INTERNALS

@@ -42,7 +42,7 @@ Portability
  libidn       0.4.1
  cyassl       2.0.0
  openldap     2.0
- MIT krb5 lib 1.2.4
+ MIT Kerberos 1.2.4
  GSKit        V5R3M0
  NSS          3.14.x
  axTLS        1.2.7
@@ -252,9 +252,9 @@ Library
 
  Kerberos
 
- The kerberos support is mainly in lib/krb5.c and lib/security.c but also
- curl_sasl_sspi.c for the email protocols and socks_gssapi.c & socks_sspi.c for
- SOCKS5 proxy specifics.
+ Kerberos support is mainly in lib/krb5.c and lib/security.c but also
+ curl_sasl_sspi.c and curl_sasl_gssapi.c for the email protocols and
+ socks_gssapi.c & socks_sspi.c for SOCKS5 proxy specifics.
 
  TELNET
 
@@ -264,6 +264,10 @@ Library
 
  The file:// protocol is dealt with in lib/file.c.
 
+ SMB
+
+ The smb:// protocol is dealt with in lib/smb.c.
+
  LDAP
 
  Everything LDAP is in lib/ldap.c and lib/openldap.c

docs/KNOWN_BUGS

@@ -3,6 +3,18 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!
 
+90. IMAP "SEARCH ALL" truncates output on large boxes. "A quick search of the
+  code reveals that pingpong.c contains some truncation code, at line 408,
+  when it deems the server response to be too large truncating it to 40
+  characters"
+  http://curl.haxx.se/bug/view.cgi?id=1366
+
+89. Disabling HTTP Pipelining when there are ongoing transfers can lead to
+  heap corruption and crash. http://curl.haxx.se/bug/view.cgi?id=1411
+
+88. libcurl doesn't support CURLINFO_FILETIME for SFTP transfers and thus
+  curl's -R option also doesn't work then.
+
 87. -J/--remote-header-name doesn't decode %-encoded file names. RFC6266
   details how it should be done. The can of worm is basically that we have no
   charset handling in curl and ascii >=128 is a challenge for us. Not to
@@ -197,7 +209,7 @@ may have been fixed since this was written!
   be to use a data structure other than a plain C string, one that can handle
   embedded NUL characters.  From a practical standpoint, most FTP servers
   would not meaningfully support NUL characters within RFC 959 <string>,
-  anyway (e.g., UNIX pathnames may not contain NUL).
+  anyway (e.g., Unix pathnames may not contain NUL).
 
 14. Test case 165 might fail on a system which has libidn present, but with an
   old iconv version (2.1.3 is a known bad version), since it doesn't recognize

docs/MANUAL

@@ -59,6 +59,10 @@ SIMPLE USAGE
 
         curl "http://[2001:1890:1112:1::20]/"
 
+  Get a file from an SMB server:
+
+        curl -u "domain\username:passwd" smb://server.example.com/share/file.txt
+
 DOWNLOAD TO A FILE
 
   Get a web page and store in a local file with a specific name:
@@ -228,6 +232,11 @@ UPLOADING
 
         curl --proxytunnel -x proxy:port -T localfile ftp.upload.com
 
+SMB / SMBS
+
+        curl -T file.txt -u "domain\username:passwd" 
+         smb://server.example.com/share/
+
  HTTP
 
   Upload all data on stdin to a specified HTTP site:

docs/RELEASE-PROCEDURE

@@ -84,11 +84,12 @@ Coming dates
 Based on the description above, here are some planned release dates (at the
 time of this writing):
 
-- November 5, 2014 (version 7.39.0)
-- December 31, 2014
-- February 25, 2015
+- February 25, 2015 (version 7.41.0)
 - April 22, 2015
 - June 17, 2015
 - August 12, 2015
 - October 7, 2015
 - December 2, 2015
+- January 27, 2016
+- March 23, 2016
+- May 18, 2016

docs/ROADMAP.md

@@ -8,42 +8,39 @@ possible participation.
 New stuff - libcurl
 -------------------
 
-1. http2 test suite
+1. HTTP/2
 
-2. http2 multiplexing/pipelining
+ - test suite
+ - http2 multiplexing/pipelining
+ - provide option for HTTP/2 "prior knowledge" over clear text
+ - provide option to allow curl to default to HTTP/2 only when using HTTPS
 
-3. SPDY
+2. SRV records
 
-4. SRV records
+3. HTTPS to proxy
 
-5. HTTPS to proxy
-
-6. make sure there's an easy handle passed in to `curl_formadd()`,
+4. make sure there's an easy handle passed in to `curl_formadd()`,
    `curl_formget()` and `curl_formfree()` by adding replacement functions and
    deprecating the old ones to allow custom mallocs and more
 
-7. HTTP Digest authentication via Windows SSPI
-
-8. SASL GSSAPI (Kerberos 5) authentication via a GSS-API library
-
-9. add support for third-party SASL libraries such as Cyrus SASL - may need to
+5. add support for third-party SASL libraries such as Cyrus SASL - may need to
    move existing native and SSPI based authentication into vsasl folder after
    reworking HTTP and SASL code
 
-10. SASL authentication in LDAP
+6. SASL authentication in LDAP
 
-11. Simplify the SMTP email interface so that programmers don't have to
-    construct the body of an email that contains all the headers, alternative
-    content, images and attachments - maintain raw interface so that
-    programmers that want to do this can
+7. Simplify the SMTP email interface so that programmers don't have to
+   construct the body of an email that contains all the headers, alternative
+   content, images and attachments - maintain raw interface so that
+   programmers that want to do this can
 
-12. Allow the email protocols to return the capabilities before
+8. Allow the email protocols to return the capabilities before
     authenticating. This will allow an application to decide on the best
     authentication mechanism
 
-13. Allow Windows threading model to be replaced by Win32 pthreads port
+9. Allow Windows threading model to be replaced by Win32 pthreads port
 
-14. Implement a dynamic buffer size to allow SFTP to use much larger buffers
+10. Implement a dynamic buffer size to allow SFTP to use much larger buffers
     and possibly allow the size to be customizable by applications. Use less
     memory when handles are not in use?
 
@@ -70,7 +67,6 @@ Improve
 
 4. docs (considered "bad" by users but how do we make it better?)
 
-  - split up `curl_easy_setopt.3`
   - split up curl.1
 
 5. authentication framework (consider merging HTTP and SASL authentication to
@@ -83,7 +79,5 @@ Improve
 Remove
 ------
 
-1. cmake support (nobody maintains it)
-
-2. makefile.vc files as there is no point in maintaining two sets of Windows
+1. makefile.vc files as there is no point in maintaining two sets of Windows
    makefiles. Note: These are currently being used by the Windows autobuilds

docs/THANKS

@@ -40,6 +40,8 @@ Alexander Klauer
 Alexander Kourakos
 Alexander Krasnostavsky
 Alexander Lazic
+Alexander Pepper
+Alexander Peslyak
 Alexander Zhuravlev
 Alexey Borzov
 Alexey Pesternikov
@@ -70,7 +72,6 @@ Andrei Benea
 Andrei Cipu
 Andrei Kurushin
 Andrej E Baranov
-Andres Garcia
 Andrew Benham
 Andrew Biggs
 Andrew Bushnell
@@ -80,6 +81,7 @@ Andrew Kurushin
 Andrew Moise
 Andrew Wansink
 Andrew de los Reyes
+Andrey Labunets
 Andrii Moiseiev
 Andrés García
 Andy Cedilnik
@@ -108,10 +110,12 @@ Augustus Saunders
 Avery Fay
 Axel Tillequin
 Balaji Parasuram
+Balaji Salunke
 Balint Szilakszi
 Barry Abrahamson
 Bart Whiteley
 Bas Mevissen
+Ben Boeckel
 Ben Darnell
 Ben Greear
 Ben Madsen
@@ -131,6 +135,7 @@ Bill Doyle
 Bill Egert
 Bill Hoffman
 Bill Middlecamp
+Bill Nagel
 Bjoern Sikora
 Bjorn Augustsson
 Bjorn Reese
@@ -141,6 +146,7 @@ Bob Richmond
 Bob Schader
 Bogdan Nicula
 Brad Burdick
+Brad Harder
 Brad Hards
 Brad King
 Brad Spencer
@@ -156,6 +162,7 @@ Brian R Duffy
 Brian Ulm
 Brock Noland
 Bruce Mitchener
+Bruno Thomsen
 Bruno de Carvalho
 Bryan Henderson
 Bryan Kemp
@@ -163,19 +170,19 @@ Byrial Jensen
 Cameron Kaiser
 Camille Moncelier
 Caolan McNamara
+Carlo Wood
 Carsten Lange
 Casey O'Donnell
 Catalin Patulea
-Cedric Deltheil
 Chad Monroe
 Chandrakant Bagul
 Charles Kerr
+Charles Romestant
 Chen Prog
 Chih-Chung Chang
 Chris "Bob Bob"
 Chris Combes
 Chris Conlon
-Chris Conroy
 Chris Deidun
 Chris Flerackers
 Chris Gaukroger
@@ -220,6 +227,7 @@ Curt Bogmine
 Cyrill Osterwalder
 Cédric Deltheil
 D. Flinkmann
+Da-Yoon Chung
 Dag Ekengren
 Dagobert Michelsen
 Damian Dixon
@@ -287,6 +295,7 @@ Diego Casorran
 Dilyan Palauzov
 Dima Barsky
 Dima Tisnek
+Dimitar Boevski
 Dimitre Dimitrov
 Dimitrios Siganos
 Dimitris Sarris
@@ -329,6 +338,7 @@ Eldar Zaitov
 Ellis Pritchard
 Elmira A Semenova
 Emanuele Bovisio
+Emil Lerner
 Emil Romanus
 Emiliano Ida
 Enrico Scholz
@@ -367,7 +377,7 @@ Feng Tu
 Florian Schoppmann
 Florian Weimer
 Forrest Cahoon
-Francois Charlier
+Frank Gevaerts
 Frank Hempel
 Frank Keeney
 Frank McGeough
@@ -413,7 +423,6 @@ Glen A Johnson Jr.
 Glen Nakamura
 Glen Scott
 Glenn Sheridan
-Gokhan Sengun
 Gordon Marler
 Gorilla Maguila
 Grant Erickson
@@ -435,6 +444,7 @@ Götz Babin-Ebell
 Hamish Mackenzie
 Hang Kin Lau
 Hang Su
+Hanno Böck
 Hanno Kranzhoff
 Hans Steegers
 Hans-Jurgen May
@@ -475,6 +485,7 @@ Immanuel Gregoire
 Ingmar Runge
 Ingo Ralf Blum
 Ingo Wilken
+Isaac Boukris
 Ishan SinghLevett
 Ivo Bellin Salarin
 Jack Zhang
@@ -515,6 +526,7 @@ Jaz Fresh
 Jean Jacques Drouin
 Jean-Claude Chauve
 Jean-Francois Bertrand
+Jean-Francois Durand
 Jean-Louis Lemaire
 Jean-Marc Ranger
 Jean-Noël Rouvignac
@@ -529,7 +541,9 @@ Jeff Pohlmeyer
 Jeff Weber
 Jeremy Friesner
 Jeremy Huddleston
+Jeremy Lin
 Jeroen Koekkoek
+Jeroen Ooms
 Jerome Muffat-Meridol
 Jerome Robert
 Jerome Vouillon
@@ -543,6 +557,7 @@ Jim Drash
 Jim Freeman
 Jim Hollinger
 Jim Meyering
+Jiri Dvorak
 Jiri Hruska
 Jiri Jaburek
 Jiri Malak
@@ -553,6 +568,7 @@ Joe Mason
 Joel Chen
 Jofell Gallardo
 Johan Anderson
+Johan Lantz
 Johan Nilsson
 Johan van Selst
 Johannes Bauer
@@ -569,8 +585,8 @@ John Joseph Bachir
 John Kelly
 John Lask
 John Lightsey
-John Malmberg
 John Marino
+John Marshall
 John McGowan
 John P. McCaskey
 John Suprock
@@ -580,6 +596,8 @@ Johnny Luong
 Jon Grubbs
 Jon Nelson
 Jon Sargeant
+Jon Seymour
+Jon Spencer
 Jon Torrey
 Jon Travis
 Jon Turner
@@ -588,6 +606,7 @@ Jonas Schnelli
 Jonatan Lander
 Jonatan Vela
 Jonathan Cardoso Machado
+Jonathan Cardoso Machado Machado
 Jonathan Hseu
 Jonathan Nieder
 Jongki Suwandi
@@ -604,8 +623,10 @@ Judson Bishop
 Juergen Wilke
 Jukka Pihl
 Julian Noble
+Julian Ospald
 Julian Taylor
 Julien Chaffraix
+Julien Nabet
 Julien Royer
 Jun-ichiro itojun Hagino
 Jurij Smakov
@@ -614,13 +635,13 @@ Justin Karneges
 Justin Maggard
 Jörg Mueller-Tolk
 Jörn Hartroth
+K. R. Walker
 Kai Engert
 Kai Sommerfeld
 Kai-Uwe Rommel
 Kalle Vahlman
 Kamil Dudka
 Kang-Jin Lee
-Karl M
 Karl Moerder
 Karol Pietrzak
 Kaspar Brand
@@ -651,6 +672,7 @@ Krishnendu Majumdar
 Krister Johansen
 Kristian Gunstone
 Kristian Köhntopp
+Kyle J. McKay
 Kyle L. Huff
 Kyle Sallee
 Lachlan O'Dea
@@ -669,6 +691,7 @@ Laurent Rabret
 Legoff Vincent
 Lehel Bernadt
 Leif W
+Leith Bade
 Len Krause
 Lenaic Lefever
 Lenny Rachitsky
@@ -685,9 +708,10 @@ Liza Alenchery
 Lluís Batlle i Rossell
 Loic Dachary
 Loren Kirkby
+Luan Cestari
 Luca Altea
-Luca Alteas
 Lucas Adamski
+Lucas Pardue
 Ludek Finstrle
 Ludovico Cavedon
 Lukasz Czekierda
@@ -707,8 +731,10 @@ Manuel Massing
 Marc Boucher
 Marc Deslauriers
 Marc Doughty
+Marc Hesse
 Marc Hoersken
 Marc Kleine-Budde
+Marc Renault
 Marcel Raad
 Marcel Roelofs
 Marcelo Juchem
@@ -731,6 +757,7 @@ Mark Salisbury
 Mark Snelling
 Mark Tully
 Markus Duft
+Markus Elfring
 Markus Koetter
 Markus Moeller
 Markus Oberhumer
@@ -759,6 +786,7 @@ Matt Wixson
 Matteo Rocco
 Matthew Blain
 Matthew Clarke
+Matthew Hall
 Matthias Bolte
 Maurice Barnum
 Mauro Iorio
@@ -779,17 +807,19 @@ Michael Day
 Michael Goffioul
 Michael Jahn
 Michael Jerris
+Michael Kaufmann
 Michael Mealling
 Michael Mueller
 Michael Osipov
 Michael Smith
+Michael Stapelberg
 Michael Stillwell
 Michael Wallner
 Michal Bonino
-Michal Gorny
 Michal Marek
 Michał Górny
 Michał Kowalczyk
+Michel Promonet
 Michele Bini
 Miguel Angel
 Miguel Diaz
@@ -813,9 +843,10 @@ Mitz Wark
 Mohamed Lrhazi
 Mohammad AlSaleh
 Mohun Biswas
-Moonesamy
+Mostyn Bramley-Moore
 Myk Taylor
 Nach M. S.
+Nagai H
 Nathan Coulter
 Nathan O'Sullivan
 Nathanael Nerode
@@ -842,6 +873,7 @@ Nikos Mavrogiannopoulos
 Ning Dong
 Nir Soffer
 Nis Jorgensen
+Nobuhiro Ban
 Nodak Sodak
 Norbert Frese
 Norbert Novotny
@@ -890,7 +922,6 @@ Pawel A. Gajda
 Pawel Kierski
 Pedro Larroy
 Pedro Neves
-Pete Su
 Peter Bray
 Peter Forret
 Peter Gal
@@ -898,6 +929,7 @@ Peter Heuchert
 Peter Hjalmarsson
 Peter Korsgaard
 Peter Lamberg
+Peter Laser
 Peter O'Gorman
 Peter Pentchev
 Peter Silva
@@ -906,6 +938,7 @@ Peter Sylvester
 Peter Todd
 Peter Verhas
 Peter Wang
+Peter Wu
 Peter Wullinger
 Peteris Krumins
 Petr Bahula
@@ -962,6 +995,7 @@ Rene Rebe
 Reuven Wachtfogel
 Reza Arbab
 Ricardo Cadime
+Rich Burridge
 Rich Gray
 Rich Rauenzahn
 Richard Archer
@@ -1020,7 +1054,8 @@ S. Moonesamy
 Salvador Dávila
 Salvatore Sorrentino
 Sam Deane
-Sam Listopad
+Sam Hurst
+Sam Schanken
 Sampo Kellomaki
 Samuel Díaz García
 Samuel Listopad
@@ -1039,7 +1074,6 @@ Scott Cantor
 Scott Davis
 Scott McCreary
 Sebastian Rasmussen
-Sebastien Willemijns
 Senthil Raja Velu
 Sergei Nikulov
 Sergey Tatarincev
@@ -1066,6 +1100,8 @@ Spork Schivago
 Stadler Stephan
 Stan van de Burgt
 Stanislav Ivochkin
+Stefan Bühler
+Stefan Eissing
 Stefan Esser
 Stefan Krause
 Stefan Neis
@@ -1080,6 +1116,7 @@ Stephen More
 Sterling Hughes
 Steve Green
 Steve H Truong
+Steve Havelka
 Steve Holme
 Steve Lhomme
 Steve Little
@@ -1096,9 +1133,11 @@ Sune Ahlgren
 Sven Anders
 Sven Neuhaus
 Sven Wegener
+Symeon Paraschoudis
 Sébastien Willemijns
 T. Bharath
 T. Yamada
+Tae Hyoung Ahn
 Taneli Vahakangas
 Tanguy Fautre
 Tatsuhiro Tsujikawa
@@ -1108,6 +1147,7 @@ Thomas J. Moore
 Thomas Klausner
 Thomas L. Shinnick
 Thomas Lopatic
+Thomas Ruecker
 Thomas Schwinge
 Thomas Tonino
 Tiit Pikma
@@ -1120,12 +1160,14 @@ Tim Costello
 Tim Harder
 Tim Heckman
 Tim Newsome
+Tim Ruehsen
 Tim Sneddon
 Tim Starling
 Timo Sirainen
 Tinus van den Berg
 Tobias Markus
 Tobias Rundström
+Tobias Stoeckmann
 Toby Peterson
 Todd A Ouska
 Todd Kulesza
@@ -1146,6 +1188,7 @@ Tomas Hoger
 Tomas Mlcoch
 Tomas Pospisek
 Tomas Szepe
+Tomasz Kojm
 Tomasz Lacki
 Tommie Gannert
 Tommy Tam
@@ -1165,6 +1208,7 @@ Török Edwin
 Ulf Härnhammar
 Ulf Samuelsson
 Ulrich Doehner
+Ulrich Telle
 Ulrich Zadow
 Venkat Akella
 Victor Snezhko
@@ -1183,9 +1227,12 @@ Vladimir Grishchenko
 Vladimir Lazarenko
 Vojtech Janota
 Vojtech Minarik
+Vojtěch Král
 Vsevolod Novikov
+Waldek Kozba
 Walter J. Mack
 Ward Willats
+Warren Menzer
 Wayne Haigh
 Werner Koch
 Wesley Laxton
@@ -1210,6 +1257,7 @@ Yi Huang
 Yingwei Liu
 Yousuke Kimoto
 Yukihiro Kawada
+Yun SangHo
 Yuriy Sosov
 Yves Arrouye
 Yves Lejeune

docs/THANKS-filter

@@ -0,0 +1,51 @@
+# This is a list of names we have recorded that already are thanked
+# appropriately in THANKS. This list contains variations of their names and
+# their "canonical" name. This file is used for scripting purposes to avoid
+# duplicate entries and will not be included in release tarballs.
+# When removing dupes that aren't identical names from THANKS, add a line
+# here!
+#
+# Used-by: contributor.sh
+s/Andres Garcia/Andrés García/
+s/Chris Conroy/Christopher Conroy/
+s/Francois Charlier/François Charlier/
+s/Gokhan Sengun/Gökhan Şengün/
+s/John Malmberg/John E. Malmberg/
+s/Luca Alteas/Luca Altea/
+s/Michal Gorny/Michał Górny/
+s/Michal Górny/Michał Górny/
+s/Moonesamy/S. Moonesamy/
+s/Pete Su$/Peter Su/
+s/Sam Listopad/Samuel Listopad/
+s/Sebastien Willemijns/Sébastien Willemijns/
+s/YAMADA Yasuharu/Yasuharu Yamada/
+s/Karl M$/Karl Moerder/
+s/Bjorn Stenberg/Björn Stenberg/
+s/upstream tests 305 and 404//
+s/Gaël PORTAY/Gaël Portay/
+s/Romulo Ceccon/Romulo A. Ceccon/
+s/Nach M. S$/Nach M. S./
+s/Jay Satiro/Ray Satiro/
+s/Richard J. Moore/Richard Moore/
+s/Sergey Nikulov/Sergei Nikulov/
+s/Petr Písař/Petr Pisar/
+s/Nick Zitzmann (originally)/Nick Zitzmann/
+s/product-security at Apple//
+s/IT DOES NOT WORK//
+s/Albert Chin/Albert Chin-A-Young/
+s/Paras S\z/Paras Sethia/
+s/Paras Sethiaethia/Paras Sethia/
+s/Дмитрий Фалько/Dmitry Falko/
+s/byte_bucket in the #curl IRC channel//
+s/Michal Górny and Anthony G. Basile//
+s/Alejandro Alvarez$/Alejandro Alvarez Ayllon/
+s/Ant Bryan/Anthony Bryan/
+s/Cédric Deltheil/Cédric Deltheil/
+s/Christian Hagele/Christian Hägele/
+s/douglas steinwand/Douglas Steinwand/
+s/Frank Van Uffelen and Fabian Hiernaux//
+s/Rodrigo Silva (MestreLion)/Rodrigo Silva/
+s/tetetest tetetest//
+s/Jiří Hruška/Jiri Hruska/
+s/Viktor Szakats/Viktor Szakáts/
+s/Jonathan Cardoso/Jonathan Cardoso Machado/

docs/TODO

@@ -9,6 +9,11 @@
  Things to do in project cURL. Please tell us what you think, contribute and
  send us patches that improve things!
 
+ Be aware that these are things that we could do, or have once been considered
+ things we could do. If you want to work on any of these areas, please
+ consider bringing it up for discussions first on the mailing list so that we
+ all agree it is still a good idea for the project!
+
  All bugs documented in the KNOWN_BUGS document are subject for fixing!
 
  1. libcurl
@@ -19,10 +24,12 @@
  1.6 Modified buffer size approach
  1.7 Detect when called from within callbacks
  1.8 Allow SSL (HTTPS) to proxy
+ 1.9 Cache negative name resolves
 
  2. libcurl - multi interface
  2.1 More non-blocking
  2.2 Fix HTTP Pipelining for PUT
+ 2.3 Better support for same name resolves
 
  3. Documentation
  3.1 Update date and version in man pages
@@ -42,7 +49,6 @@
  5.3 Rearrange request header order
  5.4 SPDY
  5.5 auth= in URLs
- 5.6 Digest via Windows SSPI
 
  6. TELNET
  6.1 ditch stdin
@@ -64,61 +70,74 @@
  10. LDAP
  10.1 SASL based authentication mechanisms
  
- 11. New protocols
- 11.1 RSYNC
-
- 12. SSL
- 12.1 Disable specific versions
- 12.2 Provide mutex locking API
- 12.3 Evaluate SSL patches
- 12.4 Cache OpenSSL contexts
- 12.5 Export session ids
- 12.6 Provide callback for cert verification
- 12.7 improve configure --with-ssl
- 12.8 Support DANE
-
- 13. GnuTLS
- 13.1 SSL engine stuff
- 13.2 check connection
-
- 14. SASL
- 14.1 Other authentication mechanisms
- 14.2 GSSAPI via GSS-API libraries
+ 11. SMB
+ 11.1 File listing support
+ 11.2 Honor file timestamps
+ 11.3 Use NTLMv2
  
- 15. Client
- 15.1 sync
- 15.2 glob posts
- 15.3 prevent file overwriting
- 15.4 simultaneous parallel transfers
- 15.5 provide formpost headers
- 15.6 warning when setting an option
+ 12. New protocols
+ 12.1 RSYNC
 
- 16. Build
- 16.1 roffit
+ 13. SSL
+ 13.1 Disable specific versions
+ 13.2 Provide mutex locking API
+ 13.3 Evaluate SSL patches
+ 13.4 Cache OpenSSL contexts
+ 13.5 Export session ids
+ 13.6 Provide callback for cert verification
+ 13.7 improve configure --with-ssl
+ 13.8 Support DANE
 
- 17. Test suite
- 17.1 SSL tunnel
- 17.2 nicer lacking perl message
- 17.3 more protocols supported
- 17.4 more platforms supported
- 17.5 Add support for concurrent connections
+ 14. GnuTLS
+ 14.1 SSL engine stuff
+ 14.2 check connection
 
- 18. Next SONAME bump
- 18.1 http-style HEAD output for FTP
- 18.2 combine error codes
- 18.3 extend CURLOPT_SOCKOPTFUNCTION prototype
+ 15. WinSSL/SChannel
+ 15.1 Add support for client certificate authentication
+ 15.2 Add support for custom server certificate validation
+ 15.3 Add support for the --ciphers option
 
- 19. Next major release
- 19.1 cleanup return codes
- 19.2 remove obsolete defines
- 19.3 size_t
- 19.4 remove several functions
- 19.5 remove CURLOPT_FAILONERROR
- 19.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
- 19.7 remove progress meter from libcurl
- 19.8 remove 'curl_httppost' from public
- 19.9 have form functions use CURL handle argument
- 19.10 Add CURLOPT_MAIL_CLIENT option
+ 16. SASL
+ 16.1 Other authentication mechanisms
+ 16.2 Add QOP support to GSSAPI authentication
+ 
+ 17. Client
+ 17.1 sync
+ 17.2 glob posts
+ 17.3 prevent file overwriting
+ 17.4 simultaneous parallel transfers
+ 17.5 provide formpost headers
+ 17.6 warning when setting an option
+ 17.7 warning when sending binary output to terminal
+ 17.8 offer color-coded HTTP header output
+ 17.9 Choose the name of file in braces for complex URLs
+
+ 18. Build
+ 18.1 roffit
+
+ 19. Test suite
+ 19.1 SSL tunnel
+ 19.2 nicer lacking perl message
+ 19.3 more protocols supported
+ 19.4 more platforms supported
+ 19.5 Add support for concurrent connections
+
+ 20. Next SONAME bump
+ 20.1 http-style HEAD output for FTP
+ 20.2 combine error codes
+ 20.3 extend CURLOPT_SOCKOPTFUNCTION prototype
+
+ 21. Next major release
+ 21.1 cleanup return codes
+ 21.2 remove obsolete defines
+ 21.3 size_t
+ 21.4 remove several functions
+ 21.5 remove CURLOPT_FAILONERROR
+ 21.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
+ 21.7 remove progress meter from libcurl
+ 21.8 remove 'curl_httppost' from public
+ 21.9 have form functions use CURL handle argument
+ 21.10 Add CURLOPT_MAIL_CLIENT option
 
 ==============================================================================
 
@@ -134,7 +153,7 @@
 
  Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
  SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete.
- To support ipv6 interface addresses for network interfaces properly.
+ To support IPv6 interface addresses for network interfaces properly.
 
 1.4 signal-based resolver timeouts
 
@@ -193,6 +212,12 @@
  ...and by Firefox soon:
  https://bugzilla.mozilla.org/show_bug.cgi?id=378637
 
+1.9 Cache negative name resolves
+
+ A name resolve that has failed is likely to fail when made again within a
+ short period of time. Currently we only cache positive responses.
+
+
 2. libcurl - multi interface
 
 2.1 More non-blocking
@@ -215,6 +240,15 @@
  serial requests and currently libcurl only supports that for HEAD and GET
  requests but it should also be possible for PUT.
 
+2.3 Better support for same name resolves
+
+ If a name resolve has been initiated for name NN and a second easy handle
+ wants to resolve that name as well, make it wait for the first resolve to end
+ up in the cache instead of doing a second separate resolve. This is
+ especially needed when adding many simultaneous handles using the same host
+ name when the DNS resolver can get flooded.
+
+
 3. Documentation
 
 3.1 Update date and version in man pages
@@ -314,12 +348,6 @@ This is not detailed in any FTP specification.
 
  Additionally this should be implemented for proxy base URLs as well.
 
-5.6 Digest via Windows SSPI
-
- libcurl already supports HTTP Digest Authentication via native routines as well
- as SASL Digest via both Windows SSPI and native routines. In addition to this
- libcurl should also support HTTP Digest Authentication via Windows SSPI.
-
 6. TELNET
 
 6.1 ditch stdin
@@ -383,32 +411,47 @@ to provide the data to send.
  be possible to use ldap_bind_s() instead specifying the security context
  information ourselves.
 
-11. New protocols
+11. SMB
 
-11.1 RSYNC
+11.1 File listing support
+
+Add support for listing the contents of a SMB share. The output should probably
+be the same as/similar to FTP.
+
+11.2 Honor file timestamps
+
+The timestamp of the transfered file should reflect that of the original file.
+
+11.3 Use NTLMv2
+
+Currently the SMB authentication uses NTLMv1.
+
+12. New protocols
+
+12.1 RSYNC
 
  There's no RFC for the protocol or an URI/URL format.  An implementation
  should most probably use an existing rsync library, such as librsync.
 
-12. SSL
+13. SSL
 
-12.1 Disable specific versions
+13.1 Disable specific versions
 
  Provide an option that allows for disabling specific SSL versions, such as
  SSLv2 http://curl.haxx.se/bug/feature.cgi?id=1767276
 
-12.2 Provide mutex locking API
+13.2 Provide mutex locking API
 
  Provide a libcurl API for setting mutex callbacks in the underlying SSL
  library, so that the same application code can use mutex-locking
  independently of OpenSSL or GnutTLS being used.
 
-12.3 Evaluate SSL patches
+13.3 Evaluate SSL patches
 
  Evaluate/apply Gertjan van Wingerde's SSL patches:
  http://curl.haxx.se/mail/lib-2004-03/0087.html
 
-12.4 Cache OpenSSL contexts
+13.4 Cache OpenSSL contexts
 
  "Look at SSL cafile - quick traces look to me like these are done on every
  request as well, when they should only be necessary once per SSL context (or
@@ -418,7 +461,7 @@ to provide the data to send.
  style connections are re-used. It will make us use slightly more memory but
  it will libcurl do less creations and deletions of SSL contexts.
 
-12.5 Export session ids
+13.5 Export session ids
 
  Add an interface to libcurl that enables "session IDs" to get
  exported/imported. Cris Bailiff said: "OpenSSL has functions which can
@@ -426,18 +469,18 @@ to provide the data to send.
  the state from such a buffer at a later date - this is used by mod_ssl for
  apache to implement and SSL session ID cache".
 
-12.6 Provide callback for cert verification
+13.6 Provide callback for cert verification
 
  OpenSSL supports a callback for customised verification of the peer
  certificate, but this doesn't seem to be exposed in the libcurl APIs. Could
  it be? There's so much that could be done if it were!
 
-12.7 improve configure --with-ssl
+13.7 improve configure --with-ssl
 
  make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
  then NSS...
 
-12.8 Support DANE
+13.8 Support DANE
 
  DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL
  keys and certs over DNS using DNSSEC as an alternative to the CA model.
@@ -449,32 +492,69 @@ to provide the data to send.
  http://curl.haxx.se/mail/lib-2013-03/0103.html . libunbound may be the
  correct library to base this development on.
 
-13. GnuTLS
+14. GnuTLS
 
-13.1 SSL engine stuff
+14.1 SSL engine stuff
 
  Is this even possible?
 
-13.2 check connection
+14.2 check connection
 
  Add a way to check if the connection seems to be alive, to correspond to the
  SSL_peak() way we use with OpenSSL.
 
-14. SASL
+15. WinSSL/SChannel
 
-14.1 Other authentication mechanisms
+15.1 Add support for client certificate authentication
 
- Add support for other authentication mechanisms such as EXTERNAL, OLP,
+ WinSSL/SChannel currently makes use of the OS-level system and user
+ certificate and private key stores. This does not allow the application
+ or the user to supply a custom client certificate using curl or libcurl.
+
+ Therefore support for the existing -E/--cert and --key options should be
+ implemented by supplying a custom certificate to the SChannel APIs, see:
+ - Getting a Certificate for Schannel
+   http://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx
+
+15.2 Add support for custom server certificate validation
+
+ WinSSL/SChannel currently makes use of the OS-level system and user
+ certificate trust store. This does not allow the application or user to
+ customize the server certificate validation process using curl or libcurl.
+
+ Therefore support for the existing --cacert or --capath options should be
+ implemented by supplying a custom certificate to the SChannel APIs, see:
+ - Getting a Certificate for Schannel
+   http://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx
+
+15.3 Add support for the --ciphers option
+
+ The cipher suites used by WinSSL/SChannel are configured on an OS-level
+ instead of an application-level. This does not allow the application or
+ the user to customize the configured cipher suites using curl or libcurl.
+
+ Therefore support for the existing --ciphers option should be implemented
+ by mapping the OpenSSL/GnuTLS cipher suites to the SChannel APIs, see
+ - Specifying Schannel Ciphers and Cipher Strengths
+   http://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx
+
+16. SASL
+
+16.1 Other authentication mechanisms
+
+ Add support for other authentication mechanisms such as OLP,
  GSS-SPNEGO and others.
  
-14.2 GSSAPI via GSS-API libraries
+16.2 Add QOP support to GSSAPI authentication
 
- Add support for GSSAPI authentication via third-party GSS-API libraries, such
- as Heimdal and MIT Kerberos.
+ Currently the GSSAPI authentication only supports the default QOP of auth
+ (Authentication), whilst Kerberos V5 supports both auth-int (Authentication
+ with integrity protection) and auth-conf (Authentication with integrity and
+ privacy protection).
 
-15. Client
+17. Client
 
-15.1 sync
+17.1 sync
 
  "curl --sync http://example.com/feed[1-100].rss" or
  "curl --sync http://example.net/{index,calendar,history}.html"
@@ -483,12 +563,12 @@ to provide the data to send.
  remote file is newer than the local file. A Last-Modified HTTP date header
  should also be used to set the mod date on the downloaded file.
 
-15.2 glob posts
+17.2 glob posts
 
  Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
  This is easily scripted though.
 
-15.3 prevent file overwriting
+17.3 prevent file overwriting
 
  Add an option that prevents cURL from overwriting existing local files. When
  used, and there already is an existing file with the target file name
@@ -496,14 +576,14 @@ to provide the data to send.
  existing). So that index.html becomes first index.html.1 and then
  index.html.2 etc.
 
-15.4 simultaneous parallel transfers
+17.4 simultaneous parallel transfers
 
  The client could be told to use maximum N simultaneous parallel transfers and
  then just make sure that happens. It should of course not make more than one
  connection to the same remote host. This would require the client to use the
  multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
 
-15.5 provide formpost headers
+17.5 provide formpost headers
 
  Extending the capabilities of the multipart formposting. How about leaving
  the ';type=foo' syntax as it is and adding an extra tag (headers) which
@@ -517,43 +597,67 @@ to provide the data to send.
  which should overwrite the program reasonable defaults (plain/text,
  8bit...)
 
-15.6 warning when setting an option
+17.6 warning when setting an option
 
   Display a warning when libcurl returns an error when setting an option.
   This can be useful to tell when support for a particular feature hasn't been
   compiled into the library.
 
-16. Build
+17.7 warning when sending binary output to terminal
 
-16.1 roffit
+  Provide a way that prompts the user for confirmation before binary data is
+  sent to the terminal, much in the style 'less' does it.
+
+17.8 offer color-coded HTTP header output
+
+  By offering different color output on the header name and the header
+  contents, they could be made more readable and thus help users working on
+  HTTP services.
+
+17.9 Choose the name of file in braces for complex URLs
+
+  When using braces to download a list of URLs and you use complicated names
+  in the list of alternatives, it could be handy to allow curl to use other
+  names when saving.
+
+  Consider a way to offer that. Possibly like
+  {partURL1:name1,partURL2:name2,partURL3:name3} where the name following the
+  colon is the output name.
+
+  See https://github.com/bagder/curl/issues/221
+
+
+18. Build
+
+18.1 roffit
 
  Consider extending 'roffit' to produce decent ASCII output, and use that
  instead of (g)nroff when building src/tool_hugehelp.c
 
-17. Test suite
+19. Test suite
 
-17.1 SSL tunnel
+19.1 SSL tunnel
 
  Make our own version of stunnel for simple port forwarding to enable HTTPS
  and FTP-SSL tests without the stunnel dependency, and it could allow us to
  provide test tools built with either OpenSSL or GnuTLS
 
-17.2 nicer lacking perl message
+19.2 nicer lacking perl message
 
  If perl wasn't found by the configure script, don't attempt to run the tests
  but explain something nice why it doesn't.
 
-17.3 more protocols supported
+19.3 more protocols supported
 
  Extend the test suite to include more protocols. The telnet could just do FTP
  or http operations (for which we have test servers).
 
-17.4 more platforms supported
+19.4 more platforms supported
 
  Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
  fork()s and it should become even more portable.
 
-17.5 Add support for concurrent connections
+19.5 Add support for concurrent connections
 
  Tests 836, 882 and 938 were designed to verify that separate connections aren't
  used when using different login credentials in protocols that shouldn't re-use
@@ -567,14 +671,14 @@ to provide the data to send.
  and thus the wait for connections loop is never entered to receive the second
  connection.
 
-18. Next SONAME bump
+20. Next SONAME bump
 
-18.1 http-style HEAD output for FTP
+20.1 http-style HEAD output for FTP
 
  #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
  from being output in NOBODY requests over FTP
 
-18.2 combine error codes
+20.2 combine error codes
 
  Combine some of the error codes to remove duplicates.  The original
  numbering should not be changed, and the old identifiers would be
@@ -599,29 +703,29 @@ to provide the data to send.
 
     CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED
 
-18.3 extend CURLOPT_SOCKOPTFUNCTION prototype
+20.3 extend CURLOPT_SOCKOPTFUNCTION prototype
 
  The current prototype only provides 'purpose' that tells what the
  connection/socket is for, but not any protocol or similar. It makes it hard
  for applications to differentiate on TCP vs UDP and even HTTP vs FTP and
  similar.
 
-19. Next major release
+21. Next major release
 
-19.1 cleanup return codes
+21.1 cleanup return codes
 
  curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
  CURLMcode. These should be changed to be the same.
 
-19.2 remove obsolete defines
+21.2 remove obsolete defines
 
  remove obsolete defines from curl/curl.h
 
-19.3 size_t
+21.3 size_t
 
  make several functions use size_t instead of int in their APIs
 
-19.4 remove several functions
+21.4 remove several functions
 
  remove the following functions from the public API:
 
@@ -642,18 +746,18 @@ to provide the data to send.
 
  curl_multi_socket_all
 
-19.5 remove CURLOPT_FAILONERROR
+21.5 remove CURLOPT_FAILONERROR
 
  Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
  internally. Let the app judge success or not for itself.
 
-19.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
+21.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
 
  Remove support for a global DNS cache. Anything global is silly, and we
  already offer the share interface for the same functionality but done
  "right".
 
-19.7 remove progress meter from libcurl
+21.7 remove progress meter from libcurl
 
  The internally provided progress meter output doesn't belong in the library.
  Basically no application wants it (apart from curl) but instead applications
@@ -663,7 +767,7 @@ to provide the data to send.
  variable types passed to it instead of doubles so that big files work
  correctly.
 
-19.8 remove 'curl_httppost' from public
+21.8 remove 'curl_httppost' from public
 
  curl_formadd() was made to fill in a public struct, but the fact that the
  struct is public is never really used by application for their own advantage
@@ -672,7 +776,7 @@ to provide the data to send.
  Changing them to return a private handle will benefit the implementation and
  allow us much greater freedoms while still maintaining a solid API and ABI.
 
-19.9 have form functions use CURL handle argument
+21.9 have form functions use CURL handle argument
 
  curl_formadd() and curl_formget() both currently have no CURL handle
  argument, but both can use a callback that is set in the easy handle, and
@@ -680,7 +784,7 @@ to provide the data to send.
  curl_easy_perform() (or similar) called - which is hard to grasp and a design
  mistake.
 
-19.10 Add CURLOPT_MAIL_CLIENT option
+21.10 Add CURLOPT_MAIL_CLIENT option
 
  Rather than use the URL to specify the mail client string to present in the
  HELO and EHLO commands, libcurl should support a new CURLOPT specifically for

docs/TheArtOfHttpScripting

@@ -1,4 +1,3 @@
-Updated: Dec 24, 2013 (http://curl.haxx.se/docs/httpscripting.html)
                                   _   _ ____  _
                               ___| | | |  _ \| |
                              / __| | | | |_) | |
@@ -23,6 +22,8 @@ The Art Of Scripting HTTP Requests Using Curl
  3. Fetch a page
  3.1 GET
  3.2 HEAD
+ 3.3 Multiple URLs in a single command line
+ 3.4 Multiple HTTP methods in a single command line
  4. HTML forms
  4.1 Forms explained
  4.2 GET
@@ -136,7 +137,7 @@ The Art Of Scripting HTTP Requests Using Curl
  The Uniform Resource Locator format is how you specify the address of a
  particular resource on the Internet. You know these, you've seen URLs like
  http://curl.haxx.se or https://yourbank.com a million times. RFC 3986 is the
- canonical spec.
+ canonical spec. And yeah, the formal name is not URL, it is URI.
 
  2.2 Host
 
@@ -193,7 +194,6 @@ The Art Of Scripting HTTP Requests Using Curl
  the associated response. The path is what is to the right side of the slash
  that follows the host name and possibly port number.
 
-
 3. Fetch a page
 
  3.1 GET
@@ -224,6 +224,46 @@ The Art Of Scripting HTTP Requests Using Curl
  may see a Content-Length: in the response headers, but there must not be an
  actual body in the HEAD response.
 
+ 3.3 Multiple URLs in a single command line
+
+ A single curl command line may involve one or many URLs. The most common case
+ is probably to just use one, but you can specify any amount of URLs. Yes
+ any. No limits. You'll then get requests repeated over and over for all the
+ given URLs.
+
+ Example, send two GETs:
+
+    curl http://url1.example.com http://url2.example.com
+
+ If you use --data to POST to the URL, using multiple URLs means that you send
+ that same POST to all the given URLs.
+
+ Example, send two POSTs:
+
+    curl --data name=curl http://url1.example.com http://url2.example.com
+
+
+ 3.4 Multiple HTTP methods in a single command line
+
+ Sometimes you need to operate on several URLs in a single command line and do
+ different HTTP methods on each. For this, you'll enjoy the --next option. It
+ is basically a separator that separates a bunch of options from the next. All
+ the URLs before --next will get the same method and will get all the POST
+ data merged into one.
+
+ When curl reaches the --next on the command line, it'll sort of reset the
+ method and the POST data and allow a new set.
+
+ Perhaps this is best shown with a few examples. To send first a HEAD and then
+ a GET:
+
+   curl -I http://example.com --next http://example.com
+
+ To first send a POST and then a GET:
+
+   curl -d score=10 http://example.com/post.cgi --next http://example.com/results.html
+
+
 4. HTML forms
 
  4.1 Forms explained
@@ -302,6 +342,10 @@ The Art Of Scripting HTTP Requests Using Curl
 
         curl --data-urlencode "name=I am Daniel" http://www.example.com
 
+  If you repeat --data several times on the command line, curl will
+  concatenate all the given data pieces - and put a '&' symbol between each
+  data segment.
+
  4.4 File Upload POST
 
   Back in late 1995 they defined an additional way to post data over HTTP. It
@@ -557,8 +601,10 @@ The Art Of Scripting HTTP Requests Using Curl
  truckload of advanced features to allow all those encryptions and key
  infrastructure mechanisms encrypted HTTP requires.
 
- Curl supports encrypted fetches thanks to the freely available OpenSSL
- libraries. To get a page from a HTTPS server, simply run curl like:
+ Curl supports encrypted fetches when built to use a TLS library and it can be
+ built to use one out of a fairly large set of libraries - "curl -V" will show
+ which one your curl was built to use (if any!). To get a page from a HTTPS
+ server, simply run curl like:
 
         curl https://secure.example.com
 
@@ -584,6 +630,12 @@ The Art Of Scripting HTTP Requests Using Curl
 
         http://curl.haxx.se/docs/sslcerts.html
 
+  At times you may end up with your own CA cert store and then you can tell
+  curl to use that to verify the server's certificate:
+
+        curl --cacert ca-bundle.pem https://example.com/
+
+
 11. Custom Request Elements
 
 11.1 Modify method and headers
@@ -692,7 +744,7 @@ The Art Of Scripting HTTP Requests Using Curl
 
  14.1 Standards
 
- RFC 2616 is a must to read if you want in-depth understanding of the HTTP
+ RFC 7230 is a must to read if you want in-depth understanding of the HTTP
  protocol
 
  RFC 3986 explains the URL syntax

docs/curl.1

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -20,7 +20,7 @@
 .\" *
 .\" **************************************************************************
 .\"
-.TH curl 1 "2 Aug 2014" "Curl 7.38.0" "Curl Manual"
+.TH curl 1 "30 Nov 2014" "Curl 7.40.0" "Curl Manual"
 .SH NAME
 curl \- transfer a URL
 .SH SYNOPSIS
@@ -30,8 +30,8 @@ curl \- transfer a URL
 .B curl
 is a tool to transfer data from or to a server, using one of the supported
 protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP,
-LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP).  The
-command is designed to work without user interaction.
+LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET
+and TFTP). The command is designed to work without user interaction.
 
 curl offers a busload of useful tricks like proxy support, user
 authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer
@@ -78,6 +78,11 @@ probably have to put the full URL within double quotes to avoid the shell from
 interfering with it. This also goes for other characters treated special, like
 for example '&', '?' and '*'.
 
+Provide the IPv6 zone index in the URL with an escaped percentage sign and the
+interface name. Like in
+
+  http://[fe80::3%25eth0]/
+
 If you specify URL without protocol:// prefix, curl will attempt to guess what
 protocol you might want. It will then default to HTTP but try other protocols
 based on often-used host name prefixes. For example, for host names starting
@@ -172,7 +177,7 @@ considered insecure.
 (SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL
 server. Sometimes curl is built without SSLv3 support.
 .IP "-4, --ipv4"
-Tis option tells curl to resolve names to IPv4 addresses only, and not for
+This option tells curl to resolve names to IPv4 addresses only, and not for
 example try IPv6.
 .IP "-6, --ipv6"
 This option tells curl to resolve names to IPv6 addresses only, and not for
@@ -293,7 +298,9 @@ uses no dir or if the dirs it mentions already exist, no dir will be created.
 To create remote directories when using FTP or SFTP, try
 \fI--ftp-create-dirs\fP.
 .IP "--crlf"
-(FTP) Convert LF to CRLF in upload. Useful for MVS (OS/390).
+Convert LF to CRLF in upload. Useful for MVS (OS/390).
+
+(SMTP added in 7.40.0)
 .IP "--crlfile <file>"
 (HTTPS/FTPS) Provide a file using PEM format with a Certificate Revocation
 List that may specify peer certificates that are to be considered revoked.
@@ -534,17 +541,37 @@ If this option is set, the default capath value will be ignored, and if it is
 used several times, the last one will be used.
 .IP "--pinnedpubkey <pinned public key>"
 (SSL) Tells curl to use the specified public key file to verify the peer. The
-file must contain a single public key in DER format.
+file must contain a single public key in PEM or DER format.
 
 When negotiating a TLS or SSL connection, the server sends a certificate
 indicating its identity. A public key is extracted from this certificate and
 if it does not exactly match the public key provided to this option, curl will
 abort the connection before sending or receiving any data.
 
-This is currently only implemented in the OpenSSL and GnuTLS backends.
+This is currently only implemented in the OpenSSL, GnuTLS and GSKit backends.
 
 If this option is used several times, the last one will be used.
 (Added in 7.39.0)
+.IP "--cert-status"
+(SSL) Tells curl to verify the status of the server certificate by using the
+Certificate Status Request (aka. OCSP stapling) TLS extension.
+
+If this option is enabled and the server sends an invalid (e.g. expired)
+response, if the response suggests that the server certificate has been revoked,
+or no response at all is received, the verification fails.
+
+This is currently only implemented in the OpenSSL, GnuTLS and NSS backends.
+(Added in 7.41.0)
+.IP "--false-start"
+
+(SSL) Tells curl to use false start during the TLS handshake. False start is a
+mode where a TLS client will start sending application data before verifying
+the server's Finished message, thus saving a round trip when performing a full
+handshake.
+
+This is currently only implemented in the NSS and Secure Transport (on iOS 7.0
+or later, or OS X 10.9 or later) backends.
+(Added in 7.42.0)
 .IP "-f, --fail"
 (HTTP) Fail silently (no output at all) on server errors. This is mostly done
 to better enable scripts etc to better deal with failed attempts. In normal
@@ -726,6 +753,12 @@ Example:
 
 \&# curl -H "X-First-Name: Joe" http://192.168.0.1/
 
+\fBWARNING\fP: headers set with this option will be set in all requests - even
+after redirects are followed, like when told with \fB-L, --location\fP. This
+can lead to the header being sent to other hosts than the original host, so
+sensitive headers should be used with caution combined with following
+redirects.
+
 This option can be used multiple times to add/replace/remove multiple headers.
 .IP "--hostpubmd5 <md5>"
 (SCP/SFTP) Pass a string containing 32 hexadecimal digits. The string should
@@ -806,12 +839,12 @@ the following places in this order:
 
 1) curl tries to find the "home dir": It first checks for the CURL_HOME and
 then the HOME environment variables. Failing that, it uses getpwuid() on
-UNIX-like systems (which returns the home dir given the current user in your
+Unix-like systems (which returns the home dir given the current user in your
 system). On Windows, it then checks for the APPDATA variable, or as a last
 resort the '%USERPROFILE%\\Application Data'.
 
 2) On windows, if there is no _curlrc file in the home dir, it checks for one
-in the same dir the curl executable is placed. On UNIX-like systems, it will
+in the same dir the curl executable is placed. On Unix-like systems, it will
 simply try to load .curlrc from the determined home dir.
 
 .nf
@@ -1019,7 +1052,7 @@ in Metalink file, hash check will fail.
 .IP "-n, --netrc"
 Makes curl scan the \fI.netrc\fP (\fI_netrc\fP on Windows) file in the user's
 home directory for login name and password. This is typically used for FTP on
-UNIX. If used with HTTP, curl will enable user authentication. See
+Unix. If used with HTTP, curl will enable user authentication. See
 .BR netrc(4)
 or
 .BR ftp(1)
@@ -1202,6 +1235,12 @@ available.
 (SSL/SSH) Passphrase for the private key
 
 If this option is used several times, the last one will be used.
+.IP "--path-as-is"
+Tell curl to not handle sequences of /../ or /./ in the given URL
+path. Normally curl will squash or merge them according to standards but with
+this option set you tell it not to do that.
+
+(Added in 7.42.0)
 .IP "--post301"
 (HTTP) Tells curl to respect RFC 2616/10.3.2 and not convert POST requests
 into GET requests when following a 301 redirection. The non-RFC behaviour is
@@ -1655,6 +1694,9 @@ If this option is used several times, the last one will be used.
 .IP "--trace-time"
 Prepends a time stamp to each trace or verbose line that curl displays.
 (Added in 7.14.0)
+.IP "--unix-socket <path>"
+(HTTP) Connect through this Unix domain socket, instead of using the
+network. (Added in 7.40.0)
 .IP "-u, --user <user:password>"
 Specify the user name and password to use for server authentication. Overrides
 \fI-n, --netrc\fP and \fI--netrc-optional\fP.
@@ -1679,7 +1721,7 @@ Principal Name) formats. For example, EXAMPLE\\user and user@example.com
 respectively.
 
 If you use a Windows SSPI-enabled curl binary and perform Kerberos V5,
-Negotiate, NTLM or DIGEST-MD5 authentication then you can tell curl to select
+Negotiate, NTLM or Digest authentication then you can tell curl to select
 the user name and password from your environment by specifying a single colon
 with this option: "-u :".
 
@@ -1874,7 +1916,7 @@ password.
 If this option is used several times, the last one will be used.
 .IP "-X, --request <command>"
 (HTTP) Specifies a custom request method to use when communicating with the
-HTTP server.  The specified request will be used instead of the method
+HTTP server.  The specified request method will be used instead of the method
 otherwise used (which defaults to GET). Read the HTTP 1.1 specification for
 details and explanations. Common additional HTTP requests include PUT and
 DELETE, but related technologies like WebDAV offers PROPFIND, COPY, MOVE and
@@ -1888,6 +1930,11 @@ alter the way curl behaves. So for example if you want to make a proper HEAD
 request, using -X HEAD will not suffice. You need to use the \fI-I, --head\fP
 option.
 
+The method string you set with -X will be used for all requests, which if you
+for example use \fB-L, --location\fP may cause unintended side-effects when
+curl doesn't change request method according to the HTTP 30x response codes -
+and similar.
+
 (FTP)
 Specifies a custom FTP command to use instead of LIST when doing file lists
 with FTP.

docs/examples/10-at-a-time.c

@@ -62,7 +62,6 @@ static const char *urls[] = {
   "http://www.uefa.com",
   "http://www.ieee.org",
   "http://www.apple.com",
-  "http://www.sony.com",
   "http://www.symantec.com",
   "http://www.zdnet.com",
   "http://www.fujitsu.com",

docs/examples/Makefile.inc

@@ -1,20 +1,42 @@
+#***************************************************************************
+#                                  _   _ ____  _
+#  Project                     ___| | | |  _ \| |
+#                             / __| | | | |_) | |
+#                            | (__| |_| |  _ <| |___
+#                             \___|\___/|_| \_\_____|
+#
+# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at http://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+###########################################################################
+
 # These are all libcurl example programs to be test compiled
 check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \
   fopen ftpget ftpgetresp ftpupload getinfo getinmemory http-post httpput  \
   https multi-app multi-debugcallback multi-double multi-post multi-single \
   persistant post-callback postit2 sepheaders simple simplepost simplessl  \
-  sendrecv httpcustomheader certinfo chkspeed ftpgetinfo ftp-wildcard \
-  smtp-mail smtp-multi smtp-ssl smtp-tls smtp-vrfy smtp-expn rtsp \
-  externalsocket resolve progressfunc pop3-retr pop3-list pop3-uidl pop3-dele \
-  pop3-top pop3-stat pop3-noop pop3-ssl pop3-tls pop3-multi imap-list \
-  imap-lsub imap-fetch imap-store imap-append imap-examine imap-search \
-  imap-create imap-delete imap-copy imap-noop imap-ssl imap-tls imap-multi \
-  url2file sftpget ftpsget postinmemory
+  sendrecv httpcustomheader certinfo chkspeed ftpgetinfo ftp-wildcard      \
+  smtp-mail smtp-multi smtp-ssl smtp-tls smtp-vrfy smtp-expn rtsp          \
+  externalsocket resolve progressfunc pop3-retr pop3-list pop3-uidl        \
+  pop3-dele pop3-top pop3-stat pop3-noop pop3-ssl pop3-tls pop3-multi      \
+  imap-list imap-lsub imap-fetch imap-store imap-append imap-examine       \
+  imap-search imap-create imap-delete imap-copy imap-noop imap-ssl         \
+  imap-tls imap-multi url2file sftpget ftpsget postinmemory
 
 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
-COMPLICATED_EXAMPLES = curlgtk.c curlx.c htmltitle.cpp cacertinmem.c	   \
-  ftpuploadresume.c ghiper.c hiperfifo.c htmltidy.c multithread.c	   \
+COMPLICATED_EXAMPLES = curlgtk.c curlx.c htmltitle.cpp cacertinmem.c       \
+  ftpuploadresume.c ghiper.c hiperfifo.c htmltidy.c multithread.c          \
   opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c evhiperfifo.c \
-  smooth-gtk-thread.c version-check.pl href_extractor.c asiohiper.cpp \
+  smooth-gtk-thread.c version-check.pl href_extractor.c asiohiper.cpp      \
   multi-uv.c xmlstream.c usercertinmem.c sessioninfo.c

docs/examples/Makefile.m32

@@ -38,7 +38,7 @@ ZLIB_PATH = ../../../zlib-1.2.8
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8y
+OPENSSL_PATH = ../../../openssl-0.9.8zc
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH

docs/examples/Makefile.netware

@@ -19,7 +19,7 @@ endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8y
+OPENSSL_PATH = ../../../openssl-0.9.8zc
 endif
 
 # Edit the path below to point to the base of your LibSSH2 package.

docs/examples/asiohiper.cpp

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -84,7 +84,7 @@ static int multi_timer_cb(CURLM *multi, long timeout_ms, GlobalInfo *g)
   /* cancel running timer */
   timer.cancel();
 
-  if ( timeout_ms > 0 )
+  if(timeout_ms > 0)
   {
     /* update timer */
     timer.expires_from_now(boost::posix_time::millisec(timeout_ms));
@@ -103,26 +103,44 @@ static int multi_timer_cb(CURLM *multi, long timeout_ms, GlobalInfo *g)
 /* Die if we get a bad CURLMcode somewhere */
 static void mcode_or_die(const char *where, CURLMcode code)
 {
-  if ( CURLM_OK != code )
+  if(CURLM_OK != code)
   {
     const char *s;
-    switch ( code )
+    switch(code)
     {
-    case CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
-    case CURLM_BAD_HANDLE:         s="CURLM_BAD_HANDLE";         break;
-    case CURLM_BAD_EASY_HANDLE:    s="CURLM_BAD_EASY_HANDLE";    break;
-    case CURLM_OUT_OF_MEMORY:      s="CURLM_OUT_OF_MEMORY";      break;
-    case CURLM_INTERNAL_ERROR:     s="CURLM_INTERNAL_ERROR";     break;
-    case CURLM_UNKNOWN_OPTION:     s="CURLM_UNKNOWN_OPTION";     break;
-    case CURLM_LAST:               s="CURLM_LAST";               break;
-    default: s="CURLM_unknown";
+    case CURLM_CALL_MULTI_PERFORM:
+      s = "CURLM_CALL_MULTI_PERFORM";
       break;
-    case     CURLM_BAD_SOCKET:         s="CURLM_BAD_SOCKET";
+    case CURLM_BAD_HANDLE:
+      s = "CURLM_BAD_HANDLE";
+      break;
+    case CURLM_BAD_EASY_HANDLE:
+      s = "CURLM_BAD_EASY_HANDLE";
+      break;
+    case CURLM_OUT_OF_MEMORY:
+      s = "CURLM_OUT_OF_MEMORY";
+      break;
+    case CURLM_INTERNAL_ERROR:
+      s = "CURLM_INTERNAL_ERROR";
+      break;
+    case CURLM_UNKNOWN_OPTION:
+      s = "CURLM_UNKNOWN_OPTION";
+      break;
+    case CURLM_LAST:
+      s = "CURLM_LAST";
+      break;
+    default:
+      s = "CURLM_unknown";
+      break;
+    case CURLM_BAD_SOCKET:
+      s = "CURLM_BAD_SOCKET";
       fprintf(MSG_OUT, "\nERROR: %s returns %s", where, s);
       /* ignore this error */
       return;
     }
+
     fprintf(MSG_OUT, "\nERROR: %s returns %s", where, s);
+
     exit(code);
   }
 }
@@ -139,9 +157,9 @@ static void check_multi_info(GlobalInfo *g)
 
   fprintf(MSG_OUT, "\nREMAINING: %d", g->still_running);
 
-  while ((msg = curl_multi_info_read(g->multi, &msgs_left)))
+  while((msg = curl_multi_info_read(g->multi, &msgs_left)))
   {
-    if (msg->msg == CURLMSG_DONE)
+    if(msg->msg == CURLMSG_DONE)
     {
       easy = msg->easy_handle;
       res = msg->data.result;
@@ -157,17 +175,19 @@ static void check_multi_info(GlobalInfo *g)
 }
 
 /* Called by asio when there is an action on a socket */
-static void event_cb(GlobalInfo * g, boost::asio::ip::tcp::socket * tcp_socket, int action)
+static void event_cb(GlobalInfo *g, boost::asio::ip::tcp::socket *tcp_socket,
+                     int action)
 {
   fprintf(MSG_OUT, "\nevent_cb: action=%d", action);
 
   CURLMcode rc;
-  rc = curl_multi_socket_action(g->multi, tcp_socket->native_handle(), action, &g->still_running);
+  rc = curl_multi_socket_action(g->multi, tcp_socket->native_handle(), action,
+                                &g->still_running);
 
   mcode_or_die("event_cb: curl_multi_socket_action", rc);
   check_multi_info(g);
 
-  if ( g->still_running <= 0 )
+  if(g->still_running <= 0)
   {
     fprintf(MSG_OUT, "\nlast transfer done, kill timeout");
     timer.cancel();
@@ -177,7 +197,7 @@ static void event_cb(GlobalInfo * g, boost::asio::ip::tcp::socket * tcp_socket,
 /* Called by asio when our timeout expires */
 static void timer_cb(const boost::system::error_code & error, GlobalInfo *g)
 {
-  if ( !error)
+  if(!error)
   {
     fprintf(MSG_OUT, "\ntimer_cb: ");
 
@@ -194,7 +214,7 @@ static void remsock(int *f, GlobalInfo *g)
 {
   fprintf(MSG_OUT, "\nremsock: ");
 
-  if ( f )
+  if(f)
   {
     free(f);
   }
@@ -206,9 +226,10 @@ static void setsock(int *fdp, curl_socket_t s, CURL*e, int act, GlobalInfo*g)
 
   std::map<curl_socket_t, boost::asio::ip::tcp::socket *>::iterator it = socket_map.find(s);
 
-  if ( it == socket_map.end() )
+  if(it == socket_map.end())
   {
     fprintf(MSG_OUT, "\nsocket %d is a c-ares socket, ignoring", s);
+
     return;
   }
 
@@ -216,44 +237,36 @@ static void setsock(int *fdp, curl_socket_t s, CURL*e, int act, GlobalInfo*g)
 
   *fdp = act;
 
-  if ( act == CURL_POLL_IN )
+  if(act == CURL_POLL_IN)
   {
     fprintf(MSG_OUT, "\nwatching for socket to become readable");
 
     tcp_socket->async_read_some(boost::asio::null_buffers(),
-                             boost::bind(&event_cb, g,
-                               tcp_socket,
-                               act));
+                                boost::bind(&event_cb, g, tcp_socket, act));
   }
-  else if ( act == CURL_POLL_OUT )
+  else if (act == CURL_POLL_OUT)
   {
     fprintf(MSG_OUT, "\nwatching for socket to become writable");
 
     tcp_socket->async_write_some(boost::asio::null_buffers(),
-                              boost::bind(&event_cb, g,
-                                tcp_socket,
-                                act));
+                                 boost::bind(&event_cb, g, tcp_socket, act));
   }
-  else if ( act == CURL_POLL_INOUT )
+  else if(act == CURL_POLL_INOUT)
   {
     fprintf(MSG_OUT, "\nwatching for socket to become readable & writable");
 
     tcp_socket->async_read_some(boost::asio::null_buffers(),
-                             boost::bind(&event_cb, g,
-                               tcp_socket,
-                               act));
+                                boost::bind(&event_cb, g, tcp_socket, act));
 
     tcp_socket->async_write_some(boost::asio::null_buffers(),
-                              boost::bind(&event_cb, g,
-                                tcp_socket,
-                                act));
+                                 boost::bind(&event_cb, g, tcp_socket, act));
   }
 }
 
-
 static void addsock(curl_socket_t s, CURL *easy, int action, GlobalInfo *g)
 {
-  int *fdp = (int *)calloc(sizeof(int), 1); /* fdp is used to store current action */
+  /* fdp is used to store current action */
+  int *fdp = (int *) calloc(sizeof(int), 1);
 
   setsock(fdp, s, easy, action, g);
   curl_multi_assign(g->multi, s, fdp);
@@ -265,20 +278,20 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
   fprintf(MSG_OUT, "\nsock_cb: socket=%d, what=%d, sockp=%p", s, what, sockp);
 
   GlobalInfo *g = (GlobalInfo*) cbp;
-  int *actionp = (int*) sockp;
-  const char *whatstr[]={ "none", "IN", "OUT", "INOUT", "REMOVE"};
+  int *actionp = (int *) sockp;
+  const char *whatstr[] = { "none", "IN", "OUT", "INOUT", "REMOVE"};
 
   fprintf(MSG_OUT,
           "\nsocket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
 
-  if ( what == CURL_POLL_REMOVE )
+  if(what == CURL_POLL_REMOVE)
   {
     fprintf(MSG_OUT, "\n");
     remsock(actionp, g);
   }
   else
   {
-    if ( !actionp )
+    if(!actionp)
     {
       fprintf(MSG_OUT, "\nAdding data: %s", whatstr[what]);
       addsock(s, e, what, g);
@@ -291,19 +304,19 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
       setsock(actionp, s, e, what, g);
     }
   }
+
   return 0;
 }
 
-
 /* CURLOPT_WRITEFUNCTION */
 static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data)
 {
 
   size_t written = size * nmemb;
-  char* pBuffer = (char*)malloc(written + 1);
+  char* pBuffer = (char *) malloc(written + 1);
 
   strncpy(pBuffer, (const char *)ptr, written);
-  pBuffer [written] = '\0';
+  pBuffer[written] = '\0';
 
   fprintf(MSG_OUT, "%s", pBuffer);
 
@@ -312,12 +325,12 @@ static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data)
   return written;
 }
 
-
 /* CURLOPT_PROGRESSFUNCTION */
-static int prog_cb (void *p, double dltotal, double dlnow, double ult,
-                    double uln)
+static int prog_cb(void *p, double dltotal, double dlnow, double ult,
+                   double uln)
 {
   ConnInfo *conn = (ConnInfo *)p;
+
   (void)ult;
   (void)uln;
 
@@ -328,16 +341,15 @@ static int prog_cb (void *p, double dltotal, double dlnow, double ult,
 }
 
 /* CURLOPT_OPENSOCKETFUNCTION */
-static curl_socket_t opensocket(void *clientp,
-                                curlsocktype purpose,
+static curl_socket_t opensocket(void *clientp, curlsocktype purpose,
                                 struct curl_sockaddr *address)
 {
   fprintf(MSG_OUT, "\nopensocket :");
 
   curl_socket_t sockfd = CURL_SOCKET_BAD;
 
-  /* restrict to ipv4 */
-  if (purpose == CURLSOCKTYPE_IPCXN && address->family == AF_INET)
+  /* restrict to IPv4 */
+  if(purpose == CURLSOCKTYPE_IPCXN && address->family == AF_INET)
   {
     /* create a tcp socket object */
     boost::asio::ip::tcp::socket *tcp_socket = new boost::asio::ip::tcp::socket(io_service);
@@ -346,9 +358,9 @@ static curl_socket_t opensocket(void *clientp,
     boost::system::error_code ec;
     tcp_socket->open(boost::asio::ip::tcp::v4(), ec);
 
-    if (ec)
+    if(ec)
     {
-      //An error occurred
+      /* An error occurred */
       std::cout << std::endl << "Couldn't open socket [" << ec << "][" << ec.message() << "]";
       fprintf(MSG_OUT, "\nERROR: Returning CURL_SOCKET_BAD to signal error");
     }
@@ -372,7 +384,7 @@ static int closesocket(void *clientp, curl_socket_t item)
 
   std::map<curl_socket_t, boost::asio::ip::tcp::socket *>::iterator it = socket_map.find(item);
 
-  if ( it != socket_map.end() )
+  if(it != socket_map.end())
   {
     delete it->second;
     socket_map.erase(it);
@@ -382,22 +394,21 @@ static int closesocket(void *clientp, curl_socket_t item)
 }
 
 /* Create a new easy handle, and add it to the global curl_multi */
-static void new_conn(char *url, GlobalInfo *g )
+static void new_conn(char *url, GlobalInfo *g)
 {
   ConnInfo *conn;
   CURLMcode rc;
 
-  conn = (ConnInfo *)calloc(1, sizeof(ConnInfo));
-  memset(conn, 0, sizeof(ConnInfo));
-  conn->error[0]='\0';
+  conn = (ConnInfo *) calloc(1, sizeof(ConnInfo));
 
   conn->easy = curl_easy_init();
-
-  if ( !conn->easy )
+  if(!conn->easy)
   {
     fprintf(MSG_OUT, "\ncurl_easy_init() failed, exiting!");
+
     exit(2);
   }
+
   conn->global = g;
   conn->url = strdup(url);
   curl_easy_setopt(conn->easy, CURLOPT_URL, conn->url);
@@ -431,6 +442,7 @@ int main(int argc, char **argv)
 {
   GlobalInfo g;
   CURLMcode rc;
+
   (void)argc;
   (void)argv;
 
@@ -450,5 +462,6 @@ int main(int argc, char **argv)
   curl_multi_cleanup(g.multi);
 
   fprintf(MSG_OUT, "\ndone.\n");
+
   return 0;
 }

docs/examples/externalsocket.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -38,7 +38,7 @@
 #include <sys/socket.h>       /*  socket definitions        */
 #include <netinet/in.h>
 #include <arpa/inet.h>        /*  inet (3) funtions         */
-#include <unistd.h>           /*  misc. UNIX functions      */
+#include <unistd.h>           /*  misc. Unix functions      */
 #endif
 
 #include <errno.h>

docs/examples/fopen.c

@@ -128,6 +128,7 @@ static int fill_buffer(URL_FILE *file, size_t want)
   fd_set fdexcep;
   struct timeval timeout;
   int rc;
+  CURLMcode mc; /* curl_multi_fdset() return code */
 
   /* only attempt to fill buffer if transactions still running and buffer
    * doesnt exceed required size already
@@ -158,15 +159,35 @@ static int fill_buffer(URL_FILE *file, size_t want)
     }
 
     /* get file descriptors from the transfers */
-    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
 
-    /* In a real-world program you OF COURSE check the return code of the
-       function calls.  On success, the value of maxfd is guaranteed to be
-       greater or equal than -1.  We call select(maxfd + 1, ...), specially
-       in case of (maxfd == -1), we call select(0, ...), which is basically
-       equal to sleep. */
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
 
-    rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
 
     switch(rc) {
     case -1:
@@ -189,9 +210,7 @@ static int use_buffer(URL_FILE *file,int want)
   /* sort out buffer */
   if((file->buffer_pos - want) <=0) {
     /* ditch buffer - write will recreate */
-    if(file->buffer)
-      free(file->buffer);
-
+    free(file->buffer);
     file->buffer=NULL;
     file->buffer_pos=0;
     file->buffer_len=0;
@@ -281,9 +300,7 @@ int url_fclose(URL_FILE *file)
     break;
   }
 
-  if(file->buffer)
-    free(file->buffer);/* free any allocated buffer space */
-
+  free(file->buffer);/* free any allocated buffer space */
   free(file);
 
   return ret;
@@ -414,9 +431,7 @@ void url_rewind(URL_FILE *file)
     curl_multi_add_handle(multi_handle, file->handle.curl);
 
     /* ditch buffer - write will recreate - resets stream pos*/
-    if(file->buffer)
-      free(file->buffer);
-
+    free(file->buffer);
     file->buffer=NULL;
     file->buffer_pos=0;
     file->buffer_len=0;

docs/examples/getinmemory.c

@@ -106,8 +106,7 @@ int main(void)
   /* cleanup curl stuff */
   curl_easy_cleanup(curl_handle);
 
-  if(chunk.memory)
-    free(chunk.memory);
+  free(chunk.memory);
 
   /* we're done with libcurl, so clean it up */
   curl_global_cleanup();

docs/examples/imap-multi.c

@@ -88,6 +88,7 @@ int main(void)
     fd_set fdexcep;
     int maxfd = -1;
     int rc;
+    CURLMcode mc; /* curl_multi_fdset() return code */
 
     long curl_timeo = -1;
 
@@ -109,15 +110,36 @@ int main(void)
         timeout.tv_usec = (curl_timeo % 1000) * 1000;
     }
 
-    /* Get file descriptors from the transfers */
-    curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
+    /* get file descriptors from the transfers */
+    mc = curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
 
-    /* In a real-world program you OF COURSE check the return code of the
-       function calls.  On success, the value of maxfd is guaranteed to be
-       greater or equal than -1.  We call select(maxfd + 1, ...), specially in
-       case of (maxfd == -1), we call select(0, ...), which is basically equal
-       to sleep. */
-    rc = select(maxfd + 1, &fdread, &fdwrite, &fdexcep, &timeout);
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
+
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
 
     if(tvdiff(tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
       fprintf(stderr,

docs/examples/multi-app.c

@@ -73,6 +73,7 @@ int main(void)
   do {
     struct timeval timeout;
     int rc; /* select() return code */
+    CURLMcode mc; /* curl_multi_fdset() return code */
 
     fd_set fdread;
     fd_set fdwrite;
@@ -99,15 +100,35 @@ int main(void)
     }
 
     /* get file descriptors from the transfers */
-    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
 
-    /* In a real-world program you OF COURSE check the return code of the
-       function calls.  On success, the value of maxfd is guaranteed to be
-       greater or equal than -1.  We call select(maxfd + 1, ...), specially in
-       case of (maxfd == -1), we call select(0, ...), which is basically equal
-       to sleep. */
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
 
-    rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
 
     switch(rc) {
     case -1:

docs/examples/multi-debugcallback.c

@@ -147,6 +147,7 @@ int main(void)
   do {
     struct timeval timeout;
     int rc; /* select() return code */
+    CURLMcode mc; /* curl_multi_fdset() return code */
 
     fd_set fdread;
     fd_set fdwrite;
@@ -173,15 +174,35 @@ int main(void)
     }
 
     /* get file descriptors from the transfers */
-    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
 
-    /* In a real-world program you OF COURSE check the return code of the
-       function calls.  On success, the value of maxfd is guaranteed to be
-       greater or equal than -1.  We call select(maxfd + 1, ...), specially in
-       case of (maxfd == -1), we call select(0, ...), which is basically equal
-       to sleep. */
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
 
-    rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
 
     switch(rc) {
     case -1:

docs/examples/multi-double.c

@@ -62,6 +62,7 @@ int main(void)
   do {
     struct timeval timeout;
     int rc; /* select() return code */
+    CURLMcode mc; /* curl_multi_fdset() return code */
 
     fd_set fdread;
     fd_set fdwrite;
@@ -88,15 +89,35 @@ int main(void)
     }
 
     /* get file descriptors from the transfers */
-    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
 
-    /* In a real-world program you OF COURSE check the return code of the
-       function calls.  On success, the value of maxfd is guaranteed to be
-       greater or equal than -1.  We call select(maxfd + 1, ...), specially in
-       case of (maxfd == -1), we call select(0, ...), which is basically equal
-       to sleep. */
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
 
-    rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
 
     switch(rc) {
     case -1:

docs/examples/multi-post.c

@@ -83,6 +83,7 @@ int main(void)
     do {
       struct timeval timeout;
       int rc; /* select() return code */
+      CURLMcode mc; /* curl_multi_fdset() return code */
 
       fd_set fdread;
       fd_set fdwrite;
@@ -109,15 +110,35 @@ int main(void)
       }
 
       /* get file descriptors from the transfers */
-      curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+      mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
 
-      /* In a real-world program you OF COURSE check the return code of the
-         function calls.  On success, the value of maxfd is guaranteed to be
-         greater or equal than -1.  We call select(maxfd + 1, ...), specially in
-         case of (maxfd == -1), we call select(0, ...), which is basically equal
-         to sleep. */
+      if(mc != CURLM_OK)
+      {
+        fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+        break;
+      }
 
-      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+      /* On success the value of maxfd is guaranteed to be >= -1. We call
+         select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+         no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+         to sleep 100ms, which is the minimum suggested value in the
+         curl_multi_fdset() doc. */
+
+      if(maxfd == -1) {
+#ifdef _WIN32
+        Sleep(100);
+        rc = 0;
+#else
+        /* Portable sleep for platforms other than Windows. */
+        struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+        rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+      }
+      else {
+        /* Note that on some platforms 'timeout' may be modified by select().
+           If you need access to the original value save a copy beforehand. */
+        rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+      }
 
       switch(rc) {
       case -1:

docs/examples/multi-single.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -31,6 +31,15 @@
 /* curl stuff */
 #include <curl/curl.h>
 
+#ifdef _WIN32
+#define WAITMS(x) Sleep(x)
+#else
+/* Portable sleep for platforms other than Windows. */
+#define WAITMS(x)                               \
+  struct timeval wait = { 0, (x) * 1000 };      \
+  (void)select(0, NULL, NULL, NULL, &wait);
+#endif
+
 /*
  * Simply download a HTTP file.
  */
@@ -40,6 +49,7 @@ int main(void)
   CURLM *multi_handle;
 
   int still_running; /* keep number of running handles */
+  int repeats = 0;
 
   curl_global_init(CURL_GLOBAL_DEFAULT);
 
@@ -58,56 +68,33 @@ int main(void)
   curl_multi_perform(multi_handle, &still_running);
 
   do {
-    struct timeval timeout;
-    int rc; /* select() return code */
+    CURLMcode mc; /* curl_multi_wait() return code */
+    int numfds;
 
-    fd_set fdread;
-    fd_set fdwrite;
-    fd_set fdexcep;
-    int maxfd = -1;
+    /* wait for activity, timeout or "nothing" */
+    mc = curl_multi_wait(multi_handle, NULL, 0, 1000, &numfds);
 
-    long curl_timeo = -1;
-
-    FD_ZERO(&fdread);
-    FD_ZERO(&fdwrite);
-    FD_ZERO(&fdexcep);
-
-    /* set a suitable timeout to play around with */
-    timeout.tv_sec = 1;
-    timeout.tv_usec = 0;
-
-    curl_multi_timeout(multi_handle, &curl_timeo);
-    if(curl_timeo >= 0) {
-      timeout.tv_sec = curl_timeo / 1000;
-      if(timeout.tv_sec > 1)
-        timeout.tv_sec = 1;
-      else
-        timeout.tv_usec = (curl_timeo % 1000) * 1000;
-    }
-
-    /* get file descriptors from the transfers */
-    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
-
-    /* In a real-world program you OF COURSE check the return code of the
-       function calls.  On success, the value of maxfd is guaranteed to be
-       greater or equal than -1.  We call select(maxfd + 1, ...), specially in
-       case of (maxfd == -1), we call select(0, ...), which is basically equal
-       to sleep. */
-
-    rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
-
-    switch(rc) {
-    case -1:
-      /* select error */
-      still_running = 0;
-      printf("select() returns error, this is badness\n");
-      break;
-    case 0:
-    default:
-      /* timeout or readable/writable sockets */
-      curl_multi_perform(multi_handle, &still_running);
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
       break;
     }
+
+    /* 'numfds' being zero means either a timeout or no file descriptors to
+       wait for. Try timeout on first occurance, then assume no file
+       descriptors and no file descriptors to wait for means wait for 100
+       milliseconds. */
+
+    if(!numfds) {
+      repeats++; /* count number of repeated zero numfds */
+      if(repeats > 1) {
+        WAITMS(100); /* sleep 100 milliseconds */
+      }
+    }
+    else
+      repeats = 0;
+
+    curl_multi_perform(multi_handle, &still_running);
   } while(still_running);
 
   curl_multi_remove_handle(multi_handle, http_handle);

docs/examples/multi-uv.c

@@ -64,13 +64,13 @@ curl_context_t* create_curl_context(curl_socket_t sockfd)
 
 void curl_close_cb(uv_handle_t *handle)
 {
-  curl_context_t* context = (curl_context_t*) handle->data;
+  curl_context_t *context = (curl_context_t *) handle->data;
   free(context);
 }
 
 void destroy_curl_context(curl_context_t *context)
 {
-  uv_close((uv_handle_t*) &context->poll_handle, curl_close_cb);
+  uv_close((uv_handle_t *) &context->poll_handle, curl_close_cb);
 }
 
 
@@ -83,13 +83,14 @@ void add_download(const char *url, int num)
   sprintf(filename, "%d.download", num);
 
   file = fopen(filename, "w");
-  if (file == NULL) {
+  if(!file) {
     fprintf(stderr, "Error opening %s\n", filename);
     return;
   }
 
   handle = curl_easy_init();
   curl_easy_setopt(handle, CURLOPT_WRITEDATA, file);
+  curl_easy_setopt(handle, CURLOPT_PRIVATE, file);
   curl_easy_setopt(handle, CURLOPT_URL, url);
   curl_multi_add_handle(curl_handle, handle);
   fprintf(stderr, "Added download %s -> %s\n", url, filename);
@@ -101,16 +102,21 @@ static void check_multi_info(void)
   char *done_url;
   CURLMsg *message;
   int pending;
+  FILE *file;
 
-  while ((message = curl_multi_info_read(curl_handle, &pending))) {
-    switch (message->msg) {
+  while((message = curl_multi_info_read(curl_handle, &pending))) {
+    switch(message->msg) {
     case CURLMSG_DONE:
       curl_easy_getinfo(message->easy_handle, CURLINFO_EFFECTIVE_URL,
                         &done_url);
+      curl_easy_getinfo(message->easy_handle, CURLINFO_PRIVATE, &file);
       printf("%s DONE\n", done_url);
 
       curl_multi_remove_handle(curl_handle, message->easy_handle);
       curl_easy_cleanup(message->easy_handle);
+      if(file) {
+        fclose(file);
+      }
       break;
 
     default:
@@ -131,12 +137,12 @@ void curl_perform(uv_poll_t *req, int status, int events)
 
   uv_timer_stop(&timeout);
 
-  if (events & UV_READABLE)
+  if(events & UV_READABLE)
     flags |= CURL_CSELECT_IN;
-  if (events & UV_WRITABLE)
+  if(events & UV_WRITABLE)
     flags |= CURL_CSELECT_OUT;
 
-  context = (curl_context_t*)req;
+  context = (curl_context_t *) req;
 
   curl_multi_socket_action(curl_handle, context->sockfd, flags,
                            &running_handles);
@@ -154,7 +160,7 @@ void on_timeout(uv_timer_t *req, int status)
 
 void start_timeout(CURLM *multi, long timeout_ms, void *userp)
 {
-  if (timeout_ms <= 0)
+  if(timeout_ms <= 0)
     timeout_ms = 1; /* 0 means directly call socket_action, but we'll do it in
                        a bit */
   uv_timer_start(&timeout, on_timeout, timeout_ms, 0);
@@ -164,9 +170,9 @@ int handle_socket(CURL *easy, curl_socket_t s, int action, void *userp,
                   void *socketp)
 {
   curl_context_t *curl_context;
-  if (action == CURL_POLL_IN || action == CURL_POLL_OUT) {
-    if (socketp) {
-      curl_context = (curl_context_t*) socketp;
+  if(action == CURL_POLL_IN || action == CURL_POLL_OUT) {
+    if(socketp) {
+      curl_context = (curl_context_t *) socketp;
     }
     else {
       curl_context = create_curl_context(s);
@@ -174,7 +180,7 @@ int handle_socket(CURL *easy, curl_socket_t s, int action, void *userp,
     curl_multi_assign(curl_handle, s, (void *) curl_context);
   }
 
-  switch (action) {
+  switch(action) {
   case CURL_POLL_IN:
     uv_poll_start(&curl_context->poll_handle, UV_READABLE, curl_perform);
     break;
@@ -182,7 +188,7 @@ int handle_socket(CURL *easy, curl_socket_t s, int action, void *userp,
     uv_poll_start(&curl_context->poll_handle, UV_WRITABLE, curl_perform);
     break;
   case CURL_POLL_REMOVE:
-    if (socketp) {
+    if(socketp) {
       uv_poll_stop(&((curl_context_t*)socketp)->poll_handle);
       destroy_curl_context((curl_context_t*) socketp);
       curl_multi_assign(curl_handle, s, NULL);
@@ -199,10 +205,10 @@ int main(int argc, char **argv)
 {
   loop = uv_default_loop();
 
-  if (argc <= 1)
+  if(argc <= 1)
     return 0;
 
-  if (curl_global_init(CURL_GLOBAL_ALL)) {
+  if(curl_global_init(CURL_GLOBAL_ALL)) {
     fprintf(stderr, "Could not init cURL\n");
     return 1;
   }
@@ -213,11 +219,12 @@ int main(int argc, char **argv)
   curl_multi_setopt(curl_handle, CURLMOPT_SOCKETFUNCTION, handle_socket);
   curl_multi_setopt(curl_handle, CURLMOPT_TIMERFUNCTION, start_timeout);
 
-  while (argc-- > 1) {
+  while(argc-- > 1) {
     add_download(argv[argc], argc);
   }
 
   uv_run(loop, UV_RUN_DEFAULT);
   curl_multi_cleanup(curl_handle);
+
   return 0;
 }

docs/examples/pop3-multi.c

@@ -88,6 +88,7 @@ int main(void)
     fd_set fdexcep;
     int maxfd = -1;
     int rc;
+    CURLMcode mc; /* curl_multi_fdset() return code */
 
     long curl_timeo = -1;
 
@@ -109,15 +110,36 @@ int main(void)
         timeout.tv_usec = (curl_timeo % 1000) * 1000;
     }
 
-    /* Get file descriptors from the transfers */
-    curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
+    /* get file descriptors from the transfers */
+    mc = curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
 
-    /* In a real-world program you OF COURSE check the return code of the
-       function calls. On success, the value of maxfd is guaranteed to be
-       greater or equal than -1. We call select(maxfd + 1, ...), specially in
-       case of (maxfd == -1), we call select(0, ...), which is basically equal
-       to sleep. */
-    rc = select(maxfd + 1, &fdread, &fdwrite, &fdexcep, &timeout);
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
+
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
 
     if(tvdiff(tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
       fprintf(stderr,

docs/examples/postinmemory.c

@@ -101,8 +101,7 @@ int main(void)
     /* always cleanup */
     curl_easy_cleanup(curl);
 
-    if(chunk.memory)
-      free(chunk.memory);
+    free(chunk.memory);
 
     /* we're done with libcurl, so clean it up */
     curl_global_cleanup();

docs/examples/sepheaders.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -53,23 +53,26 @@ int main(void)
   /* send all data to this function  */
   curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, write_data);
 
-  /* open the files */
-  headerfile = fopen(headerfilename,"wb");
-  if (headerfile == NULL) {
+  /* open the header file */
+  headerfile = fopen(headerfilename, "wb");
+  if(!headerfile) {
     curl_easy_cleanup(curl_handle);
     return -1;
   }
-  bodyfile = fopen(bodyfilename,"wb");
-  if (bodyfile == NULL) {
+
+  /* open the body file */
+  bodyfile = fopen(bodyfilename, "wb");
+  if(!bodyfile) {
     curl_easy_cleanup(curl_handle);
+    fclose(headerfile);
     return -1;
   }
 
   /* we want the headers be written to this file handle */
-  curl_easy_setopt(curl_handle,   CURLOPT_HEADERDATA, headerfile);
+  curl_easy_setopt(curl_handle, CURLOPT_HEADERDATA, headerfile);
 
   /* we want the body be written to this file handle instead of stdout */
-  curl_easy_setopt(curl_handle,   CURLOPT_WRITEDATA, bodyfile);
+  curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, bodyfile);
 
   /* get it! */
   curl_easy_perform(curl_handle);

docs/examples/smtp-multi.c

@@ -155,6 +155,7 @@ int main(void)
     fd_set fdexcep;
     int maxfd = -1;
     int rc;
+    CURLMcode mc; /* curl_multi_fdset() return code */
 
     long curl_timeo = -1;
 
@@ -176,15 +177,36 @@ int main(void)
         timeout.tv_usec = (curl_timeo % 1000) * 1000;
     }
 
-    /* Get file descriptors from the transfers */
-    curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
+    /* get file descriptors from the transfers */
+    mc = curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
 
-    /* In a real-world program you OF COURSE check the return code of the
-       function calls.  On success, the value of maxfd is guaranteed to be
-       greater or equal than -1.  We call select(maxfd + 1, ...), specially in
-       case of (maxfd == -1), we call select(0, ...), which is basically equal
-       to sleep. */
-    rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
+
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
 
     if(tvdiff(tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
       fprintf(stderr,

docs/examples/synctime.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -92,6 +92,8 @@
 #define MAX_STRING              256
 #define MAX_STRING1             MAX_STRING+1
 
+#define SYNCTIME_UA "synctime/1.0"
+
 typedef struct
 {
   char http_proxy[MAX_STRING1];
@@ -99,12 +101,11 @@ typedef struct
   char timeserver[MAX_STRING1];
 } conf_t;
 
-const char DefaultTimeServer[4][MAX_STRING1] =
+const char DefaultTimeServer[3][MAX_STRING1] =
 {
-  "http://nist.time.gov/timezone.cgi?UTC/s/0",
-  "http://www.google.com/",
-  "http://www.worldtimeserver.com/current_time_in_UTC.aspx",
-  "http://www.worldtime.com/cgi-bin/wt.cgi"
+  "http://pool.ntp.org/",
+  "http://nist.time.gov/",
+  "http://www.google.com/"
 };
 
 const char *DayStr[] = {"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"};
@@ -186,9 +187,9 @@ void SyncTime_CURL_Init(CURL *curl, char *proxy_port,
   if (strlen(proxy_user_password) > 0)
     curl_easy_setopt(curl, CURLOPT_PROXYUSERPWD, proxy_user_password);
 
-  /* Trick Webserver by claiming that you are using Microsoft WinXP SP2, IE6 */
-  curl_easy_setopt(curl, CURLOPT_USERAGENT,
-                   "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)");
+#ifdef SYNCTIME_UA
+  curl_easy_setopt(curl, CURLOPT_USERAGENT, SYNCTIME_UA);
+#endif
   curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, *SyncTime_CURL_WriteOutput);
   curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, *SyncTime_CURL_WriteHeader);
 }

docs/libcurl/Makefile.am

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -40,7 +40,7 @@ man_MANS = curl_easy_cleanup.3 curl_easy_getinfo.3 curl_easy_init.3	 \
  curl_easy_unescape.3 curl_multi_setopt.3 curl_multi_socket.3		 \
  curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3		 \
  curl_easy_pause.3 curl_easy_recv.3 curl_easy_send.3			 \
- curl_multi_socket_action.3 curl_multi_wait.3
+ curl_multi_socket_action.3 curl_multi_wait.3 libcurl-symbols.3
 
 HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html		\
  curl_easy_init.html curl_easy_perform.html curl_easy_setopt.html	\
@@ -60,7 +60,7 @@ HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html		\
  curl_easy_unescape.html curl_multi_setopt.html curl_multi_socket.html	\
  curl_multi_timeout.html curl_formget.html curl_multi_assign.html	\
  curl_easy_pause.html curl_easy_recv.html curl_easy_send.html		\
- curl_multi_socket_action.html curl_multi_wait.html
+ curl_multi_socket_action.html curl_multi_wait.html libcurl-symbols.html
 
 PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf			 \
  curl_easy_init.pdf curl_easy_perform.pdf curl_easy_setopt.pdf		 \
@@ -79,19 +79,23 @@ PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf			 \
  curl_easy_escape.pdf curl_easy_unescape.pdf curl_multi_setopt.pdf	 \
  curl_multi_socket.pdf curl_multi_timeout.pdf curl_formget.pdf		 \
  curl_multi_assign.pdf curl_easy_pause.pdf curl_easy_recv.pdf		 \
- curl_easy_send.pdf curl_multi_socket_action.pdf curl_multi_wait.pdf
+ curl_easy_send.pdf curl_multi_socket_action.pdf curl_multi_wait.pdf     \
+ libcurl-symbols.pdf
 
 m4macrodir = $(datadir)/aclocal
 dist_m4macro_DATA = libcurl.m4
 
-CLEANFILES = $(HTMLPAGES) $(PDFPAGES)
+CLEANFILES = $(HTMLPAGES) $(PDFPAGES) $(TESTS) libcurl-symbols.3
 
 EXTRA_DIST = $(man_MANS) $(HTMLPAGES) index.html $(PDFPAGES) ABI \
-  symbols-in-versions symbols.pl
+  symbols-in-versions symbols.pl mksymbolsmanpage.pl
 MAN2HTML= roffit --mandir=. < $< >$@
 
 SUFFIXES = .3 .html
 
+libcurl-symbols.3: $(srcdir)/symbols-in-versions $(srcdir)/mksymbolsmanpage.pl
+	perl $(srcdir)/mksymbolsmanpage.pl < $(srcdir)/symbols-in-versions > $@
+
 html: $(HTMLPAGES)
 	cd opts; make html
 
@@ -107,3 +111,17 @@ pdf: $(PDFPAGES)
 	ps2pdf $$foo.ps $@; \
 	rm $$foo.ps; \
 	echo "converted $< to $@")
+
+# Make sure each option man page is referenced in the main man page
+TESTS = check-easy check-multi
+LOG_COMPILER = $(PERL)
+# The test fails if the log file contains any text
+AM_LOG_FLAGS = -p -e 'die "$$_" if ($$_);'
+
+check-easy: $(srcdir)/curl_easy_setopt.3 $(srcdir)/opts/CURLOPT*.3
+	OPTS="$$(ls $(srcdir)/opts/CURLOPT*.3 | $(SED) -e 's,^.*/,,' -e 's,\.3$$,,')" && \
+	for opt in $$OPTS; do grep "^\.IP $$opt$$" $(srcdir)/curl_easy_setopt.3 >/dev/null || echo Missing $$opt; done > $@
+
+check-multi: $(srcdir)/curl_multi_setopt.3 $(srcdir)/opts/CURLMOPT*.3
+	OPTS="$$(ls $(srcdir)/opts/CURLMOPT*.3 | $(SED) -e 's,^.*/,,' -e 's,\.3$$,,')" && \
+	for opt in $$OPTS; do grep "^\.IP $$opt$$" $(srcdir)/curl_multi_setopt.3 >/dev/null || echo Missing $$opt; done > $@

docs/libcurl/curl_easy_cleanup.3

@@ -52,6 +52,16 @@ safely remove all the strings you've previously told libcurl to use, as it
 won't use them anymore now.
 .SH RETURN VALUE
 None
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  CURLcode res;
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+  res = curl_easy_perform(curl);
+  curl_easy_cleanup(curl);
+}
+.fi
 .SH "SEE ALSO"
 .BR curl_easy_init "(3), "
 

docs/libcurl/curl_easy_escape.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -26,13 +26,13 @@ curl_easy_escape - URL encodes the given string
 .SH SYNOPSIS
 .B #include <curl/curl.h>
 .sp
-.BI "char *curl_easy_escape( CURL *" curl ", char *" url ", int "length " );"
+.BI "char *curl_easy_escape( CURL *" curl ", char *" string ", int "length " );"
 .ad
 .SH DESCRIPTION
-This function converts the given input string to an URL encoded string and
-returns that as a new allocated string. All input characters that are not a-z,
-A-Z, 0-9, '-', '.', '_' or '~' are converted to their "URL escaped" version
-(%NN where NN is a two-digit hexadecimal number).
+This function converts the given input \fBstring\fP to an URL encoded string
+and returns that as a new allocated string. All input characters that are not
+a-z, A-Z, 0-9, '-', '.', '_' or '~' are converted to their "URL escaped"
+version (%NN where NN is a two-digit hexadecimal number).
 
 If the \fBlength\fP argument is set to 0 (zero), \fIcurl_easy_escape(3)\fP
 uses strlen() on the input \fBurl\fP to find out the size.
@@ -42,5 +42,16 @@ You must \fIcurl_free(3)\fP the returned string when you're done with it.
 Added in 7.15.4 and replaces the old \fIcurl_escape(3)\fP function.
 .SH RETURN VALUE
 A pointer to a zero terminated string or NULL if it failed.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  char *output = curl_easy_escape(curl, "data to convert", 15);
+  if(output) {
+    printf("Encoded: %s\n", output);
+    curl_free(output);
+  }
+}}
+.fi
 .SH "SEE ALSO"
-.BR curl_easy_unescape "(3), " curl_free "(3), " RFC 2396
+.BR curl_easy_unescape "(3), " curl_free "(3), " RFC 3986

docs/libcurl/curl_easy_init.3

@@ -44,5 +44,16 @@ this function.
 .SH RETURN VALUE
 If this function returns NULL, something went wrong and you cannot use the
 other curl functions.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  CURLcode res;
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+  res = curl_easy_perform(curl);
+  curl_easy_cleanup(curl);
+}
+.fi
 .SH "SEE ALSO"
-.BR curl_easy_cleanup "(3), " curl_global_init "(3), " curl_easy_reset "(3)"
+.BR curl_easy_cleanup "(3), " curl_global_init "(3), " curl_easy_reset "(3), "
+.BR curl_easy_perform "(3) "

docs/libcurl/curl_easy_perform.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
 .\" **************************************************************************
 .TH curl_easy_perform 3 "5 Mar 2001" "libcurl 7.7" "libcurl Manual"
 .SH NAME
-curl_easy_perform - Perform a file transfer
+curl_easy_perform - perform a blocking file transfer
 .SH SYNOPSIS
 .B #include <curl/curl.h>
 .sp
@@ -58,6 +58,16 @@ CURLE_OK (0) means everything was ok, non-zero means an error occurred as
 defines - see \fIlibcurl-errors(3)\fP. If the \fBCURLOPT_ERRORBUFFER(3)\fP was
 set with \fIcurl_easy_setopt(3)\fP there will be a readable error message in
 the error buffer when non-zero is returned.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  CURLcode res;
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+  res = curl_easy_perform(curl);
+  curl_easy_cleanup(curl);
+}
+.fi
 .SH "SEE ALSO"
 .BR curl_easy_init "(3), " curl_easy_setopt "(3), "
 .BR curl_multi_add_handle "(3), " curl_multi_perform "(3), "

docs/libcurl/curl_easy_recv.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -42,8 +42,9 @@ buffer. The variable \fBn\fP points to will receive the number of received
 bytes.
 
 To establish the connection, set \fBCURLOPT_CONNECT_ONLY(3)\fP option before
-calling \fIcurl_easy_perform(3)\fP. Note that \fIcurl_easy_recv(3)\fP does not
-work on connections that were created without this option.
+calling \fIcurl_easy_perform(3)\fP or \cIcurl_multi_perform(3)\fP. Note that
+\fIcurl_easy_recv(3)\fP does not work on connections that were created without
+this option.
 
 You must ensure that the socket has data to read before calling
 \fIcurl_easy_recv(3)\fP, otherwise the call will return \fBCURLE_AGAIN\fP -

docs/libcurl/curl_easy_send.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -40,8 +40,9 @@ connection set-up.
 The variable \fBn\fP points to will receive the number of sent bytes.
 
 To establish the connection, set \fBCURLOPT_CONNECT_ONLY(3)\fP option before
-calling \fIcurl_easy_perform(3)\fP. Note that \fIcurl_easy_send(3)\fP will not
-work on connections that were created without this option.
+calling \fIcurl_easy_perform(3)\fP or \fIcurl_multi_perform()\fP. Note that
+\fIcurl_easy_send(3)\fP will not work on connections that were created without
+this option.
 
 You must ensure that the socket is writable before calling
 \fIcurl_easy_send(3)\fP, otherwise the call will return \fBCURLE_AGAIN\fP -

docs/libcurl/curl_easy_setopt.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -145,6 +145,8 @@ Fail on HTTP 4xx errors. \fICURLOPT_FAILONERROR(3)\fP
 .SH NETWORK OPTIONS
 .IP CURLOPT_URL
 URL to work on. See \fICURLOPT_URL(3)\fP
+.IP CURLOPT_PATH_AS_IS
+Disable squashing /../ and /./ sequences in the path. See \fICURLOPT_PATH_AS_IS(3)\fP
 .IP CURLOPT_PROTOCOLS
 Allowed protocols. See \fICURLOPT_PROTOCOLS(3)\fP
 .IP CURLOPT_REDIR_PROTOCOLS
@@ -187,6 +189,8 @@ Enable TCP keep-alive. See \fICURLOPT_TCP_KEEPALIVE(3)\fP
 Idle time before sending keep-alive. See \fICURLOPT_TCP_KEEPIDLE(3)\fP
 .IP CURLOPT_TCP_KEEPINTVL
 Interval between keep-alive probes. See \fICURLOPT_TCP_KEEPINTVL(3)\fP
+.IP CURLOPT_UNIX_SOCKET_PATH
+Path to a Unix domain socket. See \fICURLOPT_UNIX_SOCKET_PATH(3)\fP
 .SH NAMES and PASSWORDS OPTIONS (Authentication)
 .IP CURLOPT_NETRC
 Enable .netrc parsing. See \fICURLOPT_NETRC(3)\fP
@@ -212,6 +216,8 @@ HTTP server authentication methods. See \fICURLOPT_HTTPAUTH(3)\fP
 TLS authentication user name. See \fICURLOPT_TLSAUTH_USERNAME(3)\fP
 .IP CURLOPT_TLSAUTH_PASSWORD
 TLS authentication password. See \fICURLOPT_TLSAUTH_PASSWORD(3)\fP
+.IP CURLOPT_TLSAUTH_TYPE
+TLS authentication methods. See \fICURLOPT_TLSAUTH_TYPE(3)\fP
 .IP CURLOPT_PROXYAUTH
 HTTP proxy authentication methods. See \fICURLOPT_PROXYAUTH(3)\fP
 .IP CURLOPT_SASL_IR
@@ -409,6 +415,8 @@ Bind name resolves to this interface. See \fICURLOPT_DNS_INTERFACE(3)\fP
 Bind name resolves to this IP4 address. See \fICURLOPT_DNS_LOCAL_IP4(3)\fP
 .IP CURLOPT_DNS_LOCAL_IP6
 Bind name resolves to this IP6 address. See \fICURLOPT_DNS_LOCAL_IP6(3)\fP
+.IP CURLOPT_DNS_SERVERS
+Preferred DNS servers. See \fICURLOPT_DNS_SERVERS(3)\fP
 .IP CURLOPT_ACCEPTTIMEOUT_MS
 Timeout for waiting for the server's connect back to be accepted. See \fICURLOPT_ACCEPTTIMEOUT_MS(3)\fP
 .SH SSL and SECURITY OPTIONS
@@ -430,10 +438,16 @@ Enable use of NPN. See \fICURLOPT_SSL_ENABLE_NPN(3)\fP
 Use identifier with SSL engine. See \fICURLOPT_SSLENGINE(3)\fP
 .IP CURLOPT_SSLENGINE_DEFAULT
 Default SSL engine. See \fICURLOPT_SSLENGINE_DEFAULT(3)\fP
+.IP CURLOPT_SSL_FALSESTART
+Enable TLS False Start. See \fICURLOPT_SSL_FALSESTART(3)\fP
 .IP CURLOPT_SSLVERSION
 SSL version to use. See \fICURLOPT_SSLVERSION(3)\fP
+.IP CURLOPT_SSL_VERIFYHOST
+Verify the host name in the SSL certificate. See \fICURLOPT_SSL_VERIFYHOST(3)\fP
 .IP CURLOPT_SSL_VERIFYPEER
 Verify the SSL certificate. See \fICURLOPT_SSL_VERIFYPEER(3)\fP
+.IP CURLOPT_SSL_VERIFYSTATUS
+Verify the SSL certificate's status. See \fICURLOPT_SSL_VERIFYSTATUS(3)\fP
 .IP CURLOPT_CAINFO
 CA cert bundle. See \fICURLOPT_CAINFO(3)\fP
 .IP CURLOPT_ISSUERCERT
@@ -442,10 +456,10 @@ Issuer certificate. See \fICURLOPT_ISSUERCERT(3)\fP
 Path to CA cert bundle. See \fICURLOPT_CAPATH(3)\fP
 .IP CURLOPT_CRLFILE
 Certificate Revocation List. See \fICURLOPT_CRLFILE(3)\fP
-.IP CURLOPT_SSL_VERIFYHOST
-Verify the host name in the SSL certificate. See \fICURLOPT_SSL_VERIFYHOST(3)\fP
 .IP CURLOPT_CERTINFO
 Extract certificate info. See \fICURLOPT_CERTINFO(3)\fP
+.IP CURLOPT_PINNEDPUBLICKEY
+Set pinned SSL public key . See \fICURLOPT_PINNEDPUBLICKEY(3)\fP
 .IP CURLOPT_RANDOM_FILE
 Provide source for entropy random data. See \fICURLOPT_RANDOM_FILE(3)\fP
 .IP CURLOPT_EGDSOCKET
@@ -497,6 +511,16 @@ the library is too old to support it or the option was removed in a recent
 version, this function will return \fICURLE_UNKNOWN_OPTION\fP. If support for
 the option was disabled at compile-time, it will return
 \fICURLE_NOT_BUILT_IN\fP.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  CURLcode res;
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+  res = curl_easy_perform(curl);
+  curl_easy_cleanup(curl);
+}}
+.fi
 .SH "SEE ALSO"
 .BR curl_easy_init "(3), " curl_easy_cleanup "(3), " curl_easy_reset "(3), "
 .BR curl_multi_setopt "(3), "

docs/libcurl/curl_multi_fdset.3

@@ -62,10 +62,10 @@ proceed and call \fIcurl_multi_perform(3)\fP anyway. How long to wait? We
 suggest 100 milliseconds at least, but you may want to test it out in your own
 particular conditions to find a suitable value.
 
-When doing select(), you should use \fBcurl_multi_timeout\fP to figure out how
-long to wait for action. Call \fIcurl_multi_perform(3)\fP even if no activity
-has been seen on the fd_sets after the timeout expires as otherwise internal
-retries and timeouts may not work as you'd think and want.
+When doing select(), you should use \fIcurl_multi_timeout(3)\fP to figure out
+how long to wait for action. Call \fIcurl_multi_perform(3)\fP even if no
+activity has been seen on the fd_sets after the timeout expires as otherwise
+internal retries and timeouts may not work as you'd think and want.
 
 If one of the sockets used by libcurl happens to be larger than what can be
 set in an fd_set, which on POSIX systems means that the file descriptor is
@@ -79,4 +79,5 @@ CURLMcode type, general libcurl multi interface error code. See
 \fIlibcurl-errors(3)\fP
 .SH "SEE ALSO"
 .BR curl_multi_cleanup "(3), " curl_multi_init "(3), "
+.BR curl_multi_wait "(3), "
 .BR curl_multi_timeout "(3), " curl_multi_perform "(3), " select "(2) "

docs/libcurl/curl_multi_perform.3

@@ -74,5 +74,6 @@ period, then it'll wait for action on the file descriptors using
 \fIcurl_multi_perform(3)\fP gets called.
 .SH "SEE ALSO"
 .BR curl_multi_cleanup "(3), " curl_multi_init "(3), "
+.BR curl_multi_wait "(3), "
 .BR curl_multi_fdset "(3), " curl_multi_info_read "(3), "
 .BR libcurl-errors "(3)"

docs/libcurl/curl_multi_setopt.3

@@ -47,6 +47,8 @@ See \fICURLMOPT_PIPELINING(3)\fP
 See \fICURLMOPT_TIMERFUNCTION(3)\fP
 .IP CURLMOPT_TIMERDATA
 See \fICURLMOPT_TIMERDATA(3)\fP
+.IP CURLMOPT_MAXCONNECTS
+See \fICURLMOPT_MAXCONNECTS(3)\fP
 .IP CURLMOPT_MAX_HOST_CONNECTIONS
 See \fICURLMOPT_MAX_HOST_CONNECTIONS(3)\fP
 .IP CURLMOPT_MAX_PIPELINE_LENGTH

docs/libcurl/curl_multi_wait.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -33,9 +33,9 @@ CURLMcode curl_multi_wait(CURLM *multi_handle,
                           int *numfds);
 .ad
 .SH DESCRIPTION
-This function polls on all file descriptors used by the curl easy handles
-contained in the given multi handle set.  It will block until activity is
-detected on at least one of the handles or \fItimeout_ms\fP has passed.
+\fIcurl_multi_wait(3)\fP polls all file descriptors used by the curl easy
+handles contained in the given multi handle set.  It will block until activity
+is detected on at least one of the handles or \fItimeout_ms\fP has passed.
 Alternatively, if the multi handle has a pending internal timeout that has a
 shorter expiry time than \fItimeout_ms\fP, that shorter time will be used
 instead to make sure timeout accuracy is reasonably kept.
@@ -43,7 +43,7 @@ instead to make sure timeout accuracy is reasonably kept.
 The calling application may pass additional curl_waitfd structures which are
 similar to \fIpoll(2)\fP's pollfd structure to be waited on in the same call.
 
-On completion, if \fInumfds\fP is supplied, it will be populated with the
+On completion, if \fInumfds\fP is non-NULL, it will be populated with the
 total number of file descriptors on which interesting events occured. This
 number can include both libcurl internal descriptors as well as descriptors
 provided in \fIextra_fds\fP.

docs/libcurl/curl_version_info.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -20,7 +20,7 @@
 .\" *
 .\" **************************************************************************
 .\"
-.TH curl_version_info 3 "2 Aug 2014" "libcurl 7.38.0" "libcurl Manual"
+.TH curl_version_info 3 "2 Nov 2014" "libcurl 7.40.0" "libcurl Manual"
 .SH NAME
 curl_version_info - returns run-time libcurl version info
 .SH SYNOPSIS
@@ -57,7 +57,7 @@ typedef struct {
   char *ssl_version;        /* human readable string */
   long ssl_version_num;     /* not used, always zero */
   const char *libz_version; /* human readable string */
-  const char **protocols;   /* list of protocols */
+  const char * const *protocols; /* protocols */
 
   /* when 'age' is 1 or higher, the members below also exist: */
   const char *ares;         /* human readable string */
@@ -96,7 +96,10 @@ bits are:
 .IP CURL_VERSION_IPV6
 supports IPv6
 .IP CURL_VERSION_KERBEROS4
-supports kerberos4 (when using FTP)
+supports Kerberos V4 (when using FTP)
+.IP CURL_VERSION_KERBEROS5
+supports Kerberos V5 authentication for FTP, IMAP, POP3, SMTP and SOCKSv5 proxy
+(Added in 7.40.0)
 .IP CURL_VERSION_SSL
 supports SSL (HTTPS/FTPS) (Added in 7.10)
 .IP CURL_VERSION_LIBZ
@@ -125,7 +128,7 @@ letters. (Added in 7.12.0)
 .IP CURL_VERSION_SSPI
 libcurl was built with support for SSPI. This is only available on Windows and
 makes libcurl use Windows-provided functions for Kerberos, NTLM, SPNEGO and
-SASL DIGEST-MD5 authentication. It also allows libcurl to use the current user
+Digest authentication. It also allows libcurl to use the current user
 credentials without the app having to pass them on. (Added in 7.13.2)
 .IP CURL_VERSION_GSSAPI
 libcurl was built with support for GSS-API. This makes libcurl use provided
@@ -143,6 +146,9 @@ libcurl was built with support for NTLM delegation to a winbind helper.
 .IP CURL_VERSION_HTTP2
 libcurl was built with support for HTTP2.
 (Added in 7.33.0)
+.IP CURL_VERSION_UNIX_SOCKETS
+libcurl was built with support for Unix domain sockets.
+(Added in 7.40.0)
 .RE
 \fIssl_version\fP is an ASCII string for the OpenSSL version used. If libcurl
 has no SSL support, this is NULL.

docs/libcurl/libcurl-tutorial.3

@@ -40,7 +40,7 @@ refer to their respective man pages.
 
 .SH "Building"
 There are many different ways to build C programs. This chapter will assume a
-UNIX-style build process. If you use a different build system, you can still
+Unix style build process. If you use a different build system, you can still
 read this to get general information that may apply to your environment as
 well.
 .IP "Compiling the Program"
@@ -412,7 +412,7 @@ similar to the \fICURLOPT_USERPWD(3)\fP option like this:
 
  curl_easy_setopt(easyhandle, CURLOPT_PROXYUSERPWD, "myname:thesecret");
 
-There's a long time UNIX "standard" way of storing ftp user names and
+There's a long time Unix "standard" way of storing FTP user names and
 passwords, namely in the $HOME/.netrc file. The file should be made private
 so that only the user may read it (see also the "Security Considerations"
 chapter), as it might contain the password in plain text. libcurl has the
@@ -1129,9 +1129,9 @@ analyzer tool and eavesdrop on your passwords. Don't let the fact that HTTP
 Basic uses base64 encoded passwords fool you. They may not look readable at a
 first glance, but they very easily "deciphered" by anyone within seconds.
 
-To avoid this problem, use HTTP authentication methods or other protocols that
-don't let snoopers see your password: HTTP with Digest, NTLM or GSS
-authentication, HTTPS, FTPS, SCP, SFTP and FTP-Kerberos are a few examples.
+To avoid this problem, use an authentication mechanism or other protocol that
+doesn't let snoopers see your password: Digest, CRAM-MD5, Kerberos, SPNEGO or
+NTLM authentication, HTTPS, FTPS, SCP and SFTP are a few examples.
 
 .IP "Redirects"
 The \fICURLOPT_FOLLOWLOCATION(3)\fP option automatically follows HTTP
@@ -1402,7 +1402,7 @@ This happens on Windows machines when libcurl is built and used as a
 DLL. However, you can still do this on Windows if you link with a static
 library.
 .IP "[3]"
-The curl-config tool is generated at build-time (on UNIX-like systems) and
+The curl-config tool is generated at build-time (on Unix-like systems) and
 should be installed with the 'make install' or similar instruction that
 installs the library, header files, man pages etc.
 .IP "[4]"

docs/libcurl/libcurl.3

@@ -148,18 +148,16 @@ the library code.  For example, when libcurl is built for SSL
 capability via the GNU TLS library, there is an elaborate tree inside
 that library that describes the SSL protocol.
 
-\fIcurl_global_init()\fP is the function that you must call.  This may
-allocate resources (e.g. the memory for the GNU TLS tree mentioned
-above), so the companion function \fIcurl_global_cleanup()\fP releases
-them.
+\fIcurl_global_init(3)\fP is the function that you must call.  This may
+allocate resources (e.g. the memory for the GNU TLS tree mentioned above), so
+the companion function \fIcurl_global_cleanup(3)\fP releases them.
 
-The basic rule for constructing a program that uses libcurl is this:
-Call \fIcurl_global_init()\fP, with a \fICURL_GLOBAL_ALL\fP argument,
-immediately after the program starts, while it is still only one
-thread and before it uses libcurl at all.  Call
-\fIcurl_global_cleanup()\fP immediately before the program exits, when
-the program is again only one thread and after its last use of
-libcurl.
+The basic rule for constructing a program that uses libcurl is this: Call
+\fIcurl_global_init(3)\fP, with a \fICURL_GLOBAL_ALL\fP argument, immediately
+after the program starts, while it is still only one thread and before it uses
+libcurl at all.  Call \fIcurl_global_cleanup(3)\fP immediately before the
+program exits, when the program is again only one thread and after its last
+use of libcurl.
 
 You can call both of these multiple times, as long as all calls meet
 these requirements and the number of calls to each is the same.
@@ -184,48 +182,42 @@ your code doesn't know about other parts of the program -- it doesn't
 know whether they use libcurl or not.  And its code doesn't necessarily
 run at the start and end of the whole program.
 
-A module like this must have global constant functions of its own,
-just like \fIcurl_global_init()\fP and \fIcurl_global_cleanup()\fP.
-The module thus has control at the beginning and end of the program
-and has a place to call the libcurl functions.  Note that if multiple
-modules in the program use libcurl, they all will separately call the
-libcurl functions, and that's OK because only the first
-\fIcurl_global_init()\fP and the last \fIcurl_global_cleanup()\fP in a
-program change anything.  (libcurl uses a reference count in static
-memory).
+A module like this must have global constant functions of its own, just like
+\fIcurl_global_init(3)\fP and \fIcurl_global_cleanup(3)\fP.  The module thus
+has control at the beginning and end of the program and has a place to call
+the libcurl functions.  Note that if multiple modules in the program use
+libcurl, they all will separately call the libcurl functions, and that's OK
+because only the first \fIcurl_global_init(3)\fP and the last
+\fIcurl_global_cleanup(3)\fP in a program change anything.  (libcurl uses a
+reference count in static memory).
 
-In a C++ module, it is common to deal with the global constant
-situation by defining a special class that represents the global
-constant environment of the module.  A program always has exactly one
-object of the class, in static storage.  That way, the program
-automatically calls the constructor of the object as the program
-starts up and the destructor as it terminates.  As the author of this
-libcurl-using module, you can make the constructor call
-\fIcurl_global_init()\fP and the destructor call
-\fIcurl_global_cleanup()\fP and satisfy libcurl's requirements without
-your user having to think about it.
+In a C++ module, it is common to deal with the global constant situation by
+defining a special class that represents the global constant environment of
+the module.  A program always has exactly one object of the class, in static
+storage.  That way, the program automatically calls the constructor of the
+object as the program starts up and the destructor as it terminates.  As the
+author of this libcurl-using module, you can make the constructor call
+\fIcurl_global_init(3)\fP and the destructor call \fIcurl_global_cleanup(3)\fP
+and satisfy libcurl's requirements without your user having to think about it.
 
-\fIcurl_global_init()\fP has an argument that tells what particular
-parts of the global constant environment to set up.  In order to
-successfully use any value except \fICURL_GLOBAL_ALL\fP (which says to
-set up the whole thing), you must have specific knowledge of internal
-workings of libcurl and all other parts of the program of which it is
-part.
+\fIcurl_global_init(3)\fP has an argument that tells what particular parts of
+the global constant environment to set up.  In order to successfully use any
+value except \fICURL_GLOBAL_ALL\fP (which says to set up the whole thing), you
+must have specific knowledge of internal workings of libcurl and all other
+parts of the program of which it is part.
 
-A special part of the global constant environment is the identity of
-the memory allocator.  \fIcurl_global_init()\fP selects the system
-default memory allocator, but you can use \fIcurl_global_init_mem()\fP
-to supply one of your own.  However, there is no way to use
-\fIcurl_global_init_mem()\fP in a modular program -- all modules in
-the program that might use libcurl would have to agree on one
-allocator.
+A special part of the global constant environment is the identity of the
+memory allocator.  \fIcurl_global_init(3)\fP selects the system default memory
+allocator, but you can use \fIcurl_global_init_mem(3)\fP to supply one of your
+own.  However, there is no way to use \fIcurl_global_init_mem(3)\fP in a
+modular program -- all modules in the program that might use libcurl would
+have to agree on one allocator.
 
-There is a failsafe in libcurl that makes it usable in simple
-situations without you having to worry about the global constant
-environment at all: \fIcurl_easy_init()\fP sets up the environment
-itself if it hasn't been done yet.  The resources it acquires to do so
-get released by the operating system automatically when the program
-exits.
+There is a failsafe in libcurl that makes it usable in simple situations
+without you having to worry about the global constant environment at all:
+\fIcurl_easy_init(3)\fP sets up the environment itself if it hasn't been done
+yet.  The resources it acquires to do so get released by the operating system
+automatically when the program exits.
 
 This failsafe feature exists mainly for backward compatibility because
 there was a time when the global functions didn't exist.  Because it

docs/libcurl/mksymbolsmanpage.pl

@@ -0,0 +1,93 @@
+#!/usr/bin/perl
+# ***************************************************************************
+# *                                  _   _ ____  _
+# *  Project                     ___| | | |  _ \| |
+# *                             / __| | | | |_) | |
+# *                            | (__| |_| |  _ <| |___
+# *                             \___|\___/|_| \_\_____|
+# *
+# * Copyright (C) 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+# *
+# * This software is licensed as described in the file COPYING, which
+# * you should have received as part of this distribution. The terms
+# * are also available at http://curl.haxx.se/docs/copyright.html.
+# *
+# * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# * copies of the Software, and permit persons to whom the Software is
+# * furnished to do so, under the terms of the COPYING file.
+# *
+# * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# * KIND, either express or implied.
+# *
+# ***************************************************************************
+
+my $version="7.41.0";
+
+use POSIX qw(strftime);
+my $date = strftime "%b %e, %Y", localtime;
+my $year = strftime "%Y", localtime;
+
+print <<HEADER
+.\\" **************************************************************************
+.\\" *                                  _   _ ____  _
+.\\" *  Project                     ___| | | |  _ \\| |
+.\\" *                             / __| | | | |_) | |
+.\\" *                            | (__| |_| |  _ <| |___
+.\\" *                             \\___|\\___/|_| \\_\\_____|
+.\\" *
+.\\" * Copyright (C) 1998 - $year, Daniel Stenberg, <daniel\@haxx.se>, et al.
+.\\" *
+.\\" * This software is licensed as described in the file COPYING, which
+.\\" * you should have received as part of this distribution. The terms
+.\\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\\" *
+.\\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\\" * copies of the Software, and permit persons to whom the Software is
+.\\" * furnished to do so, under the terms of the COPYING file.
+.\\" *
+.\\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\\" * KIND, either express or implied.
+.\\" *
+.\\" **************************************************************************
+.TH libcurl-symbols 3 "$date" "libcurl $version" "libcurl symbols"
+.SH NAME
+libcurl-symbols \\- libcurl symbol version information
+.SH "libcurl symbols"
+This man page details version information for public symbols provided in the
+libcurl header files. This lists the first version in which the symbol was
+introduced and for some symbols two additional information pieces:
+
+The first version in which the symbol is marked "deprecated" - meaning that
+since that version no new code should be written to use the symbol as it is
+marked for getting removed in a future.
+
+The last version that featured the specific symbol. Using the symbol in source
+code will make it no longer compile error-free after that specified version.
+
+This man page is automatically generated from the symbols-in-versions file.
+HEADER
+    ;
+
+while(<STDIN>) {
+    if($_ =~ /^(CURL[A-Z0-9_.]*) *(.*)/) {
+        my ($symbol, $rest)=($1,$2);
+        my ($intro, $dep, $rem);
+        if($rest =~ s/^([0-9.]*) *//) {
+           $intro = $1;
+        }
+        if($rest =~ s/^([0-9.]*) *//) {
+           $dep = $1;
+        }
+        if($rest =~ s/^([0-9.]*) *//) {
+           $rem = $1;
+        }
+        print ".IP $symbol\nIntroduced in $intro\n";
+        if($dep) {
+          print "Deprecated since $dep\n";
+        }
+        if($rem) {
+          print "Last used in $dep\n";
+        }
+    }
+
+}

docs/libcurl/opts/CURLMOPT_PIPELINING_SERVER_BL.3

@@ -50,7 +50,7 @@ The default value is NULL, which means that there is no blacklist.
     NULL
   };
 
-  curl_multi_setopt(m, CURLMOPT_PIPELINE_SERVER_BL, server_blacklist);
+  curl_multi_setopt(m, CURLMOPT_PIPELINING_SERVER_BL, server_blacklist);
 .fi
 .SH AVAILABILITY
 Added in 7.30.0

docs/libcurl/opts/CURLMOPT_PIPELINING_SITE_BL.3

@@ -46,7 +46,7 @@ HTTP(S)
     NULL
   };
 
-  curl_multi_setopt(m, CURLMOPT_PIPELINE_SITE_BL, site_blacklist);
+  curl_multi_setopt(m, CURLMOPT_PIPELINING_SITE_BL, site_blacklist);
 .fi
 .SH AVAILABILITY
 Added in 7.30.0

docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.3

@@ -36,14 +36,21 @@ CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_TIMERFUNCTION, timer_callbac
 Pass a pointer to your callback function, which should match the prototype
 shown above.
 
-This callback function will be called when the timeout value changes. The
-\fBtimeout_ms\fP value is at what latest time the application should call one
-of the \&"performing" functions of the multi interface
-(\fIcurl_multi_socket_action(3)\fP and \fIcurl_multi_perform(3)\fP) - to allow
-libcurl to keep timeouts and retries etc to work. A \fBtimeout_ms\fP value of
--1 means that there is no timeout at all, and 0 means that the timeout is
-already expired. libcurl attempts to limit calling this only when the fixed
-future timeout time actually changes.
+Certain features, such as timeouts and retries, require you to call libcurl
+even when there is no activity on the file descriptors.
+
+Your callback function \fBtimer_callback\fP should install a non-repeating
+timer with an interval of \fBtimeout_ms\fP. Each time that timer fires, call
+either \fIcurl_multi_socket_action(3)\fP or \fIcurl_multi_perform(3)\fP,
+depending on which interface you use.
+
+A \fBtimeout_ms\fP value of -1 means you should delete your timer.
+
+A \fBtimeout_ms\fP value of 0 means you should call
+\fIcurl_multi_socket_action(3)\fP or \fIcurl_multi_perform(3)\fP (once) as soon
+as possible.
+
+\fBtimer_callback\fP will only be called when the \fBtimeout_ms\fP changes.
 
 The \fBuserp\fP pointer is set with \fICURLMOPT_TIMERDATA(3)\fP.
 
@@ -54,7 +61,38 @@ NULL
 .SH PROTOCOLS
 All
 .SH EXAMPLE
-TODO
+.nf
+static gboolean timeout_cb(gpointer user_data) {
+    if (user_data) {
+        g_free(user_data);
+        curl_multi_setopt(curl_handle, CURLMOPT_TIMERDATA, NULL);
+    }
+    int running;
+    curl_multi_socket_action(multi, CURL_SOCKET_TIMEOUT, 0, &running);
+    return G_SOURCE_REMOVE;
+}
+
+static int timerfunc(CURLM *multi, long timeout_ms, void *userp) {
+    guint *id = userp;
+
+    if (id)
+        g_source_remove(*id);
+
+    // -1 means we should just delete our timer.
+    if (timeout_ms == -1) {
+        g_free(id);
+        id = NULL;
+    } else {
+        if (!id)
+            id = g_new(guint, 1);
+        *id = g_timeout_add(timeout_ms, timeout_cb, id);
+    }
+    curl_multi_setopt(multi, CURLMOPT_TIMERDATA, id);
+    return 0;
+}
+
+curl_multi_setopt(multi, CURLMOPT_TIMERFUNCTION, timerfunc);
+.fi
 .SH AVAILABILITY
 Added in 7.16.0
 .SH RETURN VALUE

docs/libcurl/opts/CURLOPT_CAINFO.3

@@ -47,7 +47,8 @@ All TLS based protocols: HTTPS, FTPS, IMAPS, POP3, SMTPS etc.
 .SH EXAMPLE
 TODO
 .SH AVAILABILITY
-If built TLS enabled
+For SSL engines that don't support certificate files the CURLOPT_CAINFO option
+is ignored. Refer to http://curl.haxx.se/docs/ssl-compared.html
 .SH RETURN VALUE
 Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
 CURLE_OUT_OF_MEMORY if there was insufficient heap space.

docs/libcurl/opts/CURLOPT_CAPATH.3

@@ -43,9 +43,8 @@ All TLS based protocols: HTTPS, FTPS, IMAPS, POP3, SMTPS etc.
 .SH EXAMPLE
 TODO
 .SH AVAILABILITY
-This option is OpenSSL-specific and does nothing if libcurl is built to use
-GnuTLS. NSS-powered libcurl provides the option only for backward
-compatibility.
+This option is supported by the OpenSSL, GnuTLS and PolarSSL backends. The NSS
+backend provides the option only for backward compatibility.
 .SH RETURN VALUE
 Returns CURLE_OK if TLS enabled, and CURLE_UNKNOWN_OPTION if not, or
 CURLE_OUT_OF_MEMORY if there was insufficient heap space.

docs/libcurl/opts/CURLOPT_CERTINFO.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -29,11 +29,10 @@ CURLOPT_CERTINFO \- request SSL certificate information
 CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CERTINFO, long certinfo);
 .SH DESCRIPTION
 Pass a long set to 1 to enable libcurl's certificate chain info gatherer. With
-this enabled, libcurl (if built with OpenSSL, NSS or GSKit) will
-extract lots of information and data about the certificates in the certificate
-chain used in the SSL connection. This data may then be retrieved after a
-transfer using \fIcurl_easy_getinfo(3)\fP and its option
-\fICURLINFO_CERTINFO\fP.
+this enabled, libcurl will extract lots of information and data about the
+certificates in the certificate chain used in the SSL connection. This data may
+then be retrieved after a transfer using \fIcurl_easy_getinfo(3)\fP and its
+option \fICURLINFO_CERTINFO\fP.
 .SH DEFAULT
 0
 .SH PROTOCOLS
@@ -41,7 +40,7 @@ All TLS-based
 .SH EXAMPLE
 TODO
 .SH AVAILABILITY
-Added in 7.19.1
+This option is supported by the OpenSSL, GnuTLS, NSS and GSKit backends.
 .SH RETURN VALUE
 Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"

docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,17 @@ In unix-like systems, this might cause signals to be used unless
 .SH PROTOCOLS
 All
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* complete connection within 10 seconds */
+  curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 10L);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Always
 .SH RETURN VALUE

docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT_MS.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,17 @@ In unix-like systems, this might cause signals to be used unless
 .SH PROTOCOLS
 All
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* complete connection within 10000 milliseconds */
+  curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 10000L);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Always
 .SH RETURN VALUE

docs/libcurl/opts/CURLOPT_COOKIE.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -51,7 +51,16 @@ NULL, no cookies
 .SH PROTOCOLS
 HTTP
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  curl_easy_setopt(curl, CURLOPT_COOKIE, "tool=curl; fun=yes;");
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 If HTTP is enabled
 .SH RETURN VALUE

docs/libcurl/opts/CURLOPT_CRLF.3

@@ -40,7 +40,7 @@ All
 .SH EXAMPLE
 TODO
 .SH AVAILABILITY
-Always
+SMTP since 7.40.0, other protocols since they were introduced
 .SH RETURN VALUE
 Returns CURLE_OK
 .SH "SEE ALSO"

docs/libcurl/opts/CURLOPT_HEADER.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -38,9 +38,26 @@ about the protocol in use.
 
 It is often better to use \fICURLOPT_HEADERFUNCTION(3)\fP to get the header
 data separately.
+
+While named confusingly similar, \fICURLOPT_HTTPHEADER(3)\fP is used to set
+custom HTTP headers!
 .SH DEFAULT
 0
+.SH PROTOCOLS
+Most
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  curl_easy_setopt(curl, CURLOPT_HEADER, 1L);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH RETURN VALUE
 Returns CURLE_OK.
 .SH "SEE ALSO"
 .BR CURLOPT_HEADERFUNCTION "(3), "
+.BR CURLOPT_HTTPHEADER "(3), "

docs/libcurl/opts/CURLOPT_HEADERFUNCTION.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -39,14 +39,14 @@ shown above.
 This function gets called by libcurl as soon as it has received header
 data. The header callback will be called once for each header and only
 complete header lines are passed on to the callback. Parsing headers is very
-easy using this. The size of the data pointed to by \fIptr\fP is \fIsize\fP
+easy using this. The size of the data pointed to by \fIbuffer\fP is \fIsize\fP
 multiplied with \fInmemb\fP. Do not assume that the header line is zero
 terminated! The pointer named \fIuserdata\fP is the one you set with the
 \fICURLOPT_HEADERDATA(3)\fP option. This callback function must return the
 number of bytes actually taken care of. If that amount differs from the amount
 passed in to your function, it'll signal an error to the library. This will
 cause the transfer to get aborted and the libcurl function in progress will
-return \fICURL_WRITE_ERROR\fP.
+return \fICURLE_WRITE_ERROR\fP.
 
 A complete HTTP header that is passed to this function can be up to
 \fICURL_MAX_HTTP_HEADER\fP (100K) bytes.
@@ -80,7 +80,24 @@ Nothing.
 Used for all protocols with headers or meta-data concept: HTTP, FTP, POP3,
 IMAP, SMTP and more.
 .SH EXAMPLE
-TODO
+.nf
+static size_t header_callback(char *buffer, size_t size,
+                              size_t nitems, void *userdata)
+{
+  /* received header is nitems * size long in 'buffer' NOT ZERO TERMINATED */
+  /* 'userdata' is set with CURLOPT_WRITEDATA */
+  return nitems * size;
+}
+
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, header_callback);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Always
 .SH RETURN VALUE

docs/libcurl/opts/CURLOPT_HTTP200ALIASES.3

@@ -32,9 +32,11 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HTTP200ALIASES,
 .SH DESCRIPTION
 Pass a pointer to a linked list of \fIaliases\fP to be treated as valid HTTP
 200 responses.  Some servers respond with a custom header response line.  For
-example, IceCast servers respond with "ICY 200 OK".  By including this string
-in your list of aliases, the response will be treated as a valid HTTP header
-line such as "HTTP/1.0 200 OK".
+example, SHOUTcast servers respond with "ICY 200 OK". Also some very old
+Icecast 1.3.x servers will respond like that for certain user agent headers or
+in absence of such. By including this string in your list of aliases,
+the response will be treated as a valid HTTP header line such as
+"HTTP/1.0 200 OK".
 
 The linked list should be a fully valid list of struct curl_slist structs, and
 be properly filled in.  Use \fIcurl_slist_append(3)\fP to create the list and

docs/libcurl/opts/CURLOPT_HTTPHEADER.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -63,21 +63,48 @@ Pass a NULL to this option to reset back to no custom headers.
 
 The most commonly replaced headers have "shortcuts" in the options
 \fICURLOPT_COOKIE(3)\fP, \fICURLOPT_USERAGENT(3)\fP and
-\fICURLOPT_REFERER(3)\fP.
+\fICURLOPT_REFERER(3)\fP. We recommend using those.
 
 There's an alternative option that sets or replaces headers only for requests
 that are sent with CONNECT to a proxy: \fICURLOPT_PROXYHEADER(3)\fP. Use
 \fICURLOPT_HEADEROPT(3)\fP to control the behavior.
+.SH SECURITY CONCERNS
+By default, this option makes libcurl send the given headers in all HTTP
+requests done by this handle. You should therefore use this option with
+caution if you for example connect to the remote site using a proxy and a
+CONNECT request, you should to consider if that proxy is supposed to also get
+the headers. They may be private or otherwise sensitive to leak.
+
+Use \fICURLOPT_HEADEROPT(3)\fP to make the headers only get sent to where you
+intend them to get sent.
 .SH DEFAULT
 NULL
 .SH PROTOCOLS
 HTTP
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+
+struct curl_slist *list = NULL;
+
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  list = curl_slist_append(list, "Shoesize: 10");
+  list = curl_slist_append(list, "Accept:");
+
+  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, list);
+
+  curl_easy_perform(curl);
+
+  curl_slist_free_all(list); /* free the list again */
+}
+.fi
+
 .SH AVAILABILITY
 As long as HTTP is enabled
 .SH RETURN VALUE
 Returns CURLE_OK if HTTP is supported, and CURLE_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"
 .BR CURLOPT_CUSTOMREQUEST "(3), " CURLOPT_HEADEROPT "(3), "
-.BR CURLOPT_PROXYHEADER "(3)"
+.BR CURLOPT_PROXYHEADER "(3), " CURLOPT_HEADER "(3)"

docs/libcurl/opts/CURLOPT_HTTP_VERSION.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -41,8 +41,8 @@ Enforce HTTP 1.0 requests.
 .IP CURL_HTTP_VERSION_1_1
 Enforce HTTP 1.1 requests.
 .IP CURL_HTTP_VERSION_2_0
-Attempt HTTP 2.0 requests. libcurl will fall back to HTTP 1.x if HTTP 2.0
-can't be negotiated with the server.
+Attempt HTTP 2 requests. libcurl will fall back to HTTP 1.x if HTTP 2 can't be
+negotiated with the server. (Added in 7.33.0)
 .SH DEFAULT
 CURL_HTTP_VERSION_NONE
 .SH PROTOCOLS

docs/libcurl/opts/CURLOPT_IGNORE_CONTENT_LENGTH.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -42,7 +42,17 @@ Only use this option if strictly necessary.
 .SH PROTOCOLS
 HTTP
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* we know the server is silly, ignore content-length */
+  curl_easy_setopt(curl, CURLOPT_IGNORE_CONTENT_LENGTH, 1L);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 Added in 7.14.1
 .SH RETURN VALUE

docs/libcurl/opts/CURLOPT_INFILESIZE.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -49,7 +49,20 @@ Unset
 .SH PROTOCOLS
 Many
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  long uploadsize = FILE_SIZE;
+
+  curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/destination.tar.gz");
+
+  curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
+
+  curl_easy_setopt(curl, CURLOPT_INFILESIZE, uploadsize);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 SMTP support added in 7.23.0
 .SH RETURN VALUE

docs/libcurl/opts/CURLOPT_INFILESIZE_LARGE.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -50,7 +50,20 @@ Unset
 .SH PROTOCOLS
 Many
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_off_t uploadsize = FILE_SIZE;
+
+  curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/destination.tar.gz");
+
+  curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
+
+  curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, uploadsize);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 SMTP support added in 7.23.0
 .SH RETURN VALUE

docs/libcurl/opts/CURLOPT_PATH_AS_IS.3

@@ -0,0 +1,63 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PATH_AS_IS 3 "17 Jun 2014" "libcurl 7.42.0" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PATH_AS_IS \- do not handle dot dot sequences
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PATH_AS_IS, long leaveit);
+.SH DESCRIPTION
+By setting the long \fIleavit\fP to 1, to explicitly tell libcurl to not alter
+the given path before passing it on to the server.
+
+This tells libcurl to NOT squash sequences of "/../" or "/./" that may exist
+in the URL's path part and that is supposed to be removed according to RFC
+3986 section 5.2.4.
+
+Some server implementations are known to (erroneously) require the dot dot
+sequences to remain in the path and some clients want to pass these on in
+order to try out server implementations.
+
+By default libcurl will merge such sequences before using the path.
+.SH DEFAULT
+0
+.SH PROTOCOLS
+All 
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/../../etc/password");
+
+  curl_easy_setopt(curl, CURLOPT_PATH_AS_IS, 1L);
+
+  curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+Aded in 7.42.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_STDERR "(3), " CURLOPT_DEBUGFUNCTION "(3), "

docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3

@@ -29,7 +29,7 @@ CURLOPT_PINNEDPUBLICKEY \- set pinned public key
 CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PINNEDPUBLICKEY, char *pinnedpubkey);
 .SH DESCRIPTION
 Pass a pointer to a zero terminated string as parameter. The string should be
-the file name of your pinned public key. The format expected is "DER".
+the file name of your pinned public key. The format expected is "PEM" or "DER".
 
 When negotiating a TLS or SSL connection, the server sends a certificate
 indicating its identity. A public key is extracted from this certificate and

docs/libcurl/opts/CURLOPT_POSTFIELDS.3

@@ -35,6 +35,8 @@ way. For example, the web server may assume that this data is url-encoded.
 
 The data pointed to is NOT copied by the library: as a consequence, it must be
 preserved by the calling application until the associated transfer finishes.
+This behaviour can be changed (so libcurl does copy the data) by setting the
+\fICURLOPT_COPYPOSTFIELDS(3)\fP option.
 
 This POST is a normal application/x-www-form-urlencoded kind (and libcurl will
 set that Content-Type by default when this option is used), which is commonly

docs/libcurl/opts/CURLOPT_PRIVATE.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -37,7 +37,22 @@ NULL
 .SH PROTOCOLS
 All
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+struct private secrets;
+if(curl) {
+  struct private *extracted;
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* store a pointer to our private struct */
+  curl_easy_setopt(curl, CURLOPT_PRIVATE, &secrets);
+
+  curl_easy_perform(curl);
+
+  /* we can extract the private pointer again too */
+  curl_easy_getinfo(curl, CURLINFO_PRIVATE, &extracted);
+}
+.fi
 .SH AVAILABILITY
 Added in 7.10.3
 .SH RETURN VALUE

docs/libcurl/opts/CURLOPT_PROTOCOLS.3

@@ -59,6 +59,7 @@ CURLPROTO_RTMPTS
 CURLPROTO_RTSP
 CURLPROTO_SCP
 CURLPROTO_SFTP
+CURLPROTO_SMB
 CURLPROTO_SMTP
 CURLPROTO_SMTPS
 CURLPROTO_TELNET

docs/libcurl/opts/CURLOPT_READDATA.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -42,7 +42,19 @@ By default, this is a FILE * to stdin.
 .SH PROTOCOLS
 This is used for all protocols when sending data.
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+struct MyData this;
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* pass pointer that gets passed in to the
+     CURLOPT_READFUNCTION callback */
+  curl_easy_setopt(curl, CURLOPT_READDATA, &this);
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 This option was once known by the older name \fICURLOPT_INFILE\fP, the name
 \fICURLOPT_READDATA\fP was introduced in 7.9.7.

docs/libcurl/opts/CURLOPT_READFUNCTION.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -34,9 +34,10 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_READFUNCTION, read_callback);
 Pass a pointer to your callback function, as the prototype shows above.
 
 This callback function gets called by libcurl as soon as it needs to read data
-in order to send it to the peer. The data area pointed at by the pointer
-\fIbuffer\fP should be filled up with at most \fIsize\fP multiplied with
-\fInmemb\fP number of bytes by your function.
+in order to send it to the peer - like if you ask it to upload or post data to
+the server. The data area pointed at by the pointer \fIbuffer\fP should be
+filled up with at most \fIsize\fP multiplied with \fInmemb\fP number of bytes
+by your function.
 
 Your function must then return the actual number of bytes that it stored in
 that memory area. Returning 0 will signal end-of-file to the library and cause
@@ -75,4 +76,4 @@ was added in 7.12.1.
 This will return CURLE_OK.
 .SH "SEE ALSO"
 .BR CURLOPT_READDATA "(3), " CURLOPT_WRITEFUNCTION "(3), "
-.BR CURLOPT_SEEKFUNCTION "(3), "
+.BR CURLOPT_SEEKFUNCTION "(3), " CURLOPT_UPLOAD "(3), " CURLOPT_POST "(3), "

docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.3

@@ -59,13 +59,14 @@ CURLPROTO_RTMPTS
 CURLPROTO_RTSP
 CURLPROTO_SCP
 CURLPROTO_SFTP
+CURLPROTO_SMB
 CURLPROTO_SMTP
 CURLPROTO_SMTPS
 CURLPROTO_TELNET
 CURLPROTO_TFTP
 .fi
 .SH DEFAULT
-All protocols except for FILE and SCP
+All protocols except for FILE, SCP and SMB.
 .SH PROTOCOLS
 All
 .SH EXAMPLE

docs/libcurl/opts/CURLOPT_REFERER.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -37,7 +37,17 @@ NULL
 .SH PROTOCOLS
 HTTP
 .SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+
+  /* tell it where we found the link to this place */
+  curl_easy_setopt(curl, CURLOPT_REFERER, "http://example.com/aboutme.html");
+
+  curl_easy_perform(curl);
+}
+.fi
 .SH AVAILABILITY
 If built with HTTP support
 .SH RETURN VALUE

docs/libcurl/opts/CURLOPT_SEEKFUNCTION.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -43,10 +43,13 @@ shown above.
 This function gets called by libcurl to seek to a certain position in the
 input stream and can be used to fast forward a file in a resumed upload
 (instead of reading all uploaded bytes with the normal read
-function/callback). It is also called to rewind a stream when doing a HTTP PUT
-or POST with a multi-pass authentication method. The function shall work like
-fseek(3) or lseek(3) and it gets SEEK_SET, SEEK_CUR or SEEK_END as argument
-for \fIorigin\fP, although libcurl currently only passes SEEK_SET.
+function/callback). It is also called to rewind a stream when data has already
+been sent to the server and needs to be sent again. This may happen when doing
+a HTTP PUT or POST with a multi-pass authentication method, or when an
+existing HTTP connection is reused too late and the server closes the
+connection. The function shall work like fseek(3) or lseek(3) and it gets
+SEEK_SET, SEEK_CUR or SEEK_END as argument for \fIorigin\fP, although libcurl
+currently only passes SEEK_SET.
 
 \fIuserp\fP is the pointer you set with \fICURLOPT_SEEKDATA(3)\fP.
 

docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.3

@@ -38,7 +38,8 @@ All TLS based protocols: HTTPS, FTPS, IMAPS, POP3, SMTPS etc.
 .SH EXAMPLE
 TODO
 .SH AVAILABILITY
-Added in 7.11.0. Only used with the OpenSSL backend.
+Added in 7.11.0 for OpenSSL. Added in 7.42.0 for wolfSSL/CyaSSL. Other SSL
+backends not supported.
 .SH RETURN VALUE
 Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"