Merge branch 'master' into http2-push

tool_help: fix --tlsv1 help text to use >= for TLSv1
INSTALL: Advise use of non-native SSL for Windows <= XP
2015-06-24 23:34:51 +02:00 · 2015-06-21 13:33:11 -04:00 · 2015-06-20 18:45:25 -04:00 · 2015-06-19 10:07:32 -04:00 · 2015-06-19 15:47:27 +02:00 · 2015-06-18 19:37:20 -04:00
617 changed files with 11066 additions and 9755 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -46,3 +46,6 @@ CHANGES.dist
 .cproject
 .settings
 .dirstamp
+test-driver
+/build/
+/builds/
--- a/.travis.yml
+++ b/.travis.yml
@@ -3,6 +3,8 @@ language: c
 before_script:
  - ./buildconf

+script: ./configure --enable-debug && make && make test-full
+
 compiler:
  - clang
  - gcc
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -76,6 +76,24 @@ option(BUILD_CURL_TESTS "Set to ON to build cURL tests." ON)
 option(CURL_STATICLIB "Set to ON to build libcurl with static linking." OFF)
 option(ENABLE_ARES "Set to ON to enable c-ares support" OFF)
 option(ENABLE_THREADED_RESOLVER "Set to ON to enable POSIX threaded DNS lookup" OFF)
+
+option(ENABLE_DEBUG "Set to ON to enable curl debug features" OFF)
+option(ENABLE_CURLDEBUG "Set to ON to build with TrackMemory feature enabled" OFF)
+
+if (ENABLE_DEBUG)
+  # DEBUGBUILD will be defined only for Debug builds
+  if(NOT CMAKE_VERSION VERSION_LESS 3.0)
+    set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS $<$<CONFIG:Debug>:DEBUGBUILD>)
+  else()
+    set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS_DEBUG DEBUGBUILD)
+  endif()
+  set(ENABLE_CURLDEBUG ON)
+endif()
+
+if (ENABLE_CURLDEBUG)
+  set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS CURLDEBUG)
+endif()
+
 # initialize CURL_LIBS
 set(CURL_LIBS "")

@@ -280,7 +298,6 @@ endif()
 option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ON)
 mark_as_advanced(CMAKE_USE_OPENSSL)

-set(USE_SSLEAY OFF)
 set(USE_OPENSSL OFF)
 set(HAVE_LIBCRYPTO OFF)
 set(HAVE_LIBSSL OFF)
@@ -289,7 +306,6 @@ if(CMAKE_USE_OPENSSL)
  find_package(OpenSSL)
  if(OPENSSL_FOUND)
    list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES})
-    set(USE_SSLEAY ON)
    set(USE_OPENSSL ON)
    set(HAVE_LIBCRYPTO ON)
    set(HAVE_LIBSSL ON)
@@ -736,7 +752,6 @@ if(CMAKE_USE_OPENSSL)
    HAVE_CRYPTO_CLEANUP_ALL_EX_DATA)
  if(HAVE_LIBCRYPTO AND HAVE_LIBSSL)
    set(USE_OPENSSL 1)
-    set(USE_SSLEAY 1)
  endif(HAVE_LIBCRYPTO AND HAVE_LIBSSL)
 endif(CMAKE_USE_OPENSSL)
 check_symbol_exists(gmtime_r      "${CURL_INCLUDES}" HAVE_GMTIME_R)
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -0,0 +1,25 @@
+How to contribute to curl
+=========================
+
+Join the community
+------------------
+
+ 1. Click 'watch' on the github repo
+
+ 2. Subscribe to the suitable [mailing lists](http://curl.haxx.se/mail/)
+
+Read [docs/CONTRIBUTE](docs/CONTRIBUTE)
+---------------------------------------
+
+Send your suggestions using one of these methods:
+-------------------------------------------------
+
+ 1. in a mail to the mailing list
+
+ 2. as a pull request on github
+
+ 3. as an issue on github
+   
+
+/ The cURL team!
+
--- a/4
+++ b/4
@@ -94,7 +94,7 @@ if test ! -z $SDK32; then
  rm -r libcurl.framework
  mkdir -p libcurl.framework/${FRAMEWORK_VERSION}/Resources
  cp lib/.libs/libcurl.dylib libcurl.framework/${FRAMEWORK_VERSION}/libcurl
-  install_name_tool -id @executable_path/../Frameworks/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl
+  install_name_tool -id @rpath/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl
  /usr/bin/sed -e "s/7\.12\.3/$VERSION/" lib/libcurl.plist >libcurl.framework/${FRAMEWORK_VERSION}/Resources/Info.plist
  mkdir -p libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl
  cp include/curl/*.h libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl
@@ -121,7 +121,7 @@ if test ! -z $SDK32; then

    echo "----Appending 64 bit framework to 32 bit framework..."
    cp lib/.libs/libcurl.dylib libcurl.framework/${FRAMEWORK_VERSION}/libcurl64
-    install_name_tool -id @executable_path/../Frameworks/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl64
+    install_name_tool -id @rpath/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl64
    cp libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl32
    pwd
    lipo libcurl.framework/${FRAMEWORK_VERSION}/libcurl32 libcurl.framework/${FRAMEWORK_VERSION}/libcurl64 -create -output libcurl.framework/${FRAMEWORK_VERSION}/libcurl
--- a/Makefile.am
+++ b/Makefile.am
@@ -118,7 +118,7 @@ WINBUILD_DIST = winbuild/BUILD.WINDOWS.txt winbuild/gen_resp_file.bat	\
 winbuild/Makefile.msvc.names

 EXTRA_DIST = CHANGES COPYING maketgz Makefile.dist curl-config.in	\
- RELEASE-NOTES buildconf libcurl.pc.in MacOSX-Framework	\
+ RELEASE-NOTES buildconf libcurl.pc.in MacOSX-Framework scripts/zsh.pl	\
 $(CMAKE_DIST) $(VC_DIST) $(WINBUILD_DIST) lib/libcurl.vers.in

 CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ)	\
@@ -153,7 +153,7 @@ html:
 pdf:
 	cd docs; make pdf

-check: test examples
+check: test examples check-docs

 if CROSSCOMPILING
 test-full: test
@@ -181,6 +181,9 @@ endif
 examples:
 	@(cd docs/examples; $(MAKE) check)

+check-docs:
+	@(cd docs/libcurl; $(MAKE) check)
+
 # This is a hook to have 'make clean' also clean up the docs and the tests
 # dir. The extra check for the Makefiles being present is necessary because
 # 'make distcheck' will make clean first in these directories _before_ it runs
--- a/4
+++ b/4
@@ -38,12 +38,12 @@ GIT

  To download the very latest source off the GIT server do this:

-    git clone git://github.com/bagder/curl.git
+    git clone https://github.com/bagder/curl.git

  (you'll get a directory named curl created, filled with the source code)

 NOTICE

  Curl contains pieces of source code that is Copyright (c) 1998, 1999
-  Kungliga Tekniska H<EFBFBD>gskolan. This notice is included here to comply with the
+  Kungliga Tekniska Högskolan. This notice is included here to comply with the
  distribution terms.
--- a/112
+++ b/112
@@ -1,89 +1,19 @@
-Curl and libcurl 7.41.0
+Curl and libcurl 7.44.0

- Public curl releases:         144
- Command line options:         163
- curl_easy_setopt() options:   209
+ Public curl releases:         148
+ Command line options:         176
+ curl_easy_setopt() options:   219
 Public functions in libcurl:  58
- Contributors:                 1233
+ Contributors:                 1291

 This release includes the following changes:

- o NetWare build: added TLS-SRP enabled build
- o winbuild: Added option to build with c-ares
- o Added --cert-status [9]
- o Added CURLOPT_SSL_VERIFYSTATUS [10]
- o sasl: implement EXTERNAL authentication mechanism
+ o
+

 This release includes the following bugfixes:

- o sasl_gssapi: Fixed build on NetBSD with built-in GSS-API [1]
- o FTP: fix IPv6 host using link-local address [2]
- o FTP: if EPSV fails on IPV6 connections, bail out
- o gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitions
- o NSS: fix compiler error when built http2-enabled
- o mingw build: allow to pass custom CFLAGS [3]
- o add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS [4]
- o curl_schannel.c: mark session as removed from cache if not freed [5]
- o Curl_pretransfer: reset expected transfer sizes [6]
- o curl.h: remove extra space [7]
- o curl_endian: Fixed build when 64-bit integers are not supported [8]
- o checksrc.bat: Better detection of Perl installation
- o build-openssl.bat: Added check for Perl installation
- o http_negotiate: Return CURLcode in Curl_input_negotiate() instead of int
- o http_negotiate: Added empty decoded challenge message info text
- o vtls: Removed unimplemented overrides of curlssl_close_all()
- o sasl_gssapi: Fixed memory leak with local SPN variable
- o http_negotiate: Use dynamic buffer for SPN generation
- o ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP
- o openssl: do public key pinning check independently [11]
- o timeval: typecast for better type (on Amiga)
- o ipv6: enclose AF_INET6 uses with proper #ifdefs for ipv6
- o SASL: common URL option and auth capabilities decoders for all protocols
- o BoringSSL: fix build
- o BoringSSL: detected by configure, switches off NTLM
- o openvms: Handle openssl/0.8.9zb version parsing
- o configure: detect libresssl
- o configure: remove detection of the old yassl emulation API
- o curl_setup: Disable SMB/CIFS support when HTTP only
- o imap: remove automatic password setting: it breaks external sasl authentication
- o sasl: remove XOAUTH2 from default enabled authentication mechanism
- o runtests: identify BoringSSL and libressl
- o security: avoid compiler warning
- o ldap: build with BoringSSL
- o des: Added Curl_des_set_odd_parity()
- o CURLOPT_SEEKFUNCTION.3: also when server closes a connection
- o CURLOPT_HTTP_VERSION.3: CURL_HTTP_VERSION_2_0 added in 7.33.0
- o build: Removed unused Visual Studio bscmake settings
- o build: Enabled DEBUGBUILD in Visual Studio debug builds
- o build: Renamed top level Visual Studio solution files
- o build: Removed Visual Studio SuppressStartupBanner directive for VC8+
- o libcurl-symbols: first basic shot for autogenerated docs
- o Makefile.am: fix 'make distcheck'
- o getpass_r: read from stdin, not stdout! [12]
- o getpass: protect include with proper #ifdef
- o opts: CURLOPT_CAINFO availability depends on SSL engine
- o more cleanup of 'CURLcode result' return code 
- o MD4: replace implementation
- o MD5: replace implementation
- o openssl: SSL_SESSION->ssl_version no longer exist [13]
- o md5: use axTLS's own MD5 functions when available
- o schannel: Removed curl_ prefix from source files
- o curl.1: add warning when using -H and redirects
- o curl.1: clarify that -X is used for all requests
- o gskit: Fix exclusive SSLv3 option
- o polarssl: Fix exclusive SSL protocol version options [14]
- o http2: Fix bug that associated stream canceled on PUSH_PROMISE
- o ftp: accept all 2xx responses to the PORT command
- o configure: allow both --with-ca-bundle and --with-ca-path [15]
- o cmake: install the dll file to the correct directory
- o nss: fix NPN/ALPN protocol negotiation
- o polarssl: fix ALPN protocol negotiation
- o cmake: Fix generation of tool_hugehelp.c on windows
- o cmake: fix winsock2 detection on windows
- o gnutls: fix build with HTTP2
- o connect: fix a spurious connect failure on dual-stacked hosts [16]
- o test: test 530 is now less timing dependent
- o telnet: invalid use of custom read function if not set
+ o

 This release includes the following known bugs:

@@ -92,32 +22,10 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:

-  Alessandro Ghedini, Alexander Peslyak, Ben Boeckel, Brad King, Brad Spencer,
-  Chris Young, Dan Fandrich, Daniel Stenberg, Gisle Vanem, Guenter Knauf,
-  Jean-Francois Durand, Joe Mason, John E. Malmberg, Jon Seymour, Julian Ospald,
-  Kamil Dudka, Kyle J. McKay, Leith Bade, Marc Hoersken, Michael Kaufmann,
-  Michael Wallner, Mohammad AlSaleh, Nick Zitzmann, Patrick Monnerat,
-  Ray Satiro, Rich Burridge, Sam Schanken, Sergei Nikulov, Steve Holme,
-  Tatsuhiro Tsujikawa, Thomas Klausner, Viktor Szakats, Vojtěch Král,
-  Yun SangHo
+

        Thanks! (and sorry if I forgot to mention someone)

 References to bug reports and discussions on issues:

- [1] = http://curl.haxx.se/bug/view.cgi?id=1469
- [2] = http://curl.haxx.se/bug/view.cgi?id=1468
- [3] = https://github.com/bagder/curl/pull/136
- [4] = https://github.com/bagder/curl/pull/134
- [5] = http://curl.haxx.se/mail/lib-2015-01/0036.html
- [6] = http://curl.haxx.se/mail/lib-2015-01/0065.html
- [7] = https://github.com/bagder/curl/pull/137
- [8] = http://curl.haxx.se/mail/lib-2015-01/0094.html
- [9] = http://curl.haxx.se/docs/manpage.html#--cert-status
- [10] = http://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYSTATUS.html
- [11] = http://curl.haxx.se/bug/view.cgi?id=1471
- [12] = http://curl.haxx.se/bug/view.cgi?id=1476
- [13] = http://curl.haxx.se/mail/lib-2015-02/0034.html
- [14] = http://curl.haxx.se/mail/lib-2015-01/0002.html
- [15] = https://github.com/bagder/curl/pull/139
- [16] = https://bugzilla.redhat.com/1187531
+ [1] =
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -2452,23 +2452,6 @@ AC_DEFUN([CURL_CHECK_FUNC_SELECT], [
 ])


-# This is only a temporary fix. This macro is here to replace the broken one
-# delivered by the automake project (including the 1.9.6 release). As soon as
-# they ship a working version we SHOULD remove this work-around.
-
-AC_DEFUN([AM_MISSING_HAS_RUN],
-[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
-test x"${MISSING+set}" = xset || MISSING="\${SHELL} \"$am_aux_dir/missing\""
-# Use eval to expand $SHELL
-if eval "$MISSING --run true"; then
-  am_missing_run="$MISSING --run "
-else
-  am_missing_run=
-  AC_MSG_WARN([`missing' script is too old or missing])
-fi
-])
-
-
 dnl CURL_VERIFY_RUNTIMELIBS
 dnl -------------------------------------------------
 dnl Verify that the shared libs found so far can be used when running
@@ -2615,8 +2598,8 @@ AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
    capath="no"
  elif test "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
    dnl --with-ca-path given
-    if test "x$OPENSSL_ENABLED" != "x1" -a "x$POLARSSL_ENABLED" != "x1"; then
-      AC_MSG_ERROR([--with-ca-path only works with openSSL or PolarSSL])
+    if test "x$OPENSSL_ENABLED" != "x1" -a "x$GNUTLS_ENABLED" != "x1" -a "x$POLARSSL_ENABLED" != "x1"; then
+      AC_MSG_ERROR([--with-ca-path only works with OpenSSL, GnuTLS or PolarSSL])
    fi
    capath="$want_capath"
    ca="no"
@@ -2676,7 +2659,7 @@ AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
    AC_DEFINE_UNQUOTED(CURL_CA_PATH, "$capath", [Location of default ca path])
    AC_MSG_RESULT([$capath (capath)])
  fi
-  if test "x$ca" == "xno" && test "x$capath" == "xno"; then
+  if test "x$ca" = "xno" && test "x$capath" = "xno"; then
    AC_MSG_RESULT([no])
  fi
 ])
--- a/4
+++ b/4
@@ -318,6 +318,8 @@ for fname in .deps \
    ltsugar.m4 \
    ltversion.m4 \
    lt~obsolete.m4 \
+    missing \
+    install-sh \
    stamp-h1 \
    stamp-h2 \
    stamp-h3 ; do
@@ -329,7 +331,7 @@ done
 #

 echo "buildconf: running libtoolize"
-${libtoolize} --copy --automake --force || die "libtoolize command failed"
+${libtoolize} --copy --force || die "libtoolize command failed"

 # When using libtool 1.5.X (X < 26) we copy libtool.m4 to our local m4
 # subdirectory and this local copy is patched to fix some warnings that
--- a/configure.ac
+++ b/configure.ac
@@ -1184,6 +1184,8 @@ AC_ARG_WITH(gssapi,
  fi
 ])

+: ${KRB5CONFIG:="$GSSAPI_ROOT/bin/krb5-config"}
+
 save_CPPFLAGS="$CPPFLAGS"
 AC_MSG_CHECKING([if GSS-API support is requested])
 if test x"$want_gss" = xyes; then
@@ -1192,8 +1194,8 @@ if test x"$want_gss" = xyes; then
  if test -z "$GSSAPI_INCS"; then
     if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
        GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi`
-     elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
-        GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
+     elif test -f "$KRB5CONFIG"; then
+        GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi`
     elif test "$GSSAPI_ROOT" != "yes"; then
        GSSAPI_INCS="-I$GSSAPI_ROOT/include"
     fi
@@ -1283,10 +1285,10 @@ if test x"$want_gss" = xyes; then
           dnl into LIBS
           gss_libs=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --libs gssapi`
           LIBS="$gss_libs $LIBS"
-        elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
+        elif test -f "$KRB5CONFIG"; then
           dnl krb5-config doesn't have --libs-only-L or similar, put everything
           dnl into LIBS
-           gss_libs=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
+           gss_libs=`$KRB5CONFIG --libs gssapi`
           LIBS="$gss_libs $LIBS"
        else
           case $host in
@@ -1451,6 +1453,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
      SSL_CPPFLAGS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl
        $PKGCONFIG --cflags-only-I openssl 2>/dev/null`

+      AC_SUBST(SSL_LIBS)
      AC_MSG_NOTICE([pkg-config: SSL_LIBS: "$SSL_LIBS"])
      AC_MSG_NOTICE([pkg-config: SSL_LDFLAGS: "$SSL_LDFLAGS"])
      AC_MSG_NOTICE([pkg-config: SSL_CPPFLAGS: "$SSL_CPPFLAGS"])
@@ -1527,7 +1530,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then

    else

-      dnl Have the libraries--check for SSLeay/OpenSSL headers
+      dnl Have the libraries--check for OpenSSL headers
      AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \
                       openssl/pem.h openssl/ssl.h openssl/err.h,
        curl_ssl_msg="enabled (OpenSSL)"
@@ -1551,17 +1554,11 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
    fi

    if test X"$OPENSSL_ENABLED" = X"1"; then
-       AC_DEFINE(USE_SSLEAY, 1, [if SSL is enabled])
-
       dnl is there a pkcs12.h header present?
       AC_CHECK_HEADERS(openssl/pkcs12.h)
    else
       LIBS="$CLEANLIBS"
    fi
-    dnl USE_SSLEAY is the historical name for what configure calls
-    dnl OPENSSL_ENABLED; the names should really be unified
-    USE_SSLEAY="$OPENSSL_ENABLED"
-    AC_SUBST(USE_SSLEAY)

    if test X"$OPT_SSL" != Xoff &&
       test "$OPENSSL_ENABLED" != "1"; then
@@ -1578,8 +1575,10 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
                AC_CHECK_FUNCS( ENGINE_load_builtin_engines )
              ])

-    dnl these can only exist if openssl exists
-    dnl Cyassl doesn't have SSL_get_shutdown
+    dnl These can only exist if OpenSSL exists
+    dnl Older versions of Cyassl (some time before 2.9.4) don't have
+    dnl SSL_get_shutdown (but this check won't actually detect it there
+    dnl as it's a macro that needs the header files be included)
    dnl BoringSSL doesn't have DES_set_odd_parity

    AC_CHECK_FUNCS( RAND_status \
@@ -1675,8 +1674,8 @@ dnl ---
 if test "$OPENSSL_ENABLED" = "1"; then
  AC_CHECK_LIB(crypto, SRP_Calc_client_key,
   [
-     AC_DEFINE(HAVE_SSLEAY_SRP, 1, [if you have the function SRP_Calc_client_key])
-     AC_SUBST(HAVE_SSLEAY_SRP, [1])
+     AC_DEFINE(HAVE_OPENSSL_SRP, 1, [if you have the function SRP_Calc_client_key])
+     AC_SUBST(HAVE_OPENSSL_SRP, [1])
   ])
 fi

@@ -1946,6 +1945,10 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
      OPT_CYASSL=""
    fi

+    dnl This should be reworked to use pkg-config instead
+
+    cyassllibname=cyassl
+
    if test -z "$OPT_CYASSL" ; then
      dnl check for lib in system default first

@@ -1987,19 +1990,70 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
       [
         CPPFLAGS=$_cppflags
         LDFLAGS=$_ldflags
+         cyassllib=""
       ])
    fi

+    addld=""
+    addlib=""
+    addcflags=""
+
+    if test "x$USE_CYASSL" != "xyes"; then
+      dnl libcyassl renamed to libwolfssl as of 3.4.0
+      addld=-L$OPT_CYASSL/lib$libsuff
+      addcflags=-I$OPT_CYASSL/include
+      cyassllib=$OPT_CYASSL/lib$libsuff
+
+      LDFLAGS="$LDFLAGS $addld"
+      if test "$addcflags" != "-I/usr/include"; then
+         CPPFLAGS="$CPPFLAGS $addcflags"
+      fi
+
+      cyassllibname=wolfssl
+      my_ac_save_LIBS="$LIBS"
+      LIBS="-l$cyassllibname -lm $LIBS"
+
+      AC_MSG_CHECKING([for CyaSSL_Init in -lwolfssl])
+      AC_LINK_IFELSE([
+	AC_LANG_PROGRAM([[
+/* These aren't needed for detection and confuse WolfSSL.
+   They are set up properly later if it is detected.  */
+#undef SIZEOF_LONG
+#undef SIZEOF_LONG_LONG
+#include <cyassl/ssl.h>
+	]],[[
+	  return CyaSSL_Init();
+	]])
+      ],[
+         AC_MSG_RESULT(yes)
+         AC_DEFINE(USE_CYASSL, 1, [if CyaSSL is enabled])
+         AC_SUBST(USE_CYASSL, [1])
+         CYASSL_ENABLED=1
+         USE_CYASSL="yes"
+         curl_ssl_msg="enabled (CyaSSL)"
+       ],
+       [
+         AC_MSG_RESULT(no)
+         CPPFLAGS=$_cppflags
+         LDFLAGS=$_ldflags
+         cyassllib=""
+       ])
+      LIBS="$my_ac_save_LIBS"
+    fi
+
    if test "x$USE_CYASSL" = "xyes"; then
      AC_MSG_NOTICE([detected CyaSSL])

      dnl cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined!
      AC_CHECK_SIZEOF(long long)

+      dnl Versions since at least 2.6.0 may have options.h
+      AC_CHECK_HEADERS(cyassl/options.h)
+
      dnl Versions since at least 2.9.4 renamed error.h to error-ssl.h
      AC_CHECK_HEADERS(cyassl/error-ssl.h)

-      LIBS="-lcyassl -lm $LIBS"
+      LIBS="-l$cyassllibname -lm $LIBS"

      if test -n "$cyassllib"; then
        dnl when shared libs were found in a path that the run-time
@@ -2066,57 +2120,73 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
        fi
      fi
    else
-        # Without pkg-config, we'll kludge in some defaults
-        addlib="-L$OPT_NSS/lib -lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4 -lpthread -ldl"
-        addcflags="-I$OPT_NSS/include"
-        version="unknown"
-        nssprefix=$OPT_NSS
-    fi
-
-    if test -n "$addlib"; then
-
-      CLEANLIBS="$LIBS"
-      CLEANCPPFLAGS="$CPPFLAGS"
-
-      LIBS="$addlib $LIBS"
-      if test "$addcflags" != "-I/usr/include"; then
-         CPPFLAGS="$CPPFLAGS $addcflags"
-      fi
-
-      dnl The function SSL_VersionRangeSet() is needed to enable TLS > 1.0
-      AC_CHECK_LIB(nss3, SSL_VersionRangeSet,
-       [
-       AC_DEFINE(USE_NSS, 1, [if NSS is enabled])
-       AC_SUBST(USE_NSS, [1])
-       USE_NSS="yes"
-       NSS_ENABLED=1
-       curl_ssl_msg="enabled (NSS)"
-       ],
-       [
-         LIBS="$CLEANLIBS"
-         CPPFLAGS="$CLEANCPPFLAGS"
-       ])
-
-      if test "x$USE_NSS" = "xyes"; then
-        AC_MSG_NOTICE([detected NSS version $version])
-
-        dnl needed when linking the curl tool without USE_EXPLICIT_LIB_DEPS
-        NSS_LIBS=$addlib
-        AC_SUBST([NSS_LIBS])
-
-        dnl when shared libs were found in a path that the run-time
-        dnl linker doesn't search through, we need to add it to
-        dnl LD_LIBRARY_PATH to prevent further configure tests to fail
-        dnl due to this
-        if test "x$cross_compiling" != "xyes"; then
-          LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$nssprefix/lib$libsuff"
-          export LD_LIBRARY_PATH
-          AC_MSG_NOTICE([Added $nssprefix/lib$libsuff to LD_LIBRARY_PATH])
+      NSS_PCDIR="$OPT_NSS/lib/pkgconfig"
+      if test -f "$NSS_PCDIR/nss.pc"; then
+        CURL_CHECK_PKGCONFIG(nss, [$NSS_PCDIR])
+        if test "$PKGCONFIG" != "no" ; then
+          addld=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --libs-only-L nss`
+          addlib=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --libs-only-l nss`
+          addcflags=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --cflags nss`
+          version=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --modversion nss`
+          nssprefix=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --variable=prefix nss`
        fi
      fi
-
    fi

+    if test -z "$addlib"; then
+      # Without pkg-config, we'll kludge in some defaults
+      AC_MSG_WARN([Using hard-wired libraries and compilation flags for NSS.])
+      addld="-L$OPT_NSS/lib"
+      addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4"
+      addcflags="-I$OPT_NSS/include"
+      version="unknown"
+      nssprefix=$OPT_NSS
+    fi
+
+    CLEANLDFLAGS="$LDFLAGS"
+    CLEANLIBS="$LIBS"
+    CLEANCPPFLAGS="$CPPFLAGS"
+
+    LDFLAGS="$addld $LDFLAGS"
+    LIBS="$addlib $LIBS"
+    if test "$addcflags" != "-I/usr/include"; then
+       CPPFLAGS="$CPPFLAGS $addcflags"
+    fi
+
+    dnl The function SSL_VersionRangeSet() is needed to enable TLS > 1.0
+    AC_CHECK_LIB(nss3, SSL_VersionRangeSet,
+     [
+     AC_DEFINE(USE_NSS, 1, [if NSS is enabled])
+     AC_SUBST(USE_NSS, [1])
+     USE_NSS="yes"
+     NSS_ENABLED=1
+     curl_ssl_msg="enabled (NSS)"
+     ],
+     [
+       LDFLAGS="$CLEANLDFLAGS"
+       LIBS="$CLEANLIBS"
+       CPPFLAGS="$CLEANCPPFLAGS"
+     ])
+
+    if test "x$USE_NSS" = "xyes"; then
+      AC_MSG_NOTICE([detected NSS version $version])
+
+      dnl needed when linking the curl tool without USE_EXPLICIT_LIB_DEPS
+      NSS_LIBS=$addlib
+      AC_SUBST([NSS_LIBS])
+
+      dnl when shared libs were found in a path that the run-time
+      dnl linker doesn't search through, we need to add it to
+      dnl LD_LIBRARY_PATH to prevent further configure tests to fail
+      dnl due to this
+      if test "x$cross_compiling" != "xyes"; then
+        LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$nssprefix/lib$libsuff"
+        export LD_LIBRARY_PATH
+        AC_MSG_NOTICE([Added $nssprefix/lib$libsuff to LD_LIBRARY_PATH])
+      fi
+
+    fi dnl NSS found
+
  fi dnl NSS not disabled

 fi dnl curl_ssl_msg = init_ssl_msg
@@ -2771,7 +2841,9 @@ if test X"$want_h2" != Xno; then
    CPPFLAGS="$CPPFLAGS $CPP_H2"
    LIBS="$LIB_H2 $LIBS"

-    AC_CHECK_LIB(nghttp2, nghttp2_session_callbacks_set_send_callback,
+    # use nghttp2_option_set_no_recv_client_magic to require nghttp2
+    # >= 1.0.0
+    AC_CHECK_LIB(nghttp2, nghttp2_option_set_no_recv_client_magic,
      [
       AC_CHECK_HEADERS(nghttp2/nghttp2.h,
          curl_h2_msg="enabled (nghttp2)"
@@ -3271,7 +3343,7 @@ AC_HELP_STRING([--disable-tls-srp],[Disable TLS-SRP authentication]),
       want_tls_srp=yes
 )

-if test "$want_tls_srp" = "yes" && ( test "x$HAVE_GNUTLS_SRP" = "x1" || test "x$HAVE_SSLEAY_SRP" = "x1") ; then
+if test "$want_tls_srp" = "yes" && ( test "x$HAVE_GNUTLS_SRP" = "x1" || test "x$HAVE_OPENSSL_SRP" = "x1") ; then
   AC_DEFINE(USE_TLS_SRP, 1, [Use TLS-SRP authentication])
   USE_TLS_SRP=1
   curl_tls_srp_msg="enabled"
@@ -3385,7 +3457,7 @@ dnl For keeping supported features and protocols also in pkg-config file
 dnl since it is more cross-compile friendly than curl-config
 dnl

-if test "x$USE_SSLEAY" = "x1"; then
+if test "x$OPENSSL_ENABLED" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES SSL"
 elif test -n "$SSL_ENABLED"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES SSL"
@@ -3424,7 +3496,7 @@ if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" -a \
 fi

 if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1"; then
-  if test "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
+  if test "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
      -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \
      -o "x$DARWINSSL_ENABLED" = "x1"; then
    SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
@@ -3497,7 +3569,7 @@ if test "x$CURL_DISABLE_IMAP" != "x1"; then
 fi
 if test "x$CURL_DISABLE_SMB" != "x1" \
    -a "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" \
-    -a \( "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
+    -a \( "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
      -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \
      -o "x$DARWINSSL_ENABLED" = "x1" \); then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMB"
--- a/curl-config.in
+++ b/curl-config.in
@@ -71,7 +71,7 @@ while test $# -gt 0; do
        ;;

    --ca)
-        echo "@CURL_CA_BUNDLE@"
+        echo @CURL_CA_BUNDLE@
        ;;

    --cc)
--- a/docs/BINDINGS
+++ b/docs/BINDINGS
@@ -50,7 +50,7 @@ Cocoa
 D

  Written by Kenneth Bogert
-  http://curl.haxx.se/libcurl/d/
+  http://dlang.org/library/std/net/curl.html

 Dylan

@@ -60,7 +60,7 @@ Dylan
 Eiffel

  Written by Eiffel Software
-  http://curl.haxx.se/libcurl/eiffel/
+  https://room.eiffel.com/library/curl

 Euphoria

@@ -78,7 +78,7 @@ Ferite

 Gambas

-  http://gambas.sourceforge.net
+  http://gambas.sourceforge.net/

 glib/GTK+

@@ -90,6 +90,11 @@ Guile:
  Written by Michael L. Gran
  http://www.lonelycactus.com/guile-curl.html

+Harbour
+
+  Written by Viktor Szakáts
+  https://github.com/vszakats/harbour-core/tree/master/contrib/hbcurl
+
 Haskell

  Written by Galois, Inc
@@ -97,8 +102,7 @@ Haskell

 Java

-  Maintained by [blank]
-  http://curl.haxx.se/libcurl/java/
+  https://github.com/pjlegato/curl-java

 Julia

@@ -115,7 +119,7 @@ Lua
  luacurl by Alexander Marinov
  http://luacurl.luaforge.net/

-  Lua-cURL by J<EFBFBD>rgen H<EFBFBD>tzel
+  Lua-cURL by Jürgen Hötzel
  http://luaforge.net/projects/lua-curl/

 Mono
@@ -126,7 +130,7 @@ Mono
 .NET

  libcurl-net by Jeffrey Phillips
-  http://sourceforge.net/projects/libcurl-net/
+  https://sourceforge.net/projects/libcurl-net/

 node.js

@@ -141,7 +145,7 @@ Object-Pascal
 O'Caml

  Written by Lars Nilsson
-  http://sourceforge.net/projects/ocurl/
+  https://sourceforge.net/projects/ocurl/

 Pascal

@@ -150,13 +154,13 @@ Pascal

 Perl

-  Maintained by Cris Bailiff
-  http://curl.haxx.se/libcurl/perl/
+  Maintained by Cris Bailiff and Bálint Szilakszi
+  https://github.com/szbalint/WWW--Curl

 PHP

  Written by Sterling Hughes
-  http://curl.haxx.se/libcurl/php/
+  https://php.net/curl

 PostgreSQL

@@ -170,8 +174,7 @@ Python

 R

-  RCurl by Duncan Temple Lang
-  http://www.omegahat.org/RCurl/
+  http://cran.r-project.org/package=curl

 Rexx

@@ -192,10 +195,15 @@ Ruby
  ruby-curl-multi - written by Kristjan Petursson and Keith Rarick
  http://curl-multi.rubyforge.org/

+Rust
+
+  curl-rust - by Carl Lerche
+  https://github.com/carllerche/curl-rust
+
 Scheme

  Bigloo binding by Kirill Lisovsky
-  http://curl.haxx.se/libcurl/scheme/
+  http://www.metapaper.net/lisovsky/web/curl/

 S-Lang

@@ -219,13 +227,13 @@ SPL

 Tcl

-  Tclcurl by Andr<EFBFBD>s Garc<EFBFBD>a
-  http://personal1.iddeo.es/andresgarci/tclcurl/english/docs.html
+  Tclcurl by Andrés García
+  http://mirror.yellow5.com/tclcurl/

 Visual Basic

  libcurl-vb by Jeffrey Phillips
-  http://sourceforge.net/projects/libcurl-vb/
+  https://sourceforge.net/projects/libcurl-vb/

 Visual Foxpro

@@ -245,3 +253,8 @@ XBLite

  Written by David Szafranski
  http://perso.wanadoo.fr/xblite/libraries.html
+
+Xojo
+
+  Written by Andrew Lambert
+  https://github.com/charonn0/RB-libcURL
--- a/docs/BUGS
+++ b/docs/BUGS
@@ -35,11 +35,9 @@ BUGS
  have a go at a solution. You can optionally also post your bug/problem at
  curl's bug tracking system over at

-        https://sourceforge.net/p/curl/bugs/
+        https://github.com/bagder/curl/issues

-  Please read the rest of this document below first before doing that! Also,
-  you need to login to your sourceforge account before being able to submit a
-  bug report (necessary evil done to avoid spam).
+  Please read the rest of this document below first before doing that!

  If you feel you need to ask around first, find a suitable mailing list and
  post there. The lists are available on http://curl.haxx.se/mail/
--- a/docs/CONTRIBUTE
+++ b/docs/CONTRIBUTE
@@ -34,7 +34,7 @@
 3.3 How To Make a Patch without git
 3.4 How to get your changes into the main sources
 3.5 Write good commit messages
- 3.6 Please don't send pull requests
+ 3.6 About pull requests

 ==============================================================================

@@ -52,6 +52,10 @@

 We also hang out on IRC in #curl on irc.freenode.net

+ If you're at all interested in the code side of things, consider clicking
+ 'watch' on the curl repo at github to get notified on pull requests and new
+ issues posted there.
+
 1.2. License

 When contributing with code, you agree to put your changes and new code under
@@ -78,10 +82,10 @@

 1.3 What To Read

- Source code, the man pages, the INTERNALS document, TODO, KNOWN_BUGS, the
- most recent CHANGES. Just lurking on the curl-library mailing list is gonna
- give you a lot of insights on what's going on right now. Asking there is a
- good idea too.
+ Source code, the man pages, the INTERNALS document, TODO, KNOWN_BUGS and the
+ most recent changes in the git log. Just lurking on the curl-library mailing
+ list is gonna give you a lot of insights on what's going on right now. Asking
+ there is a good idea too.

 2. cURL Coding Standards

@@ -199,7 +203,7 @@

 You need to first checkout the repository:

-     git clone git://github.com/bagder/curl.git
+     git clone https://github.com/bagder/curl.git

 You then proceed and edit all the files you like and you commit them to your
 local repository:
@@ -241,8 +245,8 @@

 For unix-like operating systems:

-     http://www.gnu.org/software/patch/patch.html
-     http://www.gnu.org/directory/diffutils.html
+     https://savannah.gnu.org/projects/patch/
+     https://www.gnu.org/software/diffutils/

 For Windows:

@@ -288,27 +292,15 @@
 and make sure that you have your own user and email setup correctly in git
 before you commit

-3.6 Please don't send pull requests
+3.6 About pull requests

 With git (and especially github) it is easy and tempting to send a pull
- request to one or more people in the curl project to have changes merged this
- way instead of mailing patches to the curl-library mailing list.
+ request to the curl project to have changes merged this way instead of
+ mailing patches to the curl-library mailing list.

- We don't like that. We want them mailed for these reasons:
+ We used to dislike this but we're trying to change that and accept that this
+ is a frictionless way for people to contribute to the project. We now welcome
+ pull requests!

- - Peer review. Anyone and everyone on the list can review, comment and
-   improve on the patch. Pull requests limit this ability.
-
- - Anyone can merge the patch into their own trees for testing and those who
-   have push rights can push it to the main repo. It doesn't have to be anyone
-   the patch author knows beforehand.
-
- - Commit messages can be tweaked and changed if merged locally instead of
-   using github. Merges directly on github requires the changes to be perfect
-   already, which they seldom are.
-
- - Merges on github prevents rebases and even enforces --no-ff which is a git
-   style we don't otherwise use in the project
-
- However: once patches have been reviewed and deemed fine on list they are
- perfectly OK to be pulled from a published git tree.
+ We will continue to avoid using github's merge tools to make the history
+ linear and to make sure commits follow our style guidelines.
--- a/docs/DISTRO-DILEMMA
+++ b/docs/DISTRO-DILEMMA
@@ -112,7 +112,7 @@ The Better License, Original BSD, GPL or LGPL?
 In Debian land, there seems to be a common opinion that LGPL is "maximally
 compatible" with apps while Original BSD is not. Like this:

-        http://lists.debian.org/debian-devel/2005/09/msg01417.html
+        https://lists.debian.org/debian-devel/2005/09/msg01417.html

 More SSL Libraries

@@ -163,13 +163,13 @@ Distro Angle of this Problem
 Footnotes

 [1] = http://www.xfree86.org/3.3.6/COPYRIGHT2.html#6
- [2] = http://www.fsf.org/licensing/essays/bsd.html
- [3] = http://www.fsf.org/licensing/licenses/gpl.html
+ [2] = https://www.gnu.org/philosophy/bsd.html
+ [3] = https://www.gnu.org/licenses/gpl.html
 [4] = http://curl.haxx.se/docs/copyright.html
- [5] = http://www.openssl.org/source/license.html
- [6] = http://www.fsf.org/licensing/licenses/gpl.html end of section 3
- [7] = http://www.fsf.org/licensing/licenses/lgpl.html
- [8] = http://en.wikipedia.org/wiki/OpenSSL_exception
+ [5] = https://www.openssl.org/source/license.html
+ [6] = https://www.gnu.org/licenses/gpl.html end of section 3
+ [7] = https://www.gnu.org/licenses/lgpl.html
+ [8] = https://en.wikipedia.org/wiki/OpenSSL_exception

 Feedback/Updates provided by

--- a/docs/FAQ
+++ b/docs/FAQ
@@ -21,6 +21,7 @@ FAQ
  1.12 I have a problem who can I chat with?
  1.13 curl's ECCN number?
  1.14 How do I submit my patch?
+  1.15 How do I port libcurl to my OS?

 2. Install Related Problems
  2.1 configure doesn't find OpenSSL even when it is installed
@@ -81,6 +82,7 @@ FAQ
  4.18 file:// URLs containing drive letters (Windows, NetWare)
  4.19 Why doesn't cURL return an error when the network cable is unplugged?
  4.20 curl doesn't return error for HTTP non-200 responses!
+  4.21 Why is there a HTTP/1.1 in my HTTP/2 request?

 5. libcurl Issues
  5.1 Is libcurl thread-safe?
@@ -350,7 +352,7 @@ FAQ
  cryptography. When doing so, the Export Control Classification Number (ECCN)
  is used to identify the level of export control etc.

-  ASF gives a good explanation at http://www.apache.org/dev/crypto.html
+  ASF gives a good explanation at https://www.apache.org/dev/crypto.html

  We believe curl's number might be ECCN 5D002, another possibility is
  5D992. It seems necessary to write them, asking to confirm.
@@ -379,6 +381,19 @@ FAQ

  Lots of more details are found in the CONTRIBUTE and INTERNALS docs.

+  1.15 How do I port libcurl to my OS?
+
+  Here's a rough step-by-step:
+
+  1. copy a suitable lib/config-*.h file as a start to lib/config-[youros].h
+
+  2. edit lib/config-[youros].h to match your OS and setup
+
+  3. edit lib/curl_setup.h to include config-[youros].h when your OS is
+     detected by the preprocessor, in the style others already exist
+
+  4. compile lib/*.c and make them into a library
+

 2. Install Related Problems

@@ -1027,7 +1042,7 @@ FAQ
  timeout is set.

  See option TcpMaxConnectRetransmissions on this page:
-  http://support.microsoft.com/?scid=kb%3Ben-us%3B175523&x=6&y=7
+  https://support.microsoft.com/en-us/kb/175523/en-us

  Also, even on non-Windows systems there may run a firewall or anti-virus
  software or similar that accepts the connection but does not actually do
@@ -1044,7 +1059,7 @@ FAQ
  You'll find that even if D:\blah.txt does exist, cURL returns a 'file
  not found' error.

-  According to RFC 1738 (http://www.faqs.org/rfcs/rfc1738.html),
+  According to RFC 1738 (https://www.ietf.org/rfc/rfc1738.txt),
  file:// URLs must contain a host component, but it is ignored by
  most implementations. In the above example, 'D:' is treated as the
  host component, and is taken away. Thus, cURL tries to open '/blah.txt'.
@@ -1116,6 +1131,16 @@ FAQ
  You can also use the -w option and the variable %{response_code} to extract
  the exact response code that was return in the response.

+  4.21 Why is there a HTTP/1.1 in my HTTP/2 request?
+
+  If you use verbose to see the HTTP request when you send off a HTTP/2
+  request, it will still say 1.1.
+
+  The reason for this is that we first generate the request to send using the
+  old 1.1 style and show that request in the verbose output, and then we
+  convert it over to the binary header-compressed HTTP/2 style. The actual
+  "1.1" part from that request is then not actually used in the transfer. The
+  binary HTTP/2 headers are not human readable.

 5. libcurl Issues

@@ -1138,13 +1163,13 @@ FAQ
  If you use a OpenSSL-powered libcurl in a multi-threaded environment, you
  need to provide one or two locking functions:

-    http://www.openssl.org/docs/crypto/threads.html
+    https://www.openssl.org/docs/crypto/threads.html

  If you use a GnuTLS-powered libcurl in a multi-threaded environment, you
  need to provide locking function(s) for libgcrypt (which is used by GnuTLS
  for the crypto functions).

-    http://www.gnu.org/software/gnutls/manual/html_node/Multi_002dthreaded-applications.html
+    https://web.archive.org/web/20111103083330/http://www.gnu.org/software/gnutls/manual/html_node/Multi_002dthreaded-applications.html

  No special locking is needed with a NSS-powered libcurl. NSS is thread-safe.

@@ -1320,7 +1345,7 @@ FAQ
  Also note that on many networks NATs or other IP-munging techniques are used
  that makes you see and use a different IP address locally than what the
  remote server will see you coming from. You may also consider using
-  http://www.torproject.org .
+  https://www.torproject.org/ .

  5.13 How do I stop an ongoing transfer?

--- a/docs/HTTP-COOKIES
+++ b/docs/HTTP-COOKIES
@@ -36,7 +36,7 @@ HTTP Cookies
  For a very long time, the only spec explaining how to use cookies was the
  original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html

-  In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published
+  In 2011, RFC6265 (https://www.ietf.org/rfc/rfc6265.txt) was finally published
  and details how cookies work within HTTP.

  1.2 Cookies saved to disk
--- a/docs/HTTP2.md
+++ b/docs/HTTP2.md
@@ -0,0 +1,107 @@
+HTTP/2 with curl
+================
+
+[HTTP/2 Spec](https://www.rfc-editor.org/rfc/rfc7540.txt)
+[http2 explained](http://daniel.haxx.se/http2/)
+
+Build prerequisites
+-------------------
+  - nghttp2
+  - OpenSSL, NSS, GnutTLS or PolarSSL with a new enough version
+
+[nghttp2](https://nghttp2.org/)
+-------------------------------
+
+libcurl uses this 3rd party library for the low level protocol handling
+parts. The reason for this is that HTTP/2 is much more complex at that layer
+than HTTP/1.1 (which we implement on our own) and that nghttp2 is an already
+existing and well functional library.
+
+We require at least version 1.0.0.
+
+Over an http:// URL
+-------------------
+
+If `CURLOPT_HTTP_VERSION` is set to `CURL_HTTP_VERSION_2_0`, libcurl will
+include an upgrade header in the initial request to the host to allow
+upgrading to HTTP/2.
+
+Possibly we can later introduce an option that will cause libcurl to fail if
+not possible to upgrade. Possibly we introduce an option that makes libcurl
+use HTTP/2 at once over http://
+
+Over an https:// URL
+--------------------
+
+If `CURLOPT_HTTP_VERSION` is set to `CURL_HTTP_VERSION_2_0`, libcurl will use
+ALPN (or NPN) to negotiate which protocol to continue with. Possibly introduce
+an option that will cause libcurl to fail if not possible to use HTTP/2.
+Consider options to explicitly disable ALPN and/or NPN.
+
+ALPN is the TLS extension that HTTP/2 is expected to use. The NPN extension is
+for a similar purpose, was made prior to ALPN and is used for SPDY so early
+HTTP/2 servers are implemented using NPN before ALPN support is widespread.
+
+SSL libs
+--------
+
+The challenge is the ALPN and NPN support and all our different SSL
+backends. You may need a fairly updated SSL library version for it to
+provide the necessary TLS features. Right now we support:
+
+  - OpenSSL:  ALPN and NPN
+  - NSS:      ALPN and NPN
+  - GnuTLS:   ALPN
+  - PolarSSL: ALPN
+
+Multiplexing
+------------
+
+Starting in 7.43.0, libcurl fully supports HTTP/2 multiplexing, which is the
+term for doing multiple independent transfers over the same physical TCP
+connection.
+
+To take advantage of multiplexing, you need to use the multi interface and set
+`CURLMOPT_PIPELINING` to `CURLPIPE_MULTIPLEX`. With that bit set, libcurl will
+attempt to re-use existing HTTP/2 connections and just add a new stream over
+that when doing subsequent parallel requests.
+
+While libcurl sets up a connection to a HTTP server there is a period during
+which it doesn't know if it can pipeline or do multiplexing and if you add new
+transfers in that period, libcurl will default to start new connections for
+those transfers. With the new option `CURLOPT_PIPEWAIT` (added in 7.43.0), you
+can ask that a transfer should rather wait and see in case there's a
+connection for the same host in progress that might end up being possible to
+multiplex on. It favours keeping the number of connections low to the cost of
+slightly longer time to first byte transferred.
+
+Applications
+------------
+
+We hide HTTP/2's binary nature and convert received HTTP/2 traffic to headers
+in HTTP 1.1 style. This allows applications to work unmodified.
+
+curl tool
+---------
+
+curl offers the `--http2` command line option to enable use of HTTP/2
+
+HTTP Alternative Services
+-------------------------
+
+Alt-Svc is a suggested extension with a corresponding frame (ALTSVC) in HTTP/2
+that tells the client about an alternative "route" to the same content for the
+same origin server that you get the response from. A browser or long-living
+client can use that hint to create a new connection asynchronously.  For
+libcurl, we may introduce a way to bring such clues to the applicaton and/or
+let a subsequent request use the alternate route
+automatically. [Spec](https://tools.ietf.org/html/draft-ietf-httpbis-alt-svc-05)
+
+TODO
+----
+
+  - Provide API to set priorities / dependencies of individual streams
+
+  - Implement "prior-knowledge" HTTP/2 connecitons over clear text so that
+    curl can connect with HTTP/2 at once without 1.1+Upgrade.
+
--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -173,13 +173,13 @@ Win32
   advice given above.

   KB94248  - How To Use the C Run-Time
-              http://support.microsoft.com/kb/94248/en-us
+              https://support.microsoft.com/kb/94248/en-us

   KB140584 - How to link with the correct C Run-Time (CRT) library
-              http://support.microsoft.com/kb/140584/en-us
+              https://support.microsoft.com/kb/140584/en-us

   KB190799 - Potential Errors Passing CRT Objects Across DLL Boundaries
-              http://msdn.microsoft.com/en-us/library/ms235460
+              https://msdn.microsoft.com/en-us/library/ms235460

   If your app is misbehaving in some strange way, or it is suffering
   from memory corruption, before asking for further help, please try
@@ -209,8 +209,8 @@ Win32
   environment variables, for example:

     set ZLIB_PATH=c:\zlib-1.2.8
-     set OPENSSL_PATH=c:\openssl-0.9.8zc
-     set LIBSSH2_PATH=c:\libssh2-1.4.3
+     set OPENSSL_PATH=c:\openssl-1.0.2c
+     set LIBSSH2_PATH=c:\libssh2-1.6.0

   ATTENTION: if you want to build with libssh2 support you have to use latest
   version 0.17 - previous versions will NOT work with 7.17.0 and later!
@@ -232,7 +232,7 @@ Win32
   - optional MingW32-built OpenLDAP SDK available from:
     http://www.gknw.net/mirror/openldap/
   - optional recent Novell CLDAP SDK available from:
-     http://developer.novell.com/ndk/cldap.htm
+     https://www.novell.com/developer/ndk/ldap_libraries_for_c.html

   Cygwin
   ------
@@ -254,7 +254,7 @@ Win32
   If you use MSVC 6 it is required that you use the February 2003 edition of
   the 'Platform SDK' which can be downloaded from:

-   http://www.microsoft.com/en-us/download/details.aspx?id=12261
+   https://www.microsoft.com/en-us/download/details.aspx?id=12261

   Building any software with MSVC 6 without having PSDK installed is just
   asking for trouble down the road once you have released it, you might notice
@@ -263,7 +263,7 @@ Win32
   software built in such way will at some point regret having done so.

   If the compiler has been updated with the installation of a service pack as
-   those mentioned in http://support.microsoft.com/kb/194022 the compiler can be
+   those mentioned in https://support.microsoft.com/kb/194022 the compiler can be
   safely used to read source code, translate and make it object code.

   But, even with the service packs mentioned above installed, the resulting
@@ -299,7 +299,7 @@ Win32
   Then run 'nmake vc' in curl's root directory.

   If you want to compile with zlib support, you will need to build
-   zlib (http://www.gzip.org/zlib/) as well. Please read the zlib
+   zlib (http://www.zlib.net/) as well. Please read the zlib
   documentation on how to compile zlib. Define the ZLIB_PATH environment
   variable to the location of zlib.h and zlib.lib, for example:

@@ -471,6 +471,15 @@ Win32
   add '-DCURL_STATICLIB' to your CFLAGS.  Otherwise the linker will look for
   dynamic import symbols.

+   Legacy Windows and SSL
+   ----------------------
+   WinSSL (Windows SSPI, more specifically Schannel), is the native SSL library
+   that comes with the Windows OS. WinSSL in Windows <= XP is not able to
+   connect to servers that no longer support the legacy handshakes and
+   algorithms used by those versions. If you will be using curl in one of those
+   earlier versions of Windows you should choose another SSL backend like
+   OpenSSL.
+
 Apple iOS and Mac OS X
 ======================

@@ -665,12 +674,10 @@ NetWare
   - gnu make and awk running on the platform you compile on;
     native Win32 versions can be downloaded from:
     http://www.gknw.net/development/prgtools/
-   - recent Novell LibC SDK available from:
-     http://developer.novell.com/ndk/libc.htm
-   - or recent Novell CLib SDK available from:
-     http://developer.novell.com/ndk/clib.htm
+   - recent Novell LibC or Novell CLib SDK available from:
+     https://www.novell.com/developer/ndk/
   - optional recent Novell CLDAP SDK available from:
-     http://developer.novell.com/ndk/cldap.htm
+     https://www.novell.com/developer/ndk/ldap_libraries_for_c.html
   - optional zlib sources (static or dynamic linking with zlib.imp);
     sources with NetWare Makefile can be obtained from:
     http://www.gknw.net/mirror/zlib/
@@ -825,7 +832,7 @@ VxWorks

   To build libcurl for VxWorks you need:

-      - CYGWIN (free, http://cygwin.com/)
+      - CYGWIN (free, https://cygwin.com/)
      - Wind River Workbench (commercial)

   If you have CYGWIN and Workbench installed on you machine
@@ -1086,18 +1093,18 @@ Useful URLs

 axTLS        http://axtls.sourceforge.net/
 c-ares       http://c-ares.haxx.se/
-GNU GSS      http://www.gnu.org/software/gss/
-GnuTLS       http://www.gnu.org/software/gnutls/
-Heimdal      http://www.pdc.kth.se/heimdal/
-libidn       http://www.gnu.org/software/libidn/
+GNU GSS      https://www.gnu.org/software/gss/
+GnuTLS       https://www.gnu.org/software/gnutls/
+Heimdal      http://www.h5l.org/
+libidn       https://www.gnu.org/software/libidn/
 libmetalink  https://launchpad.net/libmetalink/
 libssh2      http://www.libssh2.org/
 MIT Kerberos http://web.mit.edu/kerberos/www/dist/
-NSS          http://www.mozilla.org/projects/security/pki/nss/
+NSS          https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
 OpenLDAP     http://www.openldap.org/
-OpenSSL      http://www.openssl.org/
-PolarSSL     http://polarssl.org/
-yassl        http://www.yassl.com/
+OpenSSL      https://www.openssl.org/
+PolarSSL     https://tls.mbed.org/
+wolfSSL      https://www.wolfssl.com/wolfSSL/
 Zlib         http://www.zlib.net/

 MingW        http://www.mingw.org/
--- a/docs/INSTALL.devcpp
+++ b/docs/INSTALL.devcpp
@@ -95,7 +95,7 @@ install instructions may produce erratic behaviour in DevCpp. For further info
 check the following sites

 http://aditsu.freeunixhost.com/dev-cpp-faq.html
-http://sourceforge.net/forum/message.php?msg_id=3252213
+https://sourceforge.net/p/dev-cpp/discussion/48211/thread/2a85ea46

 As I have mentioned before I will confine this to the SSL Library compilations
 but the process is very similar for compilation of the executable - curl.exe;
--- a/docs/INTERNALS
+++ b/docs/INTERNALS
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -3,6 +3,15 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!

+90. IMAP "SEARCH ALL" truncates output on large boxes. "A quick search of the
+  code reveals that pingpong.c contains some truncation code, at line 408,
+  when it deems the server response to be too large truncating it to 40
+  characters"
+  http://curl.haxx.se/bug/view.cgi?id=1366
+
+89. Disabling HTTP Pipelining when there are ongoing transfers can lead to
+  heap corruption and crash. http://curl.haxx.se/bug/view.cgi?id=1411
+
 88. libcurl doesn't support CURLINFO_FILETIME for SFTP transfers and thus
  curl's -R option also doesn't work then.

@@ -88,7 +97,7 @@ may have been fixed since this was written!
  something beyond ascii but currently libcurl will only pass in the verbatim
  string the app provides. There are several browsers that already do this
  encoding. The key seems to be the updated draft to RFC2231:
-  http://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02
+  https://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02

 66. When using telnet, the time limitation options don't work.
  http://curl.haxx.se/bug/view.cgi?id=846
--- a/docs/LIBCURL-STRUCTS
+++ b/docs/LIBCURL-STRUCTS
@@ -1,245 +0,0 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
-Structs in libcurl
-
-This document should cover 7.32.0 pretty accurately, but will make sense even
-for older and later versions as things don't change drastically that often.
-
- 1. The main structs in libcurl
-  1.1 SessionHandle
-  1.2 connectdata
-  1.3 Curl_multi
-  1.4 Curl_handler
-  1.5 conncache
-  1.6 Curl_share
-  1.7 CookieInfo
-
-==============================================================================
-
-1. The main structs in libcurl
-
-  1.1 SessionHandle
-
-  The SessionHandle handle struct is the one returned to the outside in the
-  external API as a "CURL *". This is usually known as an easy handle in API
-  documentations and examples.
-
-  Information and state that is related to the actual connection is in the
-  'connectdata' struct. When a transfer is about to be made, libcurl will
-  either create a new connection or re-use an existing one. The particular
-  connectdata that is used by this handle is pointed out by
-  SessionHandle->easy_conn.
-
-  Data and information that regard this particular single transfer is put in
-  the SingleRequest sub-struct.
-
-  When the SessionHandle struct is added to a multi handle, as it must be in
-  order to do any transfer, the ->multi member will point to the Curl_multi
-  struct it belongs to. The ->prev and ->next members will then be used by the
-  multi code to keep a linked list of SessionHandle structs that are added to
-  that same multi handle. libcurl always uses multi so ->multi *will* point to
-  a Curl_multi when a transfer is in progress.
-
-  ->mstate is the multi state of this particular SessionHandle. When
-  multi_runsingle() is called, it will act on this handle according to which
-  state it is in. The mstate is also what tells which sockets to return for a
-  specific SessionHandle when curl_multi_fdset() is called etc.
-
-  The libcurl source code generally use the name 'data' for the variable that
-  points to the SessionHandle.
-
-
-  1.2 connectdata
-
-  A general idea in libcurl is to keep connections around in a connection
-  "cache" after they have been used in case they will be used again and then
-  re-use an existing one instead of creating a new as it creates a significant
-  performance boost.
-
-  Each 'connectdata' identifies a single physical connection to a server. If
-  the connection can't be kept alive, the connection will be closed after use
-  and then this struct can be removed from the cache and freed.
-
-  Thus, the same SessionHandle can be used multiple times and each time select
-  another connectdata struct to use for the connection. Keep this in mind, as
-  it is then important to consider if options or choices are based on the
-  connection or the SessionHandle.
-
-  Functions in libcurl will assume that connectdata->data points to the
-  SessionHandle that uses this connection.
-
-  As a special complexity, some protocols supported by libcurl require a
-  special disconnect procedure that is more than just shutting down the
-  socket. It can involve sending one or more commands to the server before
-  doing so. Since connections are kept in the connection cache after use, the
-  original SessionHandle may no longer be around when the time comes to shut
-  down a particular connection. For this purpose, libcurl holds a special
-  dummy 'closure_handle' SessionHandle in the Curl_multi struct to 
-
-  FTP uses two TCP connections for a typical transfer but it keeps both in
-  this single struct and thus can be considered a single connection for most
-  internal concerns.
-
-  The libcurl source code generally use the name 'conn' for the variable that
-  points to the connectdata.
-
-
-  1.3 Curl_multi
-
-  Internally, the easy interface is implemented as a wrapper around multi
-  interface functions. This makes everything multi interface.
-
-  Curl_multi is the multi handle struct exposed as "CURLM *" in external APIs.
-
-  This struct holds a list of SessionHandle structs that have been added to
-  this handle with curl_multi_add_handle(). The start of the list is ->easyp
-  and ->num_easy is a counter of added SessionHandles.
-
-  ->msglist is a linked list of messages to send back when
-  curl_multi_info_read() is called. Basically a node is added to that list
-  when an individual SessionHandle's transfer has completed.
-
-  ->hostcache points to the name cache. It is a hash table for looking up name
-  to IP. The nodes have a limited life time in there and this cache is meant
-  to reduce the time for when the same name is wanted within a short period of
-  time.
-
-  ->timetree points to a tree of SessionHandles, sorted by the remaining time
-  until it should be checked - normally some sort of timeout. Each
-  SessionHandle has one node in the tree.
-
-  ->sockhash is a hash table to allow fast lookups of socket descriptor to
-  which SessionHandle that uses that descriptor. This is necessary for the
-  multi_socket API.
-
-  ->conn_cache points to the connection cache. It keeps track of all
-  connections that are kept after use. The cache has a maximum size.
-
-  ->closure_handle is described in the 'connectdata' section.
-
-  The libcurl source code generally use the name 'multi' for the variable that
-  points to the Curl_multi struct.
-
-
-  1.4 Curl_handler
-
-  Each unique protocol that is supported by libcurl needs to provide at least
-  one Curl_handler struct. It defines what the protocol is called and what
-  functions the main code should call to deal with protocol specific issues.
-  In general, there's a source file named [protocol].c in which there's a
-  "struct Curl_handler Curl_handler_[protocol]" declared. In url.c there's
-  then the main array with all individual Curl_handler structs pointed to from
-  a single array which is scanned through when a URL is given to libcurl to
-  work with.
-
-  ->scheme is the URL scheme name, usually spelled out in uppercase. That's
-  "HTTP" or "FTP" etc. SSL versions of the protcol need its own Curl_handler
-  setup so HTTPS separate from HTTP.
-
-  ->setup_connection is called to allow the protocol code to allocate protocol
-  specific data that then gets associated with that SessionHandle for the rest
-  of this transfer. It gets freed again at the end of the transfer. It will be
-  called before the 'connectdata' for the transfer has been selected/created.
-  Most protocols will allocate its private 'struct [PROTOCOL]' here and assign
-  SessionHandle->req.protop to point to it.
-
-  ->connect_it allows a protocol to do some specific actions after the TCP
-  connect is done, that can still be considered part of the connection phase.
-
-  Some protocols will alter the connectdata->recv[] and connectdata->send[]
-  function pointers in this function.
-
-  ->connecting is similarly a function that keeps getting called as long as the
-  protocol considers itself still in the connecting phase.
-
-  ->do_it is the function called to issue the transfer request. What we call
-  the DO action internally. If the DO is not enough and things need to be kept
-  getting done for the entire DO sequence to complete, ->doing is then usually
-  also provided. Each protocol that needs to do multiple commands or similar
-  for do/doing need to implement their own state machines (see SCP, SFTP,
-  FTP). Some protocols (only FTP and only due to historical reasons) has a
-  separate piece of the DO state called DO_MORE.
-
-  ->doing keeps getting called while issuing the transfer request command(s)
-
-  ->done gets called when the transfer is complete and DONE. That's after the
-  main data has been transferred.
-
-  ->do_more gets called during the DO_MORE state. The FTP protocol uses this
-  state when setting up the second connection.
-
-  ->proto_getsock
-  ->doing_getsock
-  ->domore_getsock
-  ->perform_getsock
-  Functions that return socket information. Which socket(s) to wait for which
-  action(s) during the particular multi state.
-
-  ->disconnect is called immediately before the TCP connection is shutdown.
-
-  ->readwrite gets called during transfer to allow the protocol to do extra
-  reads/writes
-
-  ->defport is the default report TCP or UDP port this protocol uses
-
-  ->protocol is one or more bits in the CURLPROTO_* set. The SSL versions have
-  their "base" protocol set and then the SSL variation. Like "HTTP|HTTPS".
-
-  ->flags is a bitmask with additional information about the protocol that will
-  make it get treated differently by the generic engine:
-
-    PROTOPT_SSL - will make it connect and negotiate SSL
-
-    PROTOPT_DUAL - this protocol uses two connections
-
-    PROTOPT_CLOSEACTION - this protocol has actions to do before closing the
-    connection. This flag is no longer used by code, yet still set for a bunch
-    protocol handlers.
-  
-    PROTOPT_DIRLOCK - "direction lock". The SSH protocols set this bit to
-    limit which "direction" of socket actions that the main engine will
-    concern itself about.
-
-    PROTOPT_NONETWORK - a protocol that doesn't use network (read file:)
-
-    PROTOPT_NEEDSPWD - this protocol needs a password and will use a default
-    one unless one is provided
-
-    PROTOPT_NOURLQUERY - this protocol can't handle a query part on the URL
-    (?foo=bar)
-
-
-  1.5 conncache
-
-  Is a hash table with connections for later re-use. Each SessionHandle has
-  a pointer to its connection cache. Each multi handle sets up a connection
-  cache that all added SessionHandles share by default.
-
-
-  1.6 Curl_share
-  
-  The libcurl share API allocates a Curl_share struct, exposed to the external
-  API as "CURLSH *".
-
-  The idea is that the struct can have a set of own versions of caches and
-  pools and then by providing this struct in the CURLOPT_SHARE option, those
-  specific SessionHandles will use the caches/pools that this share handle
-  holds.
-
-  Then individual SessionHandle structs can be made to share specific things
-  that they otherwise wouldn't, such as cookies.
-
-  The Curl_share struct can currently hold cookies, DNS cache and the SSL
-  session cache.
-
-  
-  1.7 CookieInfo
-
-  This is the main cookie struct. It holds all known cookies and related
-  information. Each SessionHandle has its own private CookieInfo even when
-  they are added to a multi handle. They can be made to share cookies by using
-  the share API.
--- a/docs/LICENSE-MIXING
+++ b/docs/LICENSE-MIXING
@@ -23,29 +23,29 @@ libcurl http://curl.haxx.se/docs/copyright.html
        Uses an MIT (or Modified BSD)-style license that is as liberal as
        possible.

-OpenSSL http://www.openssl.org/source/license.html
+OpenSSL https://www.openssl.org/source/license.html

        (May be used for SSL/TLS support) Uses an Original BSD-style license
        with an announcement clause that makes it "incompatible" with GPL. You
        are not allowed to ship binaries that link with OpenSSL that includes
        GPL code (unless that specific GPL code includes an exception for
        OpenSSL - a habit that is growing more and more common). If OpenSSL's
-        licensing is a problem for you, consider using GnuTLS or yassl
-        instead.
+        licensing is a problem for you, consider using another TLS library.

 GnuTLS  http://www.gnutls.org/

        (May be used for SSL/TLS support) Uses the LGPL[3] license. If this is
-        a problem for you, consider using OpenSSL instead. Also note that
+        a problem for you, consider using another TLS library. Also note that
        GnuTLS itself depends on and uses other libs (libgcrypt and
        libgpg-error) and they too are LGPL- or GPL-licensed.

-yassl   http://www.yassl.com/
+WolfSSL   https://www.wolfssl.com/

-        (May be used for SSL/TLS support) Uses the GPL[1] license. If this is
-        a problem for you, consider using OpenSSL or GnuTLS instead.
+        (May be used for SSL/TLS support) Uses the GPL[1] license or a
+        propietary license. If this is a problem for you, consider using
+        another TLS library.

-NSS     http://www.mozilla.org/projects/security/pki/nss/
+NSS     https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS

        (May be used for SSL/TLS support) Is covered by the MPL[4] license,
        the GPL[1] license and the LGPL[3] license. You may choose to license
@@ -57,13 +57,29 @@ axTLS   http://axtls.sourceforge.net/

        (May be used for SSL/TLS support) Uses a Modified BSD-style license.

+mbedTLS https://tls.mbed.org/
+
+        (May be used for SSL/TLS support) Uses the GPL[1] license or a
+        propietary license. If this is a problem for you, consider using
+        another TLS library.
+
+BoringSSL https://boringssl.googlesource.com/
+
+        (May be used for SSL/TLS support) As an OpenSSL fork, it has the same
+        license as that.
+
+libressl http://www.libressl.org/
+
+        (May be used for SSL/TLS support) As an OpenSSL fork, it has the same
+        license as that.
+
 c-ares  http://daniel.haxx.se/projects/c-ares/license.html

        (Used for asynchronous name resolves) Uses an MIT license that is very
        liberal and imposes no restrictions on any other library or part you
        may link with.

-zlib    http://www.gzip.org/zlib/zlib_license.html
+zlib    http://www.zlib.net/zlib_license.html

        (Used for compressed Transfer-Encoding support) Uses an MIT-style
        license that shouldn't collide with any other library.
@@ -73,12 +89,12 @@ MIT Kerberos http://web.mit.edu/kerberos/www/dist/
        (May be used for GSS support) MIT licensed, that shouldn't collide
        with any other parts.

-Heimdal http://www.pdc.kth.se/heimdal/
+Heimdal http://www.h5l.org

        (May be used for GSS support) Heimdal is Original BSD licensed with
        the announcement clause.

-GNU GSS http://www.gnu.org/software/gss/
+GNU GSS https://www.gnu.org/software/gss/

        (May be used for GSS support) GNU GSS is GPL licensed. Note that you
        may not distribute binary curl packages that uses this if you build
@@ -105,10 +121,10 @@ libssh2 http://www.libssh2.org/
        (Used for scp and sftp support) libssh2 uses a Modified BSD-style
        license.

-[1] = GPL - GNU General Public License: http://www.gnu.org/licenses/gpl.html
-[2] = http://www.fsf.org/licenses/gpl-faq.html#GPLIncompatibleLibs details on
+[1] = GPL - GNU General Public License: https://www.gnu.org/licenses/gpl.html
+[2] = https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs details on
      how to write such an exception to the GPL
 [3] = LGPL - GNU Lesser General Public License:
-      http://www.gnu.org/licenses/lgpl.html
+      https://www.gnu.org/licenses/lgpl.html
 [4] = MPL - Mozilla Public License:
-      http://www.mozilla.org/MPL/
+      https://www.mozilla.org/MPL/
--- a/docs/MAIL-ETIQUETTE
+++ b/docs/MAIL-ETIQUETTE
@@ -230,7 +230,7 @@ MAIL ETIQUETTE
  Quote as little as possible. Just enough to provide the context you cannot
  leave out. A lengthy description can be found here:

-      http://www.netmeister.org/news/learn2quote.html
+      https://www.netmeister.org/news/learn2quote.html

  2.7 Digest

--- a/docs/MANUAL
+++ b/docs/MANUAL
@@ -470,8 +470,8 @@ COOKIES
  stored cookies which match the request as it follows the location.  The
  file "empty.txt" may be a nonexistent file.

-  Alas, to both read and write cookies from a netscape cookie file, you can
-  set both -b and -c to use the same file:
+  To read and write cookies from a netscape cookie file, you can set both -b
+  and -c to use the same file:

        curl -b cookies.txt -c cookies.txt www.example.com

--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -37,8 +37,8 @@ EXTRA_DIST = MANUAL BUGS CONTRIBUTE FAQ FEATURES INTERNALS SSLCERTS	 \
 README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS	 \
 KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY INSTALL		 \
 $(PDFPAGES) LICENSE-MIXING README.netware DISTRO-DILEMMA INSTALL.devcpp \
- MAIL-ETIQUETTE HTTP-COOKIES LIBCURL-STRUCTS SECURITY RELEASE-PROCEDURE  \
- SSL-PROBLEMS
+ MAIL-ETIQUETTE HTTP-COOKIES SECURITY RELEASE-PROCEDURE  \
+ SSL-PROBLEMS HTTP2.md ROADMAP.md

 MAN2HTML= roffit < $< >$@

--- a/docs/RELEASE-PROCEDURE
+++ b/docs/RELEASE-PROCEDURE
@@ -1,9 +1,3 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
 curl release procedure - how to do a release
 ============================================

@@ -84,11 +78,12 @@ Coming dates
 Based on the description above, here are some planned release dates (at the
 time of this writing):

- November 5, 2014 (version 7.39.0)
- December 31, 2014
- February 25, 2015
- April 22, 2015
- June 17, 2015
+- June 17, 2015 (version 7.43.0)
 - August 12, 2015
 - October 7, 2015
 - December 2, 2015
+- January 27, 2016
+- March 23, 2016
+- May 18, 2016
+- July 13, 2016
+- September 7, 2016
--- a/docs/ROADMAP.md
+++ b/docs/ROADMAP.md
@@ -5,44 +5,100 @@ Roadmap of things Daniel Stenberg and Steve Holme want to work on next. It is
 intended to serve as a guideline for others for information, feedback and
 possible participation.

-New stuff - libcurl
+HTTP/2
+------
+
+- test suite
+
+   Base this on existing nghttp2 server to start with to make functional
+   tests. Later on we can adopt that code or work with nghttp2 to provide ways
+   to have the http2 server respond with broken responses to make sure we deal
+   with that nicely as well.
+
+   To decide: if we need to bundle parts of the nghttp2 stuff that probably
+   won't be shipped by many distros.
+
+- stream properties API
+
+   Provide options for setting priorities and dependencies among the streams
+   (easy handles). They are mostly information set for the stream and sent to
+   the server so we don't have to add much logic for this.
+
+- server push
+
+   Not exactly clear exactly how to support this API-wise, but by adding
+   handles without asking for a resource it could be a way to be prepared to
+   receive pushes in case such are sent. We probably need it to still specify
+   a URL with host name, port etc but we probably need a special option to
+   tell libcurl it is for server push purposes.
+
+- provide option for HTTP/2 "prior knowledge" over clear text
+
+   As it would avoid the roundtrip-heavy Upgrade: procedures when you _know_
+   it speaks HTTP/2.
+
+- provide option to allow curl to default to HTTP/2 only when using HTTPS
+
+   We could switch on HTTP/2 by-default for HTTPS quite easily and it
+   shouldn't hurt anyone, while HTTP/2 for HTTP by default could introduce
+   lots of Upgrade: roundtrips that users won't like. So a separated option
+   alternative makes sense.
+
+SRV records
+-----------
+
+How to find services for specific domains/hosts.
+
+HTTPS to proxy
+--------------
+
+To avoid network traffic to/from the proxy getting snooped on.
+
+curl_formadd()
+--------------
+
+make sure there's an easy handle passed in to `curl_formadd()`,
+`curl_formget()` and `curl_formfree()` by adding replacement functions and
+deprecating the old ones to allow custom mallocs and more
+
+third-party SASL
+----------------
+
+add support for third-party SASL libraries such as Cyrus SASL - may need to
+move existing native and SSPI based authentication into vsasl folder after
+reworking HTTP and SASL code
+
+SASL authentication in LDAP
+---------------------------
+
+...
+
+Simplify the SMTP email
+-----------------------
+
+Simplify the SMTP email interface so that programmers don't have to
+construct the body of an email that contains all the headers, alternative
+content, images and attachments - maintain raw interface so that
+programmers that want to do this can
+
+email capabilities
+------------------
+
+Allow the email protocols to return the capabilities before
+authenticating. This will allow an application to decide on the best
+authentication mechanism
+
+Win32 pthreads
+--------------
+
+Allow Windows threading model to be replaced by Win32 pthreads port
+
+dynamic buffer size
 -------------------

-1. HTTP/2
-
- - test suite
- - http2 multiplexing/pipelining
- - provide option for HTTP/2 "prior knowledge" over clear text
- - provide option to allow curl to default to HTTP/2 only when using HTTPS
-
-2. SRV records
-
-3. HTTPS to proxy
-
-4. make sure there's an easy handle passed in to `curl_formadd()`,
-   `curl_formget()` and `curl_formfree()` by adding replacement functions and
-   deprecating the old ones to allow custom mallocs and more
-
-5. add support for third-party SASL libraries such as Cyrus SASL - may need to
-   move existing native and SSPI based authentication into vsasl folder after
-   reworking HTTP and SASL code
-
-6. SASL authentication in LDAP
-
-7. Simplify the SMTP email interface so that programmers don't have to
-   construct the body of an email that contains all the headers, alternative
-   content, images and attachments - maintain raw interface so that
-   programmers that want to do this can
-
-8. Allow the email protocols to return the capabilities before
-    authenticating. This will allow an application to decide on the best
-    authentication mechanism
-
-9. Allow Windows threading model to be replaced by Win32 pthreads port
-
-10. Implement a dynamic buffer size to allow SFTP to use much larger buffers
-    and possibly allow the size to be customizable by applications. Use less
-    memory when handles are not in use?
+Implement a dynamic buffer size to allow SFTP to use much larger buffers and
+possibly allow the size to be customizable by applications. Use less memory
+when handles are not in use?

 New stuff - curl
 ----------------
--- a/docs/SSL-PROBLEMS
+++ b/docs/SSL-PROBLEMS
@@ -53,7 +53,7 @@ SSL ciphers

  References:

-  http://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01
+  https://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01
  
 Allow BEAST

--- a/docs/THANKS
+++ b/docs/THANKS
@@ -36,10 +36,13 @@ Alex Suykov
 Alex Vinnik
 Alex aka WindEagle
 Alexander Beedie
+Alexander Dyagilev
+Alexander Elgert
 Alexander Klauer
 Alexander Kourakos
 Alexander Krasnostavsky
 Alexander Lazic
+Alexander Pepper
 Alexander Peslyak
 Alexander Zhuravlev
 Alexey Borzov
@@ -53,6 +56,7 @@ Alona Rossen
 Amol Pattekar
 Amr Shahin
 Anatoli Tubman
+Anders Bakken
 Anders Gustafsson
 Anders Havn
 Andi Jahja
@@ -88,6 +92,7 @@ Andy Serpa
 Andy Tsouladze
 Angus Mackay
 Anthon Pang
+Anthony Avina
 Anthony Bryan
 Anthony G. Basile
 Antoine Calando
@@ -102,6 +107,7 @@ Arnaud Ebalard
 Arthur Murray
 Arve Knudsen
 Arvid Norberg
+Ashish Shukla
 Ask Bjørn Hansen
 Askar Safin
 Ates Goral
@@ -129,6 +135,7 @@ Benoit Neil
 Benoit Sigoure
 Bernard Leak
 Bernhard Reutner-Fischer
+Bert Huijben
 Bertrand Demiddelaer
 Bill Doyle
 Bill Egert
@@ -155,8 +162,10 @@ Brandon Wang
 Brendan Jurd
 Brent Beardsley
 Brian Akins
+Brian Chrisman
 Brian Dessent
 Brian J. Murrell
+Brian Prodoehl
 Brian R Duffy
 Brian Ulm
 Brock Noland
@@ -176,9 +185,11 @@ Catalin Patulea
 Chad Monroe
 Chandrakant Bagul
 Charles Kerr
+Charles Romestant
 Chen Prog
 Chih-Chung Chang
 Chris "Bob Bob"
+Chris Araman
 Chris Combes
 Chris Conlon
 Chris Deidun
@@ -225,6 +236,7 @@ Curt Bogmine
 Cyrill Osterwalder
 Cédric Deltheil
 D. Flinkmann
+Da-Yoon Chung
 Dag Ekengren
 Dagobert Michelsen
 Damian Dixon
@@ -241,6 +253,7 @@ Daniel Black
 Daniel Cater
 Daniel Egger
 Daniel Johnson
+Daniel Melani
 Daniel Mentz
 Daniel Steinberg
 Daniel Stenberg
@@ -302,6 +315,7 @@ Dirk Manske
 Dmitri Shubin
 Dmitriy Sergeyev
 Dmitry Bartsevich
+Dmitry Eremin-Solenikov
 Dmitry Falko
 Dmitry Kurochkin
 Dmitry Popov
@@ -317,6 +331,7 @@ Douglas Kilpatrick
 Douglas R. Horner
 Douglas Steinwand
 Dov Murik
+Drake Arconis
 Duane Cathey
 Duncan Mac-Vicar Prett
 Dustin Boswell
@@ -331,10 +346,12 @@ Edward Rudd
 Edward Sheldrake
 Eelco Dolstra
 Eetu Ojanen
+Egon Eckert
 Eldar Zaitov
 Ellis Pritchard
 Elmira A Semenova
 Emanuele Bovisio
+Emil Lerner
 Emil Romanus
 Emiliano Ida
 Enrico Scholz
@@ -385,6 +402,7 @@ François Charlier
 Fred Machado
 Fred New
 Fred Noz
+Fred Stluka
 Frederic Lepied
 Fredrik Thulin
 Gabriel Kuri
@@ -422,6 +440,7 @@ Glenn Sheridan
 Gordon Marler
 Gorilla Maguila
 Grant Erickson
+Grant Pannell
 Greg Hewgill
 Greg Morse
 Greg Onufer
@@ -440,6 +459,7 @@ Götz Babin-Ebell
 Hamish Mackenzie
 Hang Kin Lau
 Hang Su
+Hanno Böck
 Hanno Kranzhoff
 Hans Steegers
 Hans-Jurgen May
@@ -480,6 +500,7 @@ Immanuel Gregoire
 Ingmar Runge
 Ingo Ralf Blum
 Ingo Wilken
+Isaac Boukris
 Ishan SinghLevett
 Ivo Bellin Salarin
 Jack Zhang
@@ -533,10 +554,12 @@ Jeff Lawson
 Jeff Phillips
 Jeff Pohlmeyer
 Jeff Weber
+Jens Rantil
 Jeremy Friesner
 Jeremy Huddleston
 Jeremy Lin
 Jeroen Koekkoek
+Jeroen Ooms
 Jerome Muffat-Meridol
 Jerome Robert
 Jerome Vouillon
@@ -550,6 +573,7 @@ Jim Drash
 Jim Freeman
 Jim Hollinger
 Jim Meyering
+Jiri Dvorak
 Jiri Hruska
 Jiri Jaburek
 Jiri Malak
@@ -558,6 +582,7 @@ Joe Halpin
 Joe Malicki
 Joe Mason
 Joel Chen
+Joel Depooter
 Jofell Gallardo
 Johan Anderson
 Johan Lantz
@@ -578,6 +603,7 @@ John Kelly
 John Lask
 John Lightsey
 John Marino
+John Marshall
 John McGowan
 John P. McCaskey
 John Suprock
@@ -597,6 +623,7 @@ Jonas Schnelli
 Jonatan Lander
 Jonatan Vela
 Jonathan Cardoso Machado
+Jonathan Cardoso Machado Machado
 Jonathan Hseu
 Jonathan Nieder
 Jongki Suwandi
@@ -694,6 +721,7 @@ Lindley French
 Ling Thio
 Linus Nielsen Feltzing
 Lisa Xu
+Liviu Chircu
 Liza Alenchery
 Lluís Batlle i Rossell
 Loic Dachary
@@ -747,6 +775,7 @@ Mark Salisbury
 Mark Snelling
 Mark Tully
 Markus Duft
+Markus Elfring
 Markus Koetter
 Markus Moeller
 Markus Oberhumer
@@ -775,6 +804,7 @@ Matt Wixson
 Matteo Rocco
 Matthew Blain
 Matthew Clarke
+Matthew Hall
 Matthias Bolte
 Maurice Barnum
 Mauro Iorio
@@ -800,12 +830,14 @@ Michael Mealling
 Michael Mueller
 Michael Osipov
 Michael Smith
+Michael Stapelberg
 Michael Stillwell
 Michael Wallner
 Michal Bonino
 Michal Marek
 Michał Górny
 Michał Kowalczyk
+Michel Promonet
 Michele Bini
 Miguel Angel
 Miguel Diaz
@@ -829,6 +861,7 @@ Mitz Wark
 Mohamed Lrhazi
 Mohammad AlSaleh
 Mohun Biswas
+Mostyn Bramley-Moore
 Myk Taylor
 Nach M. S.
 Nagai H
@@ -870,7 +903,9 @@ Oliver Gondža
 Oliver Kuckertz
 Oliver Schindler
 Olivier Berger
+Oren Souroujon
 Oren Tirosh
+Orgad Shaneh
 Ori Avtalion
 Oscar Koeroo
 Oscar Norlander
@@ -886,6 +921,7 @@ Patricia Muscalu
 Patrick Bihan-Faou
 Patrick McManus
 Patrick Monnerat
+Patrick Rapin
 Patrick Scott
 Patrick Smith
 Patrick Watson
@@ -898,6 +934,7 @@ Paul Marks
 Paul Marquis
 Paul Moore
 Paul Nolan
+Paul Oliver
 Paul Querna
 Paul Saab
 Pavel Cenek
@@ -914,6 +951,7 @@ Peter Heuchert
 Peter Hjalmarsson
 Peter Korsgaard
 Peter Lamberg
+Peter Laser
 Peter O'Gorman
 Peter Pentchev
 Peter Silva
@@ -954,6 +992,7 @@ Quinn Slack
 Radu Simionescu
 Rafa Muyo
 Rafael Sagula
+Rafayel Mkrtchyan
 Rafaël Carré
 Rainer Canavan
 Rainer Jung
@@ -1057,6 +1096,7 @@ Scott Barrett
 Scott Cantor
 Scott Davis
 Scott McCreary
+Sean Boudreau
 Sebastian Rasmussen
 Senthil Raja Velu
 Sergei Nikulov
@@ -1085,6 +1125,7 @@ Stadler Stephan
 Stan van de Burgt
 Stanislav Ivochkin
 Stefan Bühler
+Stefan Eissing
 Stefan Esser
 Stefan Krause
 Stefan Neis
@@ -1099,6 +1140,7 @@ Stephen More
 Sterling Hughes
 Steve Green
 Steve H Truong
+Steve Havelka
 Steve Holme
 Steve Lhomme
 Steve Little
@@ -1129,6 +1171,7 @@ Thomas J. Moore
 Thomas Klausner
 Thomas L. Shinnick
 Thomas Lopatic
+Thomas Ruecker
 Thomas Schwinge
 Thomas Tonino
 Tiit Pikma
@@ -1148,6 +1191,7 @@ Timo Sirainen
 Tinus van den Berg
 Tobias Markus
 Tobias Rundström
+Tobias Stoeckmann
 Toby Peterson
 Todd A Ouska
 Todd Kulesza
@@ -1168,6 +1212,7 @@ Tomas Hoger
 Tomas Mlcoch
 Tomas Pospisek
 Tomas Szepe
+Tomas Tomecek
 Tomasz Kojm
 Tomasz Lacki
 Tommie Gannert
@@ -1195,6 +1240,7 @@ Victor Snezhko
 Vijay Panghal
 Vikram Saxena
 Viktor Szakáts
+Ville Skyttä
 Vilmos Nebehaj
 Vincent Bronner
 Vincent Le Normand
@@ -1227,6 +1273,7 @@ Wouter Van Rooy
 Wu Yongzheng
 Xavier Bouchoux
 Yaakov Selkowitz
+Yamada Yasuharu
 Yang Tse
 Yarram Sunil
 Yasuharu Yamada
--- a/docs/THANKS-filter
+++ b/docs/THANKS-filter
@@ -33,7 +33,8 @@ s/Nick Zitzmann (originally)/Nick Zitzmann/
 s/product-security at Apple//
 s/IT DOES NOT WORK//
 s/Albert Chin/Albert Chin-A-Young/
-s/Paras S/Paras Sethia/
+s/Paras S\z/Paras Sethia/
+s/Paras Sethiaethia/Paras Sethia/
 s/Дмитрий Фалько/Dmitry Falko/
 s/byte_bucket in the #curl IRC channel//
 s/Michal Górny and Anthony G. Basile//
@@ -47,3 +48,5 @@ s/Rodrigo Silva (MestreLion)/Rodrigo Silva/
 s/tetetest tetetest//
 s/Jiří Hruška/Jiri Hruska/
 s/Viktor Szakats/Viktor Szakáts/
+s/Jonathan Cardoso/Jonathan Cardoso Machado/
+s/Linus Nielsen/Linus Nielsen Feltzing/
--- a/docs/TODO
+++ b/docs/TODO
@@ -9,6 +9,11 @@
 Things to do in project cURL. Please tell us what you think, contribute and
 send us patches that improve things!

+ Be aware that these are things that we could do, or have once been considered
+ things we could do. If you want to work on any of these areas, please
+ consider bringing it up for discussions first on the mailing list so that we
+ all agree it is still a good idea for the project!
+
 All bugs documented in the KNOWN_BUGS document are subject for fixing!

 1. libcurl
@@ -20,6 +25,7 @@
 1.7 Detect when called from within callbacks
 1.8 Allow SSL (HTTPS) to proxy
 1.9 Cache negative name resolves
+ 1.10 Support IDNA2008

 2. libcurl - multi interface
 2.1 More non-blocking
@@ -44,6 +50,7 @@
 5.3 Rearrange request header order
 5.4 SPDY
 5.5 auth= in URLs
+ 5.6 Refuse "downgrade" redirects

 6. TELNET
 6.1 ditch stdin
@@ -103,6 +110,9 @@
 17.4 simultaneous parallel transfers
 17.5 provide formpost headers
 17.6 warning when setting an option
+ 17.7 warning when sending binary output to terminal
+ 17.8 offer color-coded HTTP header output
+ 17.9 Choose the name of file in braces for complex URLs

 18. Build
 18.1 roffit
@@ -199,7 +209,7 @@

 To prevent local users from snooping on your traffic to the proxy. Supported
 by Chrome already:
- http://www.chromium.org/developers/design-documents/secure-web-proxy
+ https://www.chromium.org/developers/design-documents/secure-web-proxy

 ...and by Firefox soon:
 https://bugzilla.mozilla.org/show_bug.cgi?id=378637
@@ -209,6 +219,12 @@
 A name resolve that has failed is likely to fail when made again within a
 short period of time. Currently we only cache positive responses.

+1.10 Support IDNA2008
+
+ International Domain Names are supported in libcurl since years back, powered
+ by libidn. libidn implements IDNA2003 which has been superseded by IDNA2008.
+ libidn2 is an existing library offering support for IDNA2008.
+

 2. libcurl - multi interface

@@ -256,7 +272,7 @@
 HOST is a command for a client to tell which host name to use, to offer FTP
 servers named-based virtual hosting:

- http://tools.ietf.org/html/rfc7151
+ https://tools.ietf.org/html/rfc7151

 4.2 Alter passive/active on failure and retry

@@ -340,6 +356,14 @@ This is not detailed in any FTP specification.

 Additionally this should be implemented for proxy base URLs as well.

+5.6 Refuse "downgrade" redirects
+
+ See https://github.com/bagder/curl/issues/226
+
+ Consider a way to tell curl to refuse to "downgrade" protocol with a redirect
+ and/or possibly a bit that refuses redirect to change protocol completely.
+
+
 6. TELNET

 6.1 ditch stdin
@@ -412,7 +436,7 @@ be the same as/similar to FTP.

 11.2 Honor file timestamps

-The timestamp of the transfered file should reflect that of the original file.
+The timestamp of the transferred file should reflect that of the original file.

 11.3 Use NTLMv2

@@ -476,7 +500,7 @@ Currently the SMB authentication uses NTLMv1.

 DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL
 keys and certs over DNS using DNSSEC as an alternative to the CA model.
- http://www.rfc-editor.org/rfc/rfc6698.txt
+ https://www.rfc-editor.org/rfc/rfc6698.txt

 An initial patch was posted by Suresh Krishnaswamy on March 7th 2013
 (http://curl.haxx.se/mail/lib-2013-03/0075.html) but it was a too simple
@@ -506,7 +530,7 @@ Currently the SMB authentication uses NTLMv1.
 Therefore support for the existing -E/--cert and --key options should be
 implemented by supplying a custom certificate to the SChannel APIs, see:
 - Getting a Certificate for Schannel
-   http://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx
+   https://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx

 15.2 Add support for custom server certificate validation

@@ -517,7 +541,7 @@ Currently the SMB authentication uses NTLMv1.
 Therefore support for the existing --cacert or --capath options should be
 implemented by supplying a custom certificate to the SChannel APIs, see:
 - Getting a Certificate for Schannel
-   http://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx
+   https://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx

 15.3 Add support for the --ciphers option

@@ -528,7 +552,7 @@ Currently the SMB authentication uses NTLMv1.
 Therefore support for the existing --ciphers option should be implemented
 by mapping the OpenSSL/GnuTLS cipher suites to the SChannel APIs, see
 - Specifying Schannel Ciphers and Cipher Strengths
-   http://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx
+   https://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx

 16. SASL

@@ -595,6 +619,30 @@ Currently the SMB authentication uses NTLMv1.
  This can be useful to tell when support for a particular feature hasn't been
  compiled into the library.

+17.7 warning when sending binary output to terminal
+
+  Provide a way that prompts the user for confirmation before binary data is
+  sent to the terminal, much in the style 'less' does it.
+
+17.8 offer color-coded HTTP header output
+
+  By offering different color output on the header name and the header
+  contents, they could be made more readable and thus help users working on
+  HTTP services.
+
+17.9 Choose the name of file in braces for complex URLs
+
+  When using braces to download a list of URLs and you use complicated names
+  in the list of alternatives, it could be handy to allow curl to use other
+  names when saving.
+
+  Consider a way to offer that. Possibly like
+  {partURL1:name1,partURL2:name2,partURL3:name3} where the name following the
+  colon is the output name.
+
+  See https://github.com/bagder/curl/issues/221
+
+
 18. Build

 18.1 roffit
--- a/docs/TheArtOfHttpScripting
+++ b/docs/TheArtOfHttpScripting
@@ -22,6 +22,8 @@ The Art Of Scripting HTTP Requests Using Curl
 3. Fetch a page
 3.1 GET
 3.2 HEAD
+ 3.3 Multiple URLs in a single command line
+ 3.4 Multiple HTTP methods in a single command line
 4. HTML forms
 4.1 Forms explained
 4.2 GET
@@ -135,7 +137,7 @@ The Art Of Scripting HTTP Requests Using Curl
 The Uniform Resource Locator format is how you specify the address of a
 particular resource on the Internet. You know these, you've seen URLs like
 http://curl.haxx.se or https://yourbank.com a million times. RFC 3986 is the
- canonical spec.
+ canonical spec. And yeah, the formal name is not URL, it is URI.

 2.2 Host

@@ -192,7 +194,6 @@ The Art Of Scripting HTTP Requests Using Curl
 the associated response. The path is what is to the right side of the slash
 that follows the host name and possibly port number.

-
 3. Fetch a page

 3.1 GET
@@ -223,6 +224,46 @@ The Art Of Scripting HTTP Requests Using Curl
 may see a Content-Length: in the response headers, but there must not be an
 actual body in the HEAD response.

+ 3.3 Multiple URLs in a single command line
+
+ A single curl command line may involve one or many URLs. The most common case
+ is probably to just use one, but you can specify any amount of URLs. Yes
+ any. No limits. You'll then get requests repeated over and over for all the
+ given URLs.
+
+ Example, send two GETs:
+
+    curl http://url1.example.com http://url2.example.com
+
+ If you use --data to POST to the URL, using multiple URLs means that you send
+ that same POST to all the given URLs.
+
+ Example, send two POSTs:
+
+    curl --data name=curl http://url1.example.com http://url2.example.com
+
+
+ 3.4 Multiple HTTP methods in a single command line
+
+ Sometimes you need to operate on several URLs in a single command line and do
+ different HTTP methods on each. For this, you'll enjoy the --next option. It
+ is basically a separator that separates a bunch of options from the next. All
+ the URLs before --next will get the same method and will get all the POST
+ data merged into one.
+
+ When curl reaches the --next on the command line, it'll sort of reset the
+ method and the POST data and allow a new set.
+
+ Perhaps this is best shown with a few examples. To send first a HEAD and then
+ a GET:
+
+   curl -I http://example.com --next http://example.com
+
+ To first send a POST and then a GET:
+
+   curl -d score=10 http://example.com/post.cgi --next http://example.com/results.html
+
+
 4. HTML forms

 4.1 Forms explained
@@ -301,6 +342,10 @@ The Art Of Scripting HTTP Requests Using Curl

        curl --data-urlencode "name=I am Daniel" http://www.example.com

+  If you repeat --data several times on the command line, curl will
+  concatenate all the given data pieces - and put a '&' symbol between each
+  data segment.
+
 4.4 File Upload POST

  Back in late 1995 they defined an additional way to post data over HTTP. It
@@ -585,6 +630,12 @@ The Art Of Scripting HTTP Requests Using Curl

        http://curl.haxx.se/docs/sslcerts.html

+  At times you may end up with your own CA cert store and then you can tell
+  curl to use that to verify the server's certificate:
+
+        curl --cacert ca-bundle.pem https://example.com/
+
+
 11. Custom Request Elements

 11.1 Modify method and headers
@@ -693,7 +744,7 @@ The Art Of Scripting HTTP Requests Using Curl

 14.1 Standards

- RFC 2616 is a must to read if you want in-depth understanding of the HTTP
+ RFC 7230 is a must to read if you want in-depth understanding of the HTTP
 protocol

 RFC 3986 explains the URL syntax
--- a/docs/VERSIONS
+++ b/docs/VERSIONS
@@ -1,22 +1,18 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
 Version Numbers and Releases
+============================

 Curl is not only curl. Curl is also libcurl. They're actually individually
 versioned, but they mostly follow each other rather closely.

 The version numbering is always built up using the same system:

-        X.Y[.Z]
+        X.Y.Z

- Where
-   X is main version number
-   Y is release number
-   Z is patch number
+  - X is main version number
+  - Y is release number
+  - Z is patch number
+
+## Bumping numbers

 One of these numbers will get bumped in each new release. The numbers to the
 right of a bumped number will be reset to zero. If Z is zero, it may not be
@@ -57,4 +53,4 @@ Version Numbers and Releases
 release. It makes comparisons with greater than and less than work.

 This number is also available as three separate defines:
- LIBCURL_VERSION_MAJOR, LIBCURL_VERSION_MINOR and LIBCURL_VERSION_PATCH.
+ `LIBCURL_VERSION_MAJOR`, `LIBCURL_VERSION_MINOR` and `LIBCURL_VERSION_PATCH`.
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -39,8 +39,7 @@ resume, Metalink, and more. As you will see below, the number of features will
 make your head spin!

 curl is powered by libcurl for all transfer-related features. See
-.BR libcurl (3)
-for details.
+\fIlibcurl(3)\fP for details.
 .SH URL
 The URL syntax is protocol-dependent. You'll find a detailed description in
 RFC 3986.
@@ -269,11 +268,11 @@ If this option is used several times, the last one will be used.
 .IP "--ciphers <list of ciphers>"
 (SSL) Specifies which ciphers to use in the connection. The list of ciphers
 must specify valid ciphers. Read up on SSL cipher list details on this URL:
-\fIhttp://www.openssl.org/docs/apps/ciphers.html\fP
+\fIhttps://www.openssl.org/docs/apps/ciphers.html\fP

 NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of NSS
 ciphers is in the NSSCipherSuite entry at this URL:
-\fIhttp://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\fP
+\fIhttps://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\fP

 If this option is used several times, the last one will be used.
 .IP "--compressed"
@@ -315,9 +314,10 @@ presses the submit button. This will cause curl to pass the data to the server
 using the content-type application/x-www-form-urlencoded.  Compare to
 \fI-F, --form\fP.

-\fI-d, --data\fP is the same as \fI--data-ascii\fP. To post data purely binary,
-you should instead use the \fI--data-binary\fP option. To URL-encode the value
-of a form field you may use \fI--data-urlencode\fP.
+\fI-d, --data\fP is the same as \fI--data-ascii\fP. \fI--data-raw\fP is almost
+the same but does not have a special interpretation of the @ character. To
+post data purely binary, you should instead use the \fI--data-binary\fP option.
+To URL-encode the value of a form field you may use \fI--data-urlencode\fP.

 If any of these options is used more than once on the same command line, the
 data pieces specified will be merged together with a separating
@@ -329,7 +329,8 @@ read the data from, or - if you want curl to read the data from
 stdin. Multiple files can also be specified. Posting data from a file
 named 'foobar' would thus be done with \fI--data\fP @foobar. When --data is
 told to read from a file like that, carriage returns and newlines will be
-stripped out.
+stripped out. If you don't want the @ character to have a special
+interpretation use \fI--data-raw\fP instead.
 .IP "-D, --dump-header <file>"
 Write the protocol headers to the specified file.

@@ -354,6 +355,10 @@ and carriage returns are preserved and conversions are never done.

 If this option is used several times, the ones following the first will append
 data as described in \fI-d, --data\fP.
+.IP "--data-raw <data>"
+(HTTP) This posts data similarly to \fI--data\fP but without the special
+interpretation of the @ character. See \fI-d, --data\fP.
+(Added in 7.43.0)
 .IP "--data-urlencode <data>"
 (HTTP) This posts data, similar to the other --data options with the exception
 that this performs URL-encoding. (Added in 7.18.0)
@@ -548,10 +553,10 @@ indicating its identity. A public key is extracted from this certificate and
 if it does not exactly match the public key provided to this option, curl will
 abort the connection before sending or receiving any data.

-This is currently only implemented in the OpenSSL, GnuTLS and GSKit backends.
+Added in 7.39.0 for OpenSSL, GnuTLS and GSKit. Added in 7.43.0 for NSS and
+wolfSSL/CyaSSL. Other SSL backends not supported.

 If this option is used several times, the last one will be used.
-(Added in 7.39.0)
 .IP "--cert-status"
 (SSL) Tells curl to verify the status of the server certificate by using the
 Certificate Status Request (aka. OCSP stapling) TLS extension.
@@ -562,6 +567,16 @@ or no response at all is received, the verification fails.

 This is currently only implemented in the OpenSSL, GnuTLS and NSS backends.
 (Added in 7.41.0)
+.IP "--false-start"
+
+(SSL) Tells curl to use false start during the TLS handshake. False start is a
+mode where a TLS client will start sending application data before verifying
+the server's Finished message, thus saving a round trip when performing a full
+handshake.
+
+This is currently only implemented in the NSS and Secure Transport (on iOS 7.0
+or later, or OS X 10.9 or later) backends.
+(Added in 7.42.0)
 .IP "-f, --fail"
 (HTTP) Fail silently (no output at all) on server errors. This is mostly done
 to better enable scripts etc to better deal with failed attempts. In normal
@@ -651,6 +666,7 @@ curl does one CWD with the full target directory and then operates on the file
 \&"normally" (like in the multicwd case). This is somewhat more standards
 compliant than 'nocwd' but without the full penalty of 'multicwd'.
 .RE
+.IP
 (Added in 7.15.1)
 .IP "--ftp-pasv"
 (FTP) Use passive mode for the data connection. Passive is the internal default
@@ -1043,13 +1059,10 @@ in Metalink file, hash check will fail.
 Makes curl scan the \fI.netrc\fP (\fI_netrc\fP on Windows) file in the user's
 home directory for login name and password. This is typically used for FTP on
 Unix. If used with HTTP, curl will enable user authentication. See
-.BR netrc(4)
-or
-.BR ftp(1)
-for details on the file format. Curl will not complain if that file
-doesn't have the right permissions (it should not be either world- or
-group-readable). The environment variable "HOME" is used to find the home
-directory.
+\fInetrc(5)\fP \fIftp(1)\fP for details on the file format. Curl will not
+complain if that file doesn't have the right permissions (it should not be
+either world- or group-readable). The environment variable "HOME" is used to
+find the home directory.

 A quick and very simple example of how to setup a \fI.netrc\fP to allow curl
 to FTP to the machine host.domain.com with user name \&'myself' and password
@@ -1211,7 +1224,7 @@ i.e "my.host.domain" to specify the machine
 make curl pick the same IP address that is already used for the control
 connection
 .RE
-
+.IP
 If this option is used several times, the last one will be used. Disable the
 use of PORT with \fI--ftp-pasv\fP. Disable the attempt to use the EPRT command
 instead of PORT by using \fI--disable-eprt\fP. EPRT is really PORT++.
@@ -1225,6 +1238,12 @@ available.
 (SSL/SSH) Passphrase for the private key

 If this option is used several times, the last one will be used.
+.IP "--path-as-is"
+Tell curl to not handle sequences of /../ or /./ in the given URL
+path. Normally curl will squash or merge them according to standards but with
+this option set you tell it not to do that.
+
+(Added in 7.42.0)
 .IP "--post301"
 (HTTP) Tells curl to respect RFC 2616/10.3.2 and not convert POST requests
 into GET requests when following a 301 redirection. The non-RFC behaviour is
@@ -1310,6 +1329,11 @@ with a remote host. (Added in 7.17.1)
 .IP "--proxy-ntlm"
 Tells curl to use HTTP NTLM authentication when communicating with the given
 proxy. Use \fI--ntlm\fP for enabling NTLM with a remote host.
+.IP "--proxy-service-name <servicename>"
+This option allows you to change the service name for proxy negotiation.
+
+Examples: --proxy-negotiate proxy-name \fI--proxy-service-name\fP sockd would use
+sockd/proxy-name.  (Added in 7.43.0).
 .IP "--proxy1.0 <proxyhost[:port]>"
 Use the specified HTTP 1.0 proxy. If the port number is not specified, it is
 assumed at port 1080.
@@ -1407,7 +1431,7 @@ specifies 300 bytes from offset 500(H)
 .B 100-199,500-599
 specifies two separate 100-byte ranges(*)(H)
 .RE
-
+.IP
 (*) = NOTE that this will cause the server to reply with a multipart
 response!

@@ -1491,6 +1515,11 @@ terminal/stdout unless you redirect it.
 .IP "--sasl-ir"
 Enable initial response in SASL authentication.
 (Added in 7.31.0)
+.IP "--service-name <servicename>"
+This option allows you to change the service name for SPNEGO.
+
+Examples: --negotiate \fI--service-name\fP sockd would use
+sockd/server-name.  (Added in 7.43.0).
 .IP "-S, --show-error"
 When used with \fI-s\fP it makes curl show an error message if it fails.
 .IP "--ssl"
@@ -1692,7 +1721,7 @@ impossible to use a colon in the user name with this option. The password can,
 still.

 When using Kerberos V5 with a Windows based server you should include the
-Windows domain name in the user name, in order for the server to succesfully
+Windows domain name in the user name, in order for the server to successfully
 obtain a Kerberos Ticket. If you don't then the initial authentication
 handshake may fail.

@@ -1866,7 +1895,7 @@ displayed with millisecond resolution.
 The URL that was fetched last. This is most meaningful if you've told curl
 to follow location: headers.
 .RE
-
+.IP
 If this option is used several times, the last one will be used.
 .IP "-x, --proxy <[protocol://][user:password@]proxyhost[:port]>"
 Use the specified proxy.
@@ -1914,10 +1943,10 @@ alter the way curl behaves. So for example if you want to make a proper HEAD
 request, using -X HEAD will not suffice. You need to use the \fI-I, --head\fP
 option.

-The the method string you set with -X will be used for all requests, which if
-you for example use \fB-L, --location\fP may cause unintended side-effects
-when curl doesn't change request method according to the HTTP 30x response
-codes - and similar.
+The method string you set with -X will be used for all requests, which if you
+for example use \fB-L, --location\fP may cause unintended side-effects when
+curl doesn't change request method according to the HTTP 30x response codes -
+and similar.

 (FTP)
 Specifies a custom FTP command to use instead of LIST when doing file lists
--- a/docs/examples/10-at-a-time.c
+++ b/docs/examples/10-at-a-time.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,9 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
-/* Example application source code using the multi interface to download many
- * files, but with a capped maximum amount of simultaneous transfers.
- *
+/* <DESC>
+ * Source code using the multi interface to download many
+ * files, with a capped maximum amount of simultaneous transfers.
+ * </DESC>
 * Written by Michael Wallner
 */

--- a/docs/examples/Makefile.inc
+++ b/docs/examples/Makefile.inc
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -31,7 +31,8 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \
  pop3-dele pop3-top pop3-stat pop3-noop pop3-ssl pop3-tls pop3-multi      \
  imap-list imap-lsub imap-fetch imap-store imap-append imap-examine       \
  imap-search imap-create imap-delete imap-copy imap-noop imap-ssl         \
-  imap-tls imap-multi url2file sftpget ftpsget postinmemory
+  imap-tls imap-multi url2file sftpget ftpsget postinmemory http2-download \
+  http2-upload http2-serverpush

 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
--- a/docs/examples/Makefile.m32
+++ b/docs/examples/Makefile.m32
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
 ###########################################################################
 #
 ## Makefile for building curl examples with MingW (GCC-3.2 or later)
-## and optionally OpenSSL (0.9.8), libssh2 (1.3), zlib (1.2.5), librtmp (2.3)
+## and optionally OpenSSL (1.0.2a), libssh2 (1.5), zlib (1.2.8), librtmp (2.4)
 ##
 ## Usage:   mingw32-make -f Makefile.m32 CFG=-feature1[-feature2][-feature3][...]
 ## Example: mingw32-make -f Makefile.m32 CFG=-zlib-ssl-spi-winidn
@@ -38,23 +38,23 @@ ZLIB_PATH = ../../../zlib-1.2.8
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8zc
+OPENSSL_PATH = ../../../openssl-1.0.2a
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../../libssh2-1.4.3
+LIBSSH2_PATH = ../../../libssh2-1.5.0
 endif
 # Edit the path below to point to the base of your librtmp package.
 ifndef LIBRTMP_PATH
-LIBRTMP_PATH = ../../../librtmp-2.3
+LIBRTMP_PATH = ../../../librtmp-2.4
 endif
 # Edit the path below to point to the base of your libidn package.
 ifndef LIBIDN_PATH
-LIBIDN_PATH = ../../../libidn-1.18
+LIBIDN_PATH = ../../../libidn-1.30
 endif
 # Edit the path below to point to the base of your MS IDN package.
 # Microsoft Internationalized Domain Names (IDN) Mitigation APIs 1.1
-# http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad6158d7-ddba-416a-9109-07607425a815
+# https://www.microsoft.com/en-us/download/details.aspx?id=734
 ifndef WINIDN_PATH
 WINIDN_PATH = ../../../Microsoft IDN Mitigation APIs
 endif
@@ -62,6 +62,10 @@ endif
 ifndef LDAP_SDK
 LDAP_SDK = c:/novell/ndk/cldapsdk/win32
 endif
+# Edit the path below to point to the base of your nghttp2 package.
+ifndef NGHTTP2_PATH
+NGHTTP2_PATH = ../../../nghttp2-1.0.0
+endif

 PROOT = ../..

@@ -72,14 +76,24 @@ endif

 # Edit the var below to set to your architecture or set environment var.
 ifndef ARCH
-ARCH = w32
+ifeq ($(findstring x86_64,$(shell $(CC) -dumpmachine)),x86_64)
+ARCH    = w64
+else
+ARCH    = w32
+endif
 endif

 CC	= $(CROSSPREFIX)gcc
 CFLAGS	= -g -O2 -Wall
 CFLAGS	+= -fno-strict-aliasing
 ifeq ($(ARCH),w64)
-CFLAGS	+= -D_AMD64_
+CFLAGS	+= -m64 -D_AMD64_
+LDFLAGS += -m64
+RCFLAGS += -F pe-x86-64
+else
+CFLAGS	+= -m32
+LDFLAGS += -m32
+RCFLAGS += -F pe-i386
 endif
 # comment LDFLAGS below to keep debug info
 LDFLAGS	= -s
@@ -158,9 +172,12 @@ ifeq ($(findstring -metalink,$(CFG)),-metalink)
 METALINK = 1
 endif
 ifeq ($(findstring -winssl,$(CFG)),-winssl)
-SCHANNEL = 1
+WINSSL = 1
 SSPI = 1
 endif
+ifeq ($(findstring -nghttp2,$(CFG)),-nghttp2)
+NGHTTP2 = 1
+endif

 INCLUDES = -I. -I$(PROOT) -I$(PROOT)/include -I$(PROOT)/lib

@@ -184,6 +201,10 @@ ifdef RTMP
  CFLAGS += -DUSE_LIBRTMP
  curl_LDADD += -L"$(LIBRTMP_PATH)/librtmp" -lrtmp -lwinmm
 endif
+ifdef NGHTTP2
+  CFLAGS += -DUSE_NGHTTP2
+  curl_LDADD += -L"$(NGHTTP2_PATH)/lib" -lnghttp2
+endif
 ifdef SSH2
  CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H
  curl_LDADD += -L"$(LIBSSH2_PATH)/win32" -lssh2
@@ -204,7 +225,7 @@ ifdef SSL
  ifndef DYN
    OPENSSL_LIBS += -lgdi32 -lcrypt32
  endif
-  CFLAGS += -DUSE_SSLEAY
+  CFLAGS += -DUSE_OPENSSL
  curl_LDADD += -L"$(OPENSSL_LIBPATH)" $(OPENSSL_LIBS)
 endif
 ifdef ZLIB
@@ -223,7 +244,7 @@ endif
 endif
 ifdef SSPI
  CFLAGS += -DUSE_WINDOWS_SSPI
-  ifdef SCHANNEL
+  ifdef WINSSL
    CFLAGS += -DUSE_SCHANNEL
  endif
 endif
--- a/docs/examples/Makefile.netware
+++ b/docs/examples/Makefile.netware
@@ -19,12 +19,12 @@ endif

 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8zc
+OPENSSL_PATH = ../../../openssl-1.0.2a
 endif

 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../../libssh2-1.4.3
+LIBSSH2_PATH = ../../../libssh2-1.5.0
 endif

 # Edit the path below to point to the base of your axTLS package.
@@ -34,12 +34,12 @@ endif

 # Edit the path below to point to the base of your libidn package.
 ifndef LIBIDN_PATH
-LIBIDN_PATH = ../../../libidn-1.18
+LIBIDN_PATH = ../../../libidn-1.30
 endif

 # Edit the path below to point to the base of your librtmp package.
 ifndef LIBRTMP_PATH
-LIBRTMP_PATH = ../../../librtmp-2.3
+LIBRTMP_PATH = ../../../librtmp-2.4
 endif

 # Edit the path below to point to the base of your fbopenssl package.
--- a/docs/examples/anyauthput.c
+++ b/docs/examples/anyauthput.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,6 +19,11 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
+/* <DESC>
+ * HTTP PUT upload with authentiction using "any" method. libcurl picks the
+ * one the server supports/wants.
+ * </DESC>
+ */
 #include <stdio.h>
 #include <fcntl.h>
 #ifdef WIN32
--- a/docs/examples/asiohiper.cpp
+++ b/docs/examples/asiohiper.cpp
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -20,11 +20,11 @@
 *
 ***************************************************************************/

+/* <DESC>
+ * demonstrate the use of multi socket interface with boost::asio
+ * </DESC>
+ */
 /*
- * file: asiohiper.cpp
- * Example program to demonstrate the use of multi socket interface
- * with boost::asio
- *
 * This program is in c++ and uses boost::asio instead of libevent/libev.
 * Requires boost::asio, boost::bind and boost::system
 *
--- a/docs/examples/cacertinmem.c
+++ b/docs/examples/cacertinmem.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,17 +19,11 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
-/* Example using a "in core" PEM certificate to retrieve a https page.
- * Written by Theo Borm
+/* <DESC>
+ * CA cert in memory with OpenSSL to get a HTTPS page.
+ * </DESC>
 */

-/* on a netBSD system with OPENSSL& LIBCURL installed from
- * pkgsrc (using default paths) this program can be compiled using:
- * gcc -I/usr/pkg/include -L/usr/pkg/lib -lcurl -Wl,-R/usr/pkg/lib -lssl
- * -lcrypto -lz -o curlcacerttest curlcacerttest.c
- * on other operating systems you may want to change paths to headers
- * and libraries
-*/
 #include <openssl/ssl.h>
 #include <curl/curl.h>
 #include <stdio.h>
--- a/docs/examples/certinfo.c
+++ b/docs/examples/certinfo.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,6 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
+/* <DESC>
+ * Extract lots of TLS certificate info.
+ * </DESC>
+ */
 #include <stdio.h>

 #include <curl/curl.h>
--- a/docs/examples/chkspeed.c
+++ b/docs/examples/chkspeed.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,6 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
+/* <DESC>
+ * Show transfer timing info after download completes.
+ * </DESC>
+ */
 /* Example source code to show how the callback function can be used to
 * download data into a chunk of memory instead of storing it in a file.
 * After successful download we use curl_easy_getinfo() calls to get the
--- a/docs/examples/cookie_interface.c
+++ b/docs/examples/cookie_interface.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,7 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
-/* This example shows usage of simple cookie interface. */
+/* <DESC>
+ * Import and export cookies with COOKIELIST.
+ * </DESC>
+ */

 #include <stdio.h>
 #include <string.h>
@@ -96,7 +99,12 @@ main(void)
      return 1;
    }

-    /* HTTP-header style cookie */
+    /* HTTP-header style cookie. If you use the Set-Cookie format and don't
+    specify a domain then the cookie is sent for any domain and will not be
+    modified, likely not what you intended. Starting in 7.43.0 any-domain
+    cookies will not be exported either. For more information refer to the
+    CURLOPT_COOKIELIST documentation.
+    */
    snprintf(nline, sizeof(nline),
      "Set-Cookie: OLD_PREF=3d141414bf4209321; "
      "expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.google.com");
--- a/docs/examples/curlgtk.c
+++ b/docs/examples/curlgtk.c
@@ -5,9 +5,12 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
+ *  Copyright (c) 2000 David Odin (aka DindinX) for MandrakeSoft
+ */
+/* <DESC>
+ * use the libcurl in a gtk-threaded application
+ * </DESC>
 */
-/* Copyright (c) 2000 David Odin (aka DindinX) for MandrakeSoft */
-/* an attempt to use the curl library in concert with a gtk-threaded application */

 #include <stdio.h>
 #include <gtk/gtk.h>
--- a/docs/examples/curlx.c
+++ b/docs/examples/curlx.c
@@ -9,7 +9,10 @@
  certificate presented during ssl session establishment.

 */
-
+/* <DESC>
+ * demonstrates use of SSL context callback, requires OpenSSL
+ * </DESC>
+ */

 /*
 * Copyright (c) 2003 The OpenEvidence Project.  All rights reserved.
@@ -490,7 +493,7 @@ int main(int argc, char **argv) {
        BIO_printf(p.errorbio,"the response has a correct mimetype : %s\n",
                   response);
      else
-        BIO_printf(p.errorbio,"the reponse doesn\'t has an acceptable "
+        BIO_printf(p.errorbio,"the response doesn\'t have an acceptable "
                   "mime type, it is %s instead of %s\n",
                   response,mimetypeaccept);
  }
--- a/docs/examples/debug.c
+++ b/docs/examples/debug.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,6 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
+/* <DESC>
+ * Show how CURLOPT_DEBUGFUNCTION can be used.
+ * </DESC>
+ */
 #include <stdio.h>
 #include <curl/curl.h>

--- a/docs/examples/evhiperfifo.c
+++ b/docs/examples/evhiperfifo.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,6 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
+/* <DESC>
+ * multi socket interface together with libev
+ * </DESC>
+ */
 /* Example application source code using the multi socket interface to
 * download many files at once.
 *
--- a/docs/examples/externalsocket.c
+++ b/docs/examples/externalsocket.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,9 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
-/*
- * This is an example demonstrating how an application can pass in a custom
+/* <DESC>
+ * An example demonstrating how an application can pass in a custom
 * socket to libcurl to use. This example also handles the connect itself.
+ * </DESC>
 */
 #include <stdio.h>
 #include <string.h>
--- a/docs/examples/fileupload.c
+++ b/docs/examples/fileupload.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,6 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
+/* <DESC>
+ * Upload to a file:// URL
+ * </DESC>
+ */
 #include <stdio.h>
 #include <curl/curl.h>
 #include <sys/stat.h>
--- a/docs/examples/fopen.c
+++ b/docs/examples/fopen.c
@@ -42,6 +42,10 @@
 *
 * This example requires libcurl 7.9.7 or later.
 */
+/* <DESC>
+ * implements an fopen() abstraction allowing reading from URLs
+ * </DESC>
+ */

 #include <stdio.h>
 #include <string.h>
@@ -108,7 +112,7 @@ static size_t write_callback(char *buffer,
      size=rembuff;
    }
    else {
-      /* realloc suceeded increase buffer size*/
+      /* realloc succeeded increase buffer size*/
      url->buffer_len+=size - rembuff;
      url->buffer=newbuff;
    }
@@ -131,7 +135,7 @@ static int fill_buffer(URL_FILE *file, size_t want)
  CURLMcode mc; /* curl_multi_fdset() return code */

  /* only attempt to fill buffer if transactions still running and buffer
-   * doesnt exceed required size already
+   * doesn't exceed required size already
   */
  if((!file->still_running) || (file->buffer_pos > want))
    return 0;
@@ -205,14 +209,12 @@ static int fill_buffer(URL_FILE *file, size_t want)
 }

 /* use to remove want bytes from the front of a files buffer */
-static int use_buffer(URL_FILE *file,int want)
+static int use_buffer(URL_FILE *file, size_t want)
 {
  /* sort out buffer */
  if((file->buffer_pos - want) <=0) {
    /* ditch buffer - write will recreate */
-    if(file->buffer)
-      free(file->buffer);
-
+    free(file->buffer);
    file->buffer=NULL;
    file->buffer_pos=0;
    file->buffer_len=0;
@@ -231,7 +233,7 @@ static int use_buffer(URL_FILE *file,int want)
 URL_FILE *url_fopen(const char *url,const char *operation)
 {
  /* this code could check for URLs or types in the 'url' and
-     basicly use the real fopen() for standard files */
+     basically use the real fopen() for standard files */

  URL_FILE *file;
  (void)operation;
@@ -302,9 +304,7 @@ int url_fclose(URL_FILE *file)
    break;
  }

-  if(file->buffer)
-    free(file->buffer);/* free any allocated buffer space */
-
+  free(file->buffer);/* free any allocated buffer space */
  free(file);

  return ret;
@@ -379,7 +379,7 @@ char *url_fgets(char *ptr, size_t size, URL_FILE *file)

  switch(file->type) {
  case CFTYPE_FILE:
-    ptr = fgets(ptr,size,file->handle.file);
+    ptr = fgets(ptr, (int)size, file->handle.file);
    break;

  case CFTYPE_CURL:
@@ -435,9 +435,7 @@ void url_rewind(URL_FILE *file)
    curl_multi_add_handle(multi_handle, file->handle.curl);

    /* ditch buffer - write will recreate - resets stream pos*/
-    if(file->buffer)
-      free(file->buffer);
-
+    free(file->buffer);
    file->buffer=NULL;
    file->buffer_pos=0;
    file->buffer_len=0;
@@ -457,7 +455,7 @@ int main(int argc, char *argv[])
  URL_FILE *handle;
  FILE *outf;

-  int nread;
+  size_t nread;
  char buffer[256];
  const char *url;

@@ -505,7 +503,7 @@ int main(int argc, char *argv[])
  }

  do {
-    nread = url_fread(buffer, 1,sizeof(buffer), handle);
+    nread = url_fread(buffer, 1, sizeof(buffer), handle);
    fwrite(buffer,1,nread,outf);
  } while(nread);

--- a/docs/examples/ftp-wildcard.c
+++ b/docs/examples/ftp-wildcard.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,6 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
+/* <DESC>
+ * FTP wildcard pattern matching
+ * </DESC>
+ */
 #include <curl/curl.h>
 #include <stdio.h>

--- a/docs/examples/ftpget.c
+++ b/docs/examples/ftpget.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -23,11 +23,9 @@

 #include <curl/curl.h>

-/*
- * This is an example showing how to get a single file from an FTP server.
- * It delays the actual destination file creation until the first write
- * callback so that it won't create an empty file in case the remote file
- * doesn't exist or something else fails.
+/* <DESC>
+ * Get a single file from an FTP server.
+ * </DESC>
 */

 struct FtpFile {
@@ -53,7 +51,7 @@ int main(void)
  CURL *curl;
  CURLcode res;
  struct FtpFile ftpfile={
-    "curl.tar.gz", /* name to store the file as if succesful */
+    "curl.tar.gz", /* name to store the file as if successful */
    NULL
  };

--- a/docs/examples/ftpgetinfo.c
+++ b/docs/examples/ftpgetinfo.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -24,9 +24,9 @@

 #include <curl/curl.h>

-/*
- * This is an example showing how to check a single file's size and mtime
- * from an FTP server.
+/* <DESC>
+ * Checks a single file's size and mtime from an FTP server.
+ * </DESC>
 */

 static size_t throw_away(void *ptr, size_t size, size_t nmemb, void *data)
--- a/docs/examples/ftpgetresp.c
+++ b/docs/examples/ftpgetresp.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -23,13 +23,11 @@

 #include <curl/curl.h>

-/*
- * Similar to ftpget.c but this also stores the received response-lines
+/* <DESC>
+ * Similar to ftpget.c but also stores the received response-lines
 * in a separate file using our own callback!
- *
- * This functionality was introduced in libcurl 7.9.3.
+ * </DESC>
 */
-
 static size_t
 write_response(void *ptr, size_t size, size_t nmemb, void *data)
 {
--- a/docs/examples/ftpsget.c
+++ b/docs/examples/ftpsget.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -24,11 +24,9 @@

 #include <curl/curl.h>

-/*
- * This is an example showing how to get a single file from an FTPS server.
- * It delays the actual destination file creation until the first write
- * callback so that it won't create an empty file in case the remote file
- * doesn't exist or something else fails.
+/* <DESC>
+ * Get a single file from an FTPS server.
+ * </DESC>
 */

 struct FtpFile {
@@ -55,7 +53,7 @@ int main(void)
  CURL *curl;
  CURLcode res;
  struct FtpFile ftpfile={
-    "yourfile.bin", /* name to store the file as if succesful */
+    "yourfile.bin", /* name to store the file as if successful */
    NULL
  };

--- a/docs/examples/ftpupload.c
+++ b/docs/examples/ftpupload.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -33,11 +33,10 @@
 #include <unistd.h>
 #endif

-/*
- * This example shows an FTP upload, with a rename of the file just after
- * a successful upload.
- *
- * Example based on source code provided by Erick Nuwendam. Thanks!
+/* <DESC>
+ * Performs an FTP upload and renames the file just after a successful
+ * transfer.
+ * </DESC>
 */

 #define LOCAL_FILE      "/tmp/uploadthis.txt"
--- a/docs/examples/ftpuploadresume.c
+++ b/docs/examples/ftpuploadresume.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,13 +19,9 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
-/* Upload to FTP, resuming failed transfers
- *
- * Compile for MinGW like this:
- *  gcc -Wall -pedantic -std=c99 ftpuploadwithresume.c -o ftpuploadresume.exe
- *  -lcurl -lmsvcr70
- *
- * Written by Philip Bock
+/* <DESC>
+ * Upload to FTP, resuming failed transfers.
+ * </DESC>
 */

 #include <stdlib.h>
--- a/docs/examples/getinfo.c
+++ b/docs/examples/getinfo.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,6 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
+/* <DESC>
+ * Use getinfo to get content-type after completed transfer.
+ * </DESC>
+ */
 #include <stdio.h>
 #include <curl/curl.h>

@@ -27,18 +31,14 @@ int main(void)
  CURL *curl;
  CURLcode res;

-  /* http://curl.haxx.se/libcurl/c/curl_easy_init.html */
  curl = curl_easy_init();
  if(curl) {
-    /* http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTURL */
    curl_easy_setopt(curl, CURLOPT_URL, "http://www.example.com/");
-    /* http://curl.haxx.se/libcurl/c/curl_easy_perform.html */
    res = curl_easy_perform(curl);

    if(CURLE_OK == res) {
      char *ct;
      /* ask for the content-type */
-      /* http://curl.haxx.se/libcurl/c/curl_easy_getinfo.html */
      res = curl_easy_getinfo(curl, CURLINFO_CONTENT_TYPE, &ct);

      if((CURLE_OK == res) && ct)
@@ -46,7 +46,6 @@ int main(void)
    }

    /* always cleanup */
-    /* http://curl.haxx.se/libcurl/c/curl_easy_cleanup.html */
    curl_easy_cleanup(curl);
  }
  return 0;
--- a/docs/examples/getinmemory.c
+++ b/docs/examples/getinmemory.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,8 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
-/* Example source code to show how the callback function can be used to
- * download data into a chunk of memory instead of storing it in a file.
+/* <DESC>
+ * Shows how the write callback function can be used to download data into a
+ * chunk of memory instead of storing it in a file.
+ * </DESC>
 */

 #include <stdio.h>
@@ -34,7 +36,6 @@ struct MemoryStruct {
  size_t size;
 };

-
 static size_t
 WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)
 {
@@ -55,7 +56,6 @@ WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)
  return realsize;
 }

-
 int main(void)
 {
  CURL *curl_handle;
@@ -106,8 +106,7 @@ int main(void)
  /* cleanup curl stuff */
  curl_easy_cleanup(curl_handle);

-  if(chunk.memory)
-    free(chunk.memory);
+  free(chunk.memory);

  /* we're done with libcurl, so clean it up */
  curl_global_cleanup();
--- a/docs/examples/ghiper.c
+++ b/docs/examples/ghiper.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,6 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
+/* <DESC>
+ * multi socket API usage together with with glib2
+ * </DESC>
+ */
 /* Example application source code using the multi socket interface to
 * download many files at once.
 *
--- a/docs/examples/hiperfifo.c
+++ b/docs/examples/hiperfifo.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,6 +19,10 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
+/* <DESC>
+ * multi socket API usage with libevent 2
+ * </DESC>
+ */
 /* Example application source code using the multi socket interface to
   download many files at once.

--- a/docs/examples/href_extractor.c
+++ b/docs/examples/href_extractor.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -20,13 +20,13 @@
 *
 ***************************************************************************/

+/* <DESC>
+ * Uses the "Streaming HTML parser" to extract the href pieces in a streaming
+ * manner from a downloaded HTML.
+ * </DESC>
+ */
 /*
- * This example uses the "Streaming HTML parser" to extract the href pieces in
- * a streaming manner from a downloaded HTML. Kindly donated by Michał
- * Kowalczyk.
- *
- * The parser is found at
- * http://code.google.com/p/htmlstreamparser/
+ * The HTML parser is found at http://code.google.com/p/htmlstreamparser/
 */

 #include <stdio.h>
--- a/docs/examples/htmltidy.c
+++ b/docs/examples/htmltidy.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -19,13 +19,12 @@
 * KIND, either express or implied.
 *
 ***************************************************************************/
-/* Download a document and use libtidy to parse the HTML.
- * Written by Jeff Pohlmeyer
- *
+/* <DESC>
+ * Download a document and use libtidy to parse the HTML.
+ * </DESC>
+ */
+/*
 * LibTidy => http://tidy.sourceforge.net
- *
- * gcc -Wall -I/usr/local/include tidycurl.c -lcurl -ltidy -o tidycurl
- *
 */

 #include <stdio.h>
--- a/docs/examples/http2-download.c
+++ b/docs/examples/http2-download.c
@@ -0,0 +1,288 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include <stdio.h>
+#include <stdlib.h>
+
+/* somewhat unix-specific */
+#include <sys/time.h>
+#include <unistd.h>
+
+/* curl stuff */
+#include <curl/curl.h>
+
+#ifndef CURLPIPE_MULTIPLEX
+/* This little trick will just make sure that we don't enable pipelining for
+   libcurls old enough to not have this symbol. It is _not_ defined to zero in
+   a recent libcurl header. */
+#define CURLPIPE_MULTIPLEX 0
+#endif
+
+#define NUM_HANDLES 1000
+
+void *curl_hnd[NUM_HANDLES];
+int num_transfers;
+
+/* a handle to number lookup, highly ineffective when we do many
+   transfers... */
+static int hnd2num(CURL *hnd)
+{
+  int i;
+  for(i=0; i< num_transfers; i++) {
+    if(curl_hnd[i] == hnd)
+      return i;
+  }
+  return 0; /* weird, but just a fail-safe */
+}
+
+static
+void dump(const char *text, int num, unsigned char *ptr, size_t size,
+          char nohex)
+{
+  size_t i;
+  size_t c;
+
+  unsigned int width=0x10;
+
+  if(nohex)
+    /* without the hex output, we can fit more on screen */
+    width = 0x40;
+
+  fprintf(stderr, "%d %s, %ld bytes (0x%lx)\n",
+          num, text, (long)size, (long)size);
+
+  for(i=0; i<size; i+= width) {
+
+    fprintf(stderr, "%4.4lx: ", (long)i);
+
+    if(!nohex) {
+      /* hex not disabled, show it */
+      for(c = 0; c < width; c++)
+        if(i+c < size)
+          fprintf(stderr, "%02x ", ptr[i+c]);
+        else
+          fputs("   ", stderr);
+    }
+
+    for(c = 0; (c < width) && (i+c < size); c++) {
+      /* check for 0D0A; if found, skip past and start a new line of output */
+      if (nohex && (i+c+1 < size) && ptr[i+c]==0x0D && ptr[i+c+1]==0x0A) {
+        i+=(c+2-width);
+        break;
+      }
+      fprintf(stderr, "%c",
+              (ptr[i+c]>=0x20) && (ptr[i+c]<0x80)?ptr[i+c]:'.');
+      /* check again for 0D0A, to avoid an extra \n if it's at width */
+      if (nohex && (i+c+2 < size) && ptr[i+c+1]==0x0D && ptr[i+c+2]==0x0A) {
+        i+=(c+3-width);
+        break;
+      }
+    }
+    fputc('\n', stderr); /* newline */
+  }
+}
+
+static
+int my_trace(CURL *handle, curl_infotype type,
+             char *data, size_t size,
+             void *userp)
+{
+  const char *text;
+  int num = hnd2num(handle);
+  (void)handle; /* prevent compiler warning */
+  (void)userp;
+  switch (type) {
+  case CURLINFO_TEXT:
+    fprintf(stderr, "== %d Info: %s", num, data);
+  default: /* in case a new one is introduced to shock us */
+    return 0;
+
+  case CURLINFO_HEADER_OUT:
+    text = "=> Send header";
+    break;
+  case CURLINFO_DATA_OUT:
+    text = "=> Send data";
+    break;
+  case CURLINFO_SSL_DATA_OUT:
+    text = "=> Send SSL data";
+    break;
+  case CURLINFO_HEADER_IN:
+    text = "<= Recv header";
+    break;
+  case CURLINFO_DATA_IN:
+    text = "<= Recv data";
+    break;
+  case CURLINFO_SSL_DATA_IN:
+    text = "<= Recv SSL data";
+    break;
+  }
+
+  dump(text, num, (unsigned char *)data, size, 1);
+  return 0;
+}
+
+static void setup(CURL *hnd, int num)
+{
+  FILE *out;
+  char filename[128];
+
+  sprintf(filename, "dl-%d", num);
+
+  out = fopen(filename, "wb");
+
+  /* write to this file */
+  curl_easy_setopt(hnd, CURLOPT_WRITEDATA, out);
+
+  /* set the same URL */
+  curl_easy_setopt(hnd, CURLOPT_URL, "https://localhost:8443/index.html");
+
+  /* send it verbose for max debuggaility */
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace);
+
+  /* HTTP/2 please */
+  curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0);
+
+  /* we use a self-signed test server, skip verification during debugging */
+  curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L);
+  curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L);
+
+#if (CURLPIPE_MULTIPLEX > 0)
+  /* wait for pipe connection to confirm */
+  curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L);
+#endif
+
+  curl_hnd[num] = hnd;
+}
+
+/*
+ * Simply download two files over HTTP/2, using the same physical connection!
+ */
+int main(int argc, char **argv)
+{
+  CURL *easy[NUM_HANDLES];
+  CURLM *multi_handle;
+  int i;
+  int still_running; /* keep number of running handles */
+
+  if(argc > 1)
+    /* if given a number, do that many transfers */
+    num_transfers = atoi(argv[1]);
+
+  if(!num_transfers || (num_transfers > NUM_HANDLES))
+    num_transfers = 3; /* a suitable low default */
+
+  /* init a multi stack */
+  multi_handle = curl_multi_init();
+
+  for(i=0; i<num_transfers; i++) {
+    easy[i] = curl_easy_init();
+    /* set options */
+    setup(easy[i], i);
+
+    /* add the individual transfer */
+    curl_multi_add_handle(multi_handle, easy[i]);
+  }
+
+  curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX);
+
+  /* we start some action by calling perform right away */
+  curl_multi_perform(multi_handle, &still_running);
+
+  do {
+    struct timeval timeout;
+    int rc; /* select() return code */
+    CURLMcode mc; /* curl_multi_fdset() return code */
+
+    fd_set fdread;
+    fd_set fdwrite;
+    fd_set fdexcep;
+    int maxfd = -1;
+
+    long curl_timeo = -1;
+
+    FD_ZERO(&fdread);
+    FD_ZERO(&fdwrite);
+    FD_ZERO(&fdexcep);
+
+    /* set a suitable timeout to play around with */
+    timeout.tv_sec = 1;
+    timeout.tv_usec = 0;
+
+    curl_multi_timeout(multi_handle, &curl_timeo);
+    if(curl_timeo >= 0) {
+      timeout.tv_sec = curl_timeo / 1000;
+      if(timeout.tv_sec > 1)
+        timeout.tv_sec = 1;
+      else
+        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+    }
+
+    /* get file descriptors from the transfers */
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
+
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
+
+    switch(rc) {
+    case -1:
+      /* select error */
+      break;
+    case 0:
+    default:
+      /* timeout or readable/writable sockets */
+      curl_multi_perform(multi_handle, &still_running);
+      break;
+    }
+  } while(still_running);
+
+  curl_multi_cleanup(multi_handle);
+
+  for(i=0; i<num_transfers; i++)
+    curl_easy_cleanup(easy[i]);
+
+  return 0;
+}
--- a/docs/examples/http2-serverpush.c
+++ b/docs/examples/http2-serverpush.c
@@ -0,0 +1,313 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include <stdio.h>
+#include <stdlib.h>
+
+/* somewhat unix-specific */
+#include <sys/time.h>
+#include <unistd.h>
+
+/* curl stuff */
+#include <curl/curl.h>
+
+#ifndef CURLPIPE_MULTIPLEX
+#error "too old libcurl, can't do HTTP/2 server push!"
+#endif
+
+static
+void dump(const char *text, unsigned char *ptr, size_t size,
+          char nohex)
+{
+  size_t i;
+  size_t c;
+
+  unsigned int width=0x10;
+
+  if(nohex)
+    /* without the hex output, we can fit more on screen */
+    width = 0x40;
+
+  fprintf(stderr, "%s, %ld bytes (0x%lx)\n",
+          text, (long)size, (long)size);
+
+  for(i=0; i<size; i+= width) {
+
+    fprintf(stderr, "%4.4lx: ", (long)i);
+
+    if(!nohex) {
+      /* hex not disabled, show it */
+      for(c = 0; c < width; c++)
+        if(i+c < size)
+          fprintf(stderr, "%02x ", ptr[i+c]);
+        else
+          fputs("   ", stderr);
+    }
+
+    for(c = 0; (c < width) && (i+c < size); c++) {
+      /* check for 0D0A; if found, skip past and start a new line of output */
+      if (nohex && (i+c+1 < size) && ptr[i+c]==0x0D && ptr[i+c+1]==0x0A) {
+        i+=(c+2-width);
+        break;
+      }
+      fprintf(stderr, "%c",
+              (ptr[i+c]>=0x20) && (ptr[i+c]<0x80)?ptr[i+c]:'.');
+      /* check again for 0D0A, to avoid an extra \n if it's at width */
+      if (nohex && (i+c+2 < size) && ptr[i+c+1]==0x0D && ptr[i+c+2]==0x0A) {
+        i+=(c+3-width);
+        break;
+      }
+    }
+    fputc('\n', stderr); /* newline */
+  }
+}
+
+static
+int my_trace(CURL *handle, curl_infotype type,
+             char *data, size_t size,
+             void *userp)
+{
+  const char *text;
+  (void)handle; /* prevent compiler warning */
+  (void)userp;
+  switch (type) {
+  case CURLINFO_TEXT:
+    fprintf(stderr, "== Info: %s", data);
+  default: /* in case a new one is introduced to shock us */
+    return 0;
+
+  case CURLINFO_HEADER_OUT:
+    text = "=> Send header";
+    break;
+  case CURLINFO_DATA_OUT:
+    text = "=> Send data";
+    break;
+  case CURLINFO_SSL_DATA_OUT:
+    text = "=> Send SSL data";
+    break;
+  case CURLINFO_HEADER_IN:
+    text = "<= Recv header";
+    break;
+  case CURLINFO_DATA_IN:
+    text = "<= Recv data";
+    break;
+  case CURLINFO_SSL_DATA_IN:
+    text = "<= Recv SSL data";
+    break;
+  }
+
+  dump(text, (unsigned char *)data, size, 1);
+  return 0;
+}
+
+static void setup(CURL *hnd)
+{
+  FILE *out = fopen("dl", "wb");
+
+  /* write to this file */
+  curl_easy_setopt(hnd, CURLOPT_WRITEDATA, out);
+
+  /* set the same URL */
+  curl_easy_setopt(hnd, CURLOPT_URL, "https://localhost:8443/index.html");
+
+  /* send it verbose for max debuggaility */
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace);
+
+  /* HTTP/2 please */
+  curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0);
+
+  /* we use a self-signed test server, skip verification during debugging */
+  curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L);
+  curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L);
+
+#if (CURLPIPE_MULTIPLEX > 0)
+  /* wait for pipe connection to confirm */
+  curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L);
+#endif
+
+}
+
+/* called when there's an incoming push */
+static int server_push_callback(CURL *parent,
+                                CURL *easy,
+                                size_t num_headers,
+                                struct curl_pushheaders *headers,
+                                void *userp)
+{
+  char *headp;
+  size_t i;
+  int *transfers = (int *)userp;
+  char filename[128];
+  FILE *out;
+  static unsigned int count = 0;
+
+  (void)parent; /* we have no use for this */
+
+  sprintf(filename, "push%u", count++);
+
+  /* here's a new stream, save it in a new file for each new push */
+  out = fopen(filename, "wb");
+
+  /* write to this file */
+  curl_easy_setopt(easy, CURLOPT_WRITEDATA, out);
+
+  fprintf(stderr, "**** push callback approves stream %u, got %d headers!\n",
+          count, (int)num_headers);
+
+  for(i=0; i<num_headers; i++) {
+    headp = curl_pushheader_bynum(headers, i);
+    fprintf(stderr, "**** header %u: %s\n", (int)i, headp);
+  }
+
+  headp = curl_pushheader_byname(headers, ":path");
+  if(headp) {
+    fprintf(stderr, "**** The PATH is %s\n", headp /* skip :path + colon */ );
+  }
+
+  (*transfers)++; /* one more */
+  return CURL_PUSH_OK;
+}
+
+
+/*
+ * Download a file over HTTP/2, take care of server push.
+ */
+int main(void)
+{
+  CURL *easy;
+  CURLM *multi_handle;
+  int still_running; /* keep number of running handles */
+  int transfers=1; /* we start with one */
+  struct CURLMsg *m;
+
+  /* init a multi stack */
+  multi_handle = curl_multi_init();
+
+  easy = curl_easy_init();
+
+  /* set options */
+  setup(easy);
+
+  /* add the easy transfer */
+  curl_multi_add_handle(multi_handle, easy);
+
+  curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX);
+  curl_multi_setopt(multi_handle, CURLMOPT_PUSHFUNCTION, server_push_callback);
+  curl_multi_setopt(multi_handle, CURLMOPT_PUSHDATA, &transfers);
+
+  /* we start some action by calling perform right away */
+  curl_multi_perform(multi_handle, &still_running);
+
+  do {
+    struct timeval timeout;
+    int rc; /* select() return code */
+    CURLMcode mc; /* curl_multi_fdset() return code */
+
+    fd_set fdread;
+    fd_set fdwrite;
+    fd_set fdexcep;
+    int maxfd = -1;
+
+    long curl_timeo = -1;
+
+    FD_ZERO(&fdread);
+    FD_ZERO(&fdwrite);
+    FD_ZERO(&fdexcep);
+
+    /* set a suitable timeout to play around with */
+    timeout.tv_sec = 1;
+    timeout.tv_usec = 0;
+
+    curl_multi_timeout(multi_handle, &curl_timeo);
+    if(curl_timeo >= 0) {
+      timeout.tv_sec = curl_timeo / 1000;
+      if(timeout.tv_sec > 1)
+        timeout.tv_sec = 1;
+      else
+        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+    }
+
+    /* get file descriptors from the transfers */
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+
+    if(mc != CURLM_OK) {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
+
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
+
+    switch(rc) {
+    case -1:
+      /* select error */
+      break;
+    case 0:
+    default:
+      /* timeout or readable/writable sockets */
+      curl_multi_perform(multi_handle, &still_running);
+      break;
+    }
+
+    /*
+     * A little caution when doing server push is that libcurl itself has
+     * created and added one or more easy handles but we need to clean them up
+     * when we are done.
+     */
+
+    do {
+      int msgq = 0;;
+      m = curl_multi_info_read(multi_handle, &msgq);
+      if(m && (m->msg == CURLMSG_DONE)) {
+        CURL *e = m->easy_handle;
+        transfers--;
+        curl_multi_remove_handle(multi_handle, e);
+        curl_easy_cleanup(e);
+      }
+    } while(m);
+
+  } while(transfers); /* as long as we have transfers going */
+
+  curl_multi_cleanup(multi_handle);
+
+
+  return 0;
+}
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -0,0 +1,352 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include <stdio.h>
+#include <stdlib.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+
+/* somewhat unix-specific */
+#include <sys/time.h>
+#include <unistd.h>
+
+/* curl stuff */
+#include <curl/curl.h>
+
+#ifndef CURLPIPE_MULTIPLEX
+/* This little trick will just make sure that we don't enable pipelining for
+   libcurls old enough to not have this symbol. It is _not_ defined to zero in
+   a recent libcurl header. */
+#define CURLPIPE_MULTIPLEX 0
+#endif
+
+#define NUM_HANDLES 1000
+
+void *curl_hnd[NUM_HANDLES];
+int num_transfers;
+
+/* a handle to number lookup, highly ineffective when we do many
+   transfers... */
+static int hnd2num(CURL *hnd)
+{
+  int i;
+  for(i=0; i< num_transfers; i++) {
+    if(curl_hnd[i] == hnd)
+      return i;
+  }
+  return 0; /* weird, but just a fail-safe */
+}
+
+static
+void dump(const char *text, int num, unsigned char *ptr, size_t size,
+          char nohex)
+{
+  size_t i;
+  size_t c;
+  unsigned int width=0x10;
+
+  if(nohex)
+    /* without the hex output, we can fit more on screen */
+    width = 0x40;
+
+  fprintf(stderr, "%d %s, %ld bytes (0x%lx)\n",
+          num, text, (long)size, (long)size);
+
+  for(i=0; i<size; i+= width) {
+
+    fprintf(stderr, "%4.4lx: ", (long)i);
+
+    if(!nohex) {
+      /* hex not disabled, show it */
+      for(c = 0; c < width; c++)
+        if(i+c < size)
+          fprintf(stderr, "%02x ", ptr[i+c]);
+        else
+          fputs("   ", stderr);
+    }
+
+    for(c = 0; (c < width) && (i+c < size); c++) {
+      /* check for 0D0A; if found, skip past and start a new line of output */
+      if (nohex && (i+c+1 < size) && ptr[i+c]==0x0D && ptr[i+c+1]==0x0A) {
+        i+=(c+2-width);
+        break;
+      }
+      fprintf(stderr, "%c",
+              (ptr[i+c]>=0x20) && (ptr[i+c]<0x80)?ptr[i+c]:'.');
+      /* check again for 0D0A, to avoid an extra \n if it's at width */
+      if (nohex && (i+c+2 < size) && ptr[i+c+1]==0x0D && ptr[i+c+2]==0x0A) {
+        i+=(c+3-width);
+        break;
+      }
+    }
+    fputc('\n', stderr); /* newline */
+  }
+}
+
+static
+int my_trace(CURL *handle, curl_infotype type,
+             char *data, size_t size,
+             void *userp)
+{
+  char timebuf[20];
+  const char *text;
+  int num = hnd2num(handle);
+  static time_t epoch_offset;
+  static int    known_offset;
+  struct timeval tv;
+  time_t secs;
+  struct tm *now;
+
+  (void)handle; /* prevent compiler warning */
+  (void)userp;
+
+  gettimeofday(&tv, NULL);
+  if(!known_offset) {
+    epoch_offset = time(NULL) - tv.tv_sec;
+    known_offset = 1;
+  }
+  secs = epoch_offset + tv.tv_sec;
+  now = localtime(&secs);  /* not thread safe but we don't care */
+  snprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld",
+           now->tm_hour, now->tm_min, now->tm_sec, (long)tv.tv_usec);
+
+  switch (type) {
+  case CURLINFO_TEXT:
+    fprintf(stderr, "%s [%d] Info: %s", timebuf, num, data);
+  default: /* in case a new one is introduced to shock us */
+    return 0;
+
+  case CURLINFO_HEADER_OUT:
+    text = "=> Send header";
+    break;
+  case CURLINFO_DATA_OUT:
+    text = "=> Send data";
+    break;
+  case CURLINFO_SSL_DATA_OUT:
+    text = "=> Send SSL data";
+    break;
+  case CURLINFO_HEADER_IN:
+    text = "<= Recv header";
+    break;
+  case CURLINFO_DATA_IN:
+    text = "<= Recv data";
+    break;
+  case CURLINFO_SSL_DATA_IN:
+    text = "<= Recv SSL data";
+    break;
+  }
+
+  dump(text, num, (unsigned char *)data, size, 1);
+  return 0;
+}
+
+struct input {
+  FILE *in;
+  size_t bytes_read; /* count up */
+  CURL *hnd;
+};
+
+static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *userp)
+{
+  struct input *i = userp;
+  size_t retcode = fread(ptr, size, nmemb, i->in);
+  i->bytes_read += retcode;
+  return retcode;
+}
+
+struct input indata[NUM_HANDLES];
+
+static void setup(CURL *hnd, int num, const char *upload)
+{
+  FILE *out;
+  char url[256];
+  char filename[128];
+  struct stat file_info;
+  curl_off_t uploadsize;
+
+  sprintf(filename, "dl-%d", num);
+  out = fopen(filename, "wb");
+
+  sprintf(url, "https://localhost:8443/upload-%d", num);
+
+  /* get the file size of the local file */
+  stat(upload, &file_info);
+  uploadsize = file_info.st_size;
+
+  indata[num].in = fopen(upload, "rb");
+  indata[num].hnd = hnd;
+
+  /* write to this file */
+  curl_easy_setopt(hnd, CURLOPT_WRITEDATA, out);
+
+  /* we want to use our own read function */
+  curl_easy_setopt(hnd, CURLOPT_READFUNCTION, read_callback);
+  /* read from this file */
+  curl_easy_setopt(hnd, CURLOPT_READDATA, &indata[num]);
+  /* provide the size of the upload */
+  curl_easy_setopt(hnd, CURLOPT_INFILESIZE_LARGE, uploadsize);
+
+  /* send in the URL to store the upload as */
+  curl_easy_setopt(hnd, CURLOPT_URL, url);
+
+  /* upload please */
+  curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L);
+
+  /* send it verbose for max debuggaility */
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace);
+
+  /* HTTP/2 please */
+  curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0);
+
+  /* we use a self-signed test server, skip verification during debugging */
+  curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L);
+  curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L);
+
+#if (CURLPIPE_MULTIPLEX > 0)
+  /* wait for pipe connection to confirm */
+  curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L);
+#endif
+
+  curl_hnd[num] = hnd;
+}
+
+/*
+ * Upload all files over HTTP/2, using the same physical connection!
+ */
+int main(int argc, char **argv)
+{
+  CURL *easy[NUM_HANDLES];
+  CURLM *multi_handle;
+  int i;
+  int still_running; /* keep number of running handles */
+  const char *filename = "index.html";
+
+  if(argc > 1)
+    /* if given a number, do that many transfers */
+    num_transfers = atoi(argv[1]);
+
+  if(argc > 2)
+    /* if given a file name, upload this! */
+    filename = argv[2];
+
+  if(!num_transfers || (num_transfers > NUM_HANDLES))
+    num_transfers = 3; /* a suitable low default */
+
+  /* init a multi stack */
+  multi_handle = curl_multi_init();
+
+  for(i=0; i<num_transfers; i++) {
+    easy[i] = curl_easy_init();
+    /* set options */
+    setup(easy[i], i, filename);
+
+    /* add the individual transfer */
+    curl_multi_add_handle(multi_handle, easy[i]);
+  }
+
+  curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX);
+
+  /* We do HTTP/2 so let's stick to one connection per host */
+  curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, 1L);
+
+  /* we start some action by calling perform right away */
+  curl_multi_perform(multi_handle, &still_running);
+
+  do {
+    struct timeval timeout;
+    int rc; /* select() return code */
+    CURLMcode mc; /* curl_multi_fdset() return code */
+
+    fd_set fdread;
+    fd_set fdwrite;
+    fd_set fdexcep;
+    int maxfd = -1;
+
+    long curl_timeo = -1;
+
+    FD_ZERO(&fdread);
+    FD_ZERO(&fdwrite);
+    FD_ZERO(&fdexcep);
+
+    /* set a suitable timeout to play around with */
+    timeout.tv_sec = 1;
+    timeout.tv_usec = 0;
+
+    curl_multi_timeout(multi_handle, &curl_timeo);
+    if(curl_timeo >= 0) {
+      timeout.tv_sec = curl_timeo / 1000;
+      if(timeout.tv_sec > 1)
+        timeout.tv_sec = 1;
+      else
+        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+    }
+
+    /* get file descriptors from the transfers */
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
+
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
+
+    switch(rc) {
+    case -1:
+      /* select error */
+      break;
+    case 0:
+    default:
+      /* timeout or readable/writable sockets */
+      curl_multi_perform(multi_handle, &still_running);
+      break;
+    }
+  } while(still_running);
+
+  curl_multi_cleanup(multi_handle);
+
+  for(i=0; i<num_transfers; i++)
+    curl_easy_cleanup(easy[i]);
+
+  return 0;
+}
--- a/docs/examples/imap-ssl.c
+++ b/docs/examples/imap-ssl.c
@@ -60,7 +60,7 @@ int main(void)
     * they have mentioned in their server certificate's commonName (or
     * subjectAltName) fields, libcurl will refuse to connect. You can skip
     * this check, but this will make the connection less secure. */
-#ifdef SKIP_HOSTNAME_VERFICATION
+#ifdef SKIP_HOSTNAME_VERIFICATION
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
 #endif

--- a/docs/examples/multi-post.c
+++ b/docs/examples/multi-post.c
@@ -64,7 +64,7 @@ int main(void)
  curl = curl_easy_init();
  multi_handle = curl_multi_init();

-  /* initalize custom header list (stating that Expect: 100-continue is not
+  /* initialize custom header list (stating that Expect: 100-continue is not
     wanted */
  headerlist = curl_slist_append(headerlist, buf);
  if(curl && multi_handle) {
--- a/docs/examples/multi-single.c
+++ b/docs/examples/multi-single.c
@@ -81,7 +81,7 @@ int main(void)
    }

    /* 'numfds' being zero means either a timeout or no file descriptors to
-       wait for. Try timeout on first occurance, then assume no file
+       wait for. Try timeout on first occurrence, then assume no file
       descriptors and no file descriptors to wait for means wait for 100
       milliseconds. */

--- a/docs/examples/pop3-multi.c
+++ b/docs/examples/pop3-multi.c
@@ -69,7 +69,7 @@ int main(void)
  curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
  curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");

-  /* This will retreive message 1 from the user's mailbox */
+  /* This will retrieve message 1 from the user's mailbox */
  curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");

  /* Tell the multi stack about our easy handle */
--- a/docs/examples/pop3-retr.c
+++ b/docs/examples/pop3-retr.c
@@ -39,7 +39,7 @@ int main(void)
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");

-    /* This will retreive message 1 from the user's mailbox */
+    /* This will retrieve message 1 from the user's mailbox */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");

    /* Perform the retr */
--- a/docs/examples/pop3-ssl.c
+++ b/docs/examples/pop3-ssl.c
@@ -40,7 +40,7 @@ int main(void)
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");

-    /* This will retreive message 1 from the user's mailbox. Note the use of
+    /* This will retrieve message 1 from the user's mailbox. Note the use of
     * pop3s:// rather than pop3:// to request a SSL based connection. */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3s://pop.example.com/1");

@@ -60,7 +60,7 @@ int main(void)
     * they have mentioned in their server certificate's commonName (or
     * subjectAltName) fields, libcurl will refuse to connect. You can skip
     * this check, but this will make the connection less secure. */
-#ifdef SKIP_HOSTNAME_VERFICATION
+#ifdef SKIP_HOSTNAME_VERIFICATION
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
 #endif

--- a/docs/examples/pop3-tls.c
+++ b/docs/examples/pop3-tls.c
@@ -40,7 +40,7 @@ int main(void)
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");

-    /* This will retreive message 1 from the user's mailbox */
+    /* This will retrieve message 1 from the user's mailbox */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");

    /* In this example, we'll start with a plain text connection, and upgrade
--- a/docs/examples/postinmemory.c
+++ b/docs/examples/postinmemory.c
@@ -101,8 +101,7 @@ int main(void)
    /* always cleanup */
    curl_easy_cleanup(curl);

-    if(chunk.memory)
-      free(chunk.memory);
+    free(chunk.memory);

    /* we're done with libcurl, so clean it up */
    curl_global_cleanup();
--- a/docs/examples/postit2.c
+++ b/docs/examples/postit2.c
@@ -73,7 +73,7 @@ int main(int argc, char *argv[])
               CURLFORM_END);

  curl = curl_easy_init();
-  /* initalize custom header list (stating that Expect: 100-continue is not
+  /* initialize custom header list (stating that Expect: 100-continue is not
     wanted */
  headerlist = curl_slist_append(headerlist, buf);
  if(curl) {
--- a/docs/examples/sftpget.c
+++ b/docs/examples/sftpget.c
@@ -58,7 +58,7 @@ int main(void)
  CURL *curl;
  CURLcode res;
  struct FtpFile ftpfile={
-    "yourfile.bin", /* name to store the file as if succesful */
+    "yourfile.bin", /* name to store the file as if successful */
    NULL
  };

--- a/docs/examples/smtp-mail.c
+++ b/docs/examples/smtp-mail.c
@@ -24,7 +24,7 @@
 #include <curl/curl.h>

 /* This is a simple example showing how to send mail using libcurl's SMTP
- * capabilities. For an exmaple of using the multi interface please see
+ * capabilities. For an example of using the multi interface please see
 * smtp-multi.c.
 *
 * Note that this example requires libcurl 7.20.0 or above.
--- a/docs/examples/smtp-ssl.c
+++ b/docs/examples/smtp-ssl.c
@@ -111,7 +111,7 @@ int main(void)
     * they have mentioned in their server certificate's commonName (or
     * subjectAltName) fields, libcurl will refuse to connect. You can skip
     * this check, but this will make the connection less secure. */
-#ifdef SKIP_HOSTNAME_VERFICATION
+#ifdef SKIP_HOSTNAME_VERIFICATION
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
 #endif

--- a/docs/examples/xmlstream.c
+++ b/docs/examples/xmlstream.c
@@ -120,7 +120,7 @@ int main(void)
  XML_SetElementHandler(parser, startElement, endElement);
  XML_SetCharacterDataHandler(parser, characterDataHandler);

-  /* Initalize a libcurl handle. */
+  /* Initialize a libcurl handle. */
  curl_global_init(CURL_GLOBAL_ALL ^ CURL_GLOBAL_SSL);
  curl_handle = curl_easy_init();
  curl_easy_setopt(curl_handle, CURLOPT_URL, "http://www.w3schools.com/xml/simple.xml");
--- a/docs/libcurl/.gitignore
+++ b/docs/libcurl/.gitignore
@@ -1,2 +1,3 @@
 *.html
 *.pdf
+libcurl-symbols.3
--- a/docs/libcurl/Makefile.am
+++ b/docs/libcurl/Makefile.am
@@ -85,7 +85,7 @@ PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf			 \
 m4macrodir = $(datadir)/aclocal
 dist_m4macro_DATA = libcurl.m4

-CLEANFILES = $(HTMLPAGES) $(PDFPAGES)
+CLEANFILES = $(HTMLPAGES) $(PDFPAGES) $(TESTS) libcurl-symbols.3

 EXTRA_DIST = $(man_MANS) $(HTMLPAGES) index.html $(PDFPAGES) ABI \
  symbols-in-versions symbols.pl mksymbolsmanpage.pl
@@ -94,7 +94,7 @@ MAN2HTML= roffit --mandir=. < $< >$@
 SUFFIXES = .3 .html

 libcurl-symbols.3: $(srcdir)/symbols-in-versions $(srcdir)/mksymbolsmanpage.pl
-	perl $(srcdir)/mksymbolsmanpage.pl < $< > $@
+	perl $(srcdir)/mksymbolsmanpage.pl < $(srcdir)/symbols-in-versions > $@

 html: $(HTMLPAGES)
 	cd opts; make html
@@ -111,3 +111,17 @@ pdf: $(PDFPAGES)
 	ps2pdf $$foo.ps $@; \
 	rm $$foo.ps; \
 	echo "converted $< to $@")
+
+# Make sure each option man page is referenced in the main man page
+TESTS = check-easy check-multi
+LOG_COMPILER = $(PERL)
+# The test fails if the log file contains any text
+AM_LOG_FLAGS = -p -e 'die "$$_" if ($$_);'
+
+check-easy: $(srcdir)/curl_easy_setopt.3 $(srcdir)/opts/CURLOPT*.3
+	OPTS="$$(ls $(srcdir)/opts/CURLOPT*.3 | $(SED) -e 's,^.*/,,' -e 's,\.3$$,,')" && \
+	for opt in $$OPTS; do grep "^\.IP $$opt$$" $(srcdir)/curl_easy_setopt.3 >/dev/null || echo Missing $$opt; done > $@
+
+check-multi: $(srcdir)/curl_multi_setopt.3 $(srcdir)/opts/CURLMOPT*.3
+	OPTS="$$(ls $(srcdir)/opts/CURLMOPT*.3 | $(SED) -e 's,^.*/,,' -e 's,\.3$$,,')" && \
+	for opt in $$OPTS; do grep "^\.IP $$opt$$" $(srcdir)/curl_multi_setopt.3 >/dev/null || echo Missing $$opt; done > $@
--- a/docs/libcurl/curl_easy_cleanup.3
+++ b/docs/libcurl/curl_easy_cleanup.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -63,5 +63,6 @@ if(curl) {
 }
 .fi
 .SH "SEE ALSO"
-.BR curl_easy_init "(3), "
-
+.BR curl_easy_init "(3), " curl_easy_duphandle "(3), "
+.BR curl_easy_reset "(3), "
+.BR curl_multi_cleanup "(3), " curl_multi_remove_handle "(3) "
--- a/docs/libcurl/curl_easy_duphandle.3
+++ b/docs/libcurl/curl_easy_duphandle.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -47,4 +47,6 @@ in a synchronous way, the input handle may not be in use when cloned.
 If this function returns NULL, something went wrong and no valid handle was
 returned.
 .SH "SEE ALSO"
-.BR curl_easy_init "(3)," curl_easy_cleanup "(3)," curl_global_init "(3)"
+.BR curl_easy_init "(3)," curl_easy_cleanup "(3)," curl_easy_reset "(3),"
+.BR curl_global_init "(3)"
+
--- a/docs/libcurl/curl_easy_escape.3
+++ b/docs/libcurl/curl_easy_escape.3
@@ -29,13 +29,13 @@ curl_easy_escape - URL encodes the given string
 .BI "char *curl_easy_escape( CURL *" curl ", char *" string ", int "length " );"
 .ad
 .SH DESCRIPTION
-This function converts the given input \fBstring\fP to an URL encoded string
+This function converts the given input \fIstring\fP to a URL encoded string
 and returns that as a new allocated string. All input characters that are not
 a-z, A-Z, 0-9, '-', '.', '_' or '~' are converted to their "URL escaped"
 version (%NN where NN is a two-digit hexadecimal number).

-If the \fBlength\fP argument is set to 0 (zero), \fIcurl_easy_escape(3)\fP
-uses strlen() on the input \fBurl\fP to find out the size.
+If \fIlength\fP is set to 0 (zero), \fIcurl_easy_escape(3)\fP uses strlen() on
+the input \fIstring\fP to find out the size.

 You must \fIcurl_free(3)\fP the returned string when you're done with it.
 .SH AVAILABILITY
--- a/docs/libcurl/curl_easy_getinfo.3
+++ b/docs/libcurl/curl_easy_getinfo.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -236,6 +236,26 @@ option may not be available for all SSL backends; unsupported SSL backends
 will return 'CURLSSLBACKEND_NONE' to indicate that they are not supported;
 this does not mean that no SSL backend was used. (Added in 7.34.0)

+.nf
+struct curl_tlssessioninfo {
+  curl_sslbackend backend;
+  void *internals;
+};
+.fi
+
+The \fIinternals\fP struct member will point to a TLS library specific pointer
+with the following underlying types:
+.RS
+.IP OpenSSL
+SSL_CTX *
+.IP GnuTLS
+gnutls_session_t
+.IP NSS
+PRFileDesc *
+.IP gskit
+gsk_handle
+.RE
+
 .IP CURLINFO_CONDITION_UNMET
 Pass a pointer to a long to receive the number 1 if the condition provided in
 the previous request didn't match (see \fICURLOPT_TIMECONDITION(3)\fP). Alas,
--- a/docs/libcurl/curl_easy_perform.3
+++ b/docs/libcurl/curl_easy_perform.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -66,7 +66,7 @@ if(curl) {
  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
  res = curl_easy_perform(curl);
  curl_easy_cleanup(curl);
-}}
+}
 .fi
 .SH "SEE ALSO"
 .BR curl_easy_init "(3), " curl_easy_setopt "(3), "
--- a/docs/libcurl/curl_easy_recv.3
+++ b/docs/libcurl/curl_easy_recv.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -42,8 +42,9 @@ buffer. The variable \fBn\fP points to will receive the number of received
 bytes.

 To establish the connection, set \fBCURLOPT_CONNECT_ONLY(3)\fP option before
-calling \fIcurl_easy_perform(3)\fP. Note that \fIcurl_easy_recv(3)\fP does not
-work on connections that were created without this option.
+calling \fIcurl_easy_perform(3)\fP or \cIcurl_multi_perform(3)\fP. Note that
+\fIcurl_easy_recv(3)\fP does not work on connections that were created without
+this option.

 You must ensure that the socket has data to read before calling
 \fIcurl_easy_recv(3)\fP, otherwise the call will return \fBCURLE_AGAIN\fP -
--- a/docs/libcurl/curl_easy_send.3
+++ b/docs/libcurl/curl_easy_send.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -40,8 +40,9 @@ connection set-up.
 The variable \fBn\fP points to will receive the number of sent bytes.

 To establish the connection, set \fBCURLOPT_CONNECT_ONLY(3)\fP option before
-calling \fIcurl_easy_perform(3)\fP. Note that \fIcurl_easy_send(3)\fP will not
-work on connections that were created without this option.
+calling \fIcurl_easy_perform(3)\fP or \fIcurl_multi_perform()\fP. Note that
+\fIcurl_easy_send(3)\fP will not work on connections that were created without
+this option.

 You must ensure that the socket is writable before calling
 \fIcurl_easy_send(3)\fP, otherwise the call will return \fBCURLE_AGAIN\fP -
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -50,6 +50,8 @@ really \fICURLOPT_POSTFIELDS(3)\fP, but the alternative that copies the string
 \fICURLOPT_COPYPOSTFIELDS(3)\fP has some usage characteristics you need to
 read up on.

+The order in which the options are set does not matter.
+
 Before version 7.17.0, strings were not copied. Instead the user was forced
 keep them available until libcurl no longer needed them.

@@ -145,6 +147,8 @@ Fail on HTTP 4xx errors. \fICURLOPT_FAILONERROR(3)\fP
 .SH NETWORK OPTIONS
 .IP CURLOPT_URL
 URL to work on. See \fICURLOPT_URL(3)\fP
+.IP CURLOPT_PATH_AS_IS
+Disable squashing /../ and /./ sequences in the path. See \fICURLOPT_PATH_AS_IS(3)\fP
 .IP CURLOPT_PROTOCOLS
 Allowed protocols. See \fICURLOPT_PROTOCOLS(3)\fP
 .IP CURLOPT_REDIR_PROTOCOLS
@@ -163,6 +167,10 @@ Tunnel through the HTTP proxy. \fICURLOPT_HTTPPROXYTUNNEL(3)\fP
 Socks5 GSSAPI service name. \fICURLOPT_SOCKS5_GSSAPI_SERVICE(3)\fP
 .IP CURLOPT_SOCKS5_GSSAPI_NEC
 Socks5 GSSAPI NEC mode. See \fICURLOPT_SOCKS5_GSSAPI_NEC(3)\fP
+.IP CURLOPT_PROXY_SERVICE_NAME
+Proxy service name. \fICURLOPT_PROXY_SERVICE_NAME(3)\fP
+.IP CURLOPT_SERVICE_NAME
+SPNEGO service name. \fICURLOPT_SERVICE_NAME(3)\fP
 .IP CURLOPT_INTERFACE
 Bind connection locally to this. See \fICURLOPT_INTERFACE(3)\fP
 .IP CURLOPT_LOCALPORT
@@ -214,6 +222,8 @@ HTTP server authentication methods. See \fICURLOPT_HTTPAUTH(3)\fP
 TLS authentication user name. See \fICURLOPT_TLSAUTH_USERNAME(3)\fP
 .IP CURLOPT_TLSAUTH_PASSWORD
 TLS authentication password. See \fICURLOPT_TLSAUTH_PASSWORD(3)\fP
+.IP CURLOPT_TLSAUTH_TYPE
+TLS authentication methods. See \fICURLOPT_TLSAUTH_TYPE(3)\fP
 .IP CURLOPT_PROXYAUTH
 HTTP proxy authentication methods. See \fICURLOPT_PROXYAUTH(3)\fP
 .IP CURLOPT_SASL_IR
@@ -283,6 +293,8 @@ Disable Content decoding. See \fICURLOPT_HTTP_CONTENT_DECODING(3)\fP
 Disable Transfer decoding. See \fICURLOPT_HTTP_TRANSFER_DECODING(3)\fP
 .IP CURLOPT_EXPECT_100_TIMEOUT_MS
 100-continue timeout. See \fICURLOPT_EXPECT_100_TIMEOUT_MS(3)\fP
+.IP CURLOPT_PIPEWAIT
+Wait on connection to pipeline on it. See \fICURLOPT_PIPEWAIT(3)\fP
 .SH SMTP OPTIONS
 .IP CURLOPT_MAIL_FROM
 Address of the sender. See \fICURLOPT_MAIL_FROM(3)\fP
@@ -411,6 +423,8 @@ Bind name resolves to this interface. See \fICURLOPT_DNS_INTERFACE(3)\fP
 Bind name resolves to this IP4 address. See \fICURLOPT_DNS_LOCAL_IP4(3)\fP
 .IP CURLOPT_DNS_LOCAL_IP6
 Bind name resolves to this IP6 address. See \fICURLOPT_DNS_LOCAL_IP6(3)\fP
+.IP CURLOPT_DNS_SERVERS
+Preferred DNS servers. See \fICURLOPT_DNS_SERVERS(3)\fP
 .IP CURLOPT_ACCEPTTIMEOUT_MS
 Timeout for waiting for the server's connect back to be accepted. See \fICURLOPT_ACCEPTTIMEOUT_MS(3)\fP
 .SH SSL and SECURITY OPTIONS
@@ -432,10 +446,16 @@ Enable use of NPN. See \fICURLOPT_SSL_ENABLE_NPN(3)\fP
 Use identifier with SSL engine. See \fICURLOPT_SSLENGINE(3)\fP
 .IP CURLOPT_SSLENGINE_DEFAULT
 Default SSL engine. See \fICURLOPT_SSLENGINE_DEFAULT(3)\fP
+.IP CURLOPT_SSL_FALSESTART
+Enable TLS False Start. See \fICURLOPT_SSL_FALSESTART(3)\fP
 .IP CURLOPT_SSLVERSION
 SSL version to use. See \fICURLOPT_SSLVERSION(3)\fP
+.IP CURLOPT_SSL_VERIFYHOST
+Verify the host name in the SSL certificate. See \fICURLOPT_SSL_VERIFYHOST(3)\fP
 .IP CURLOPT_SSL_VERIFYPEER
 Verify the SSL certificate. See \fICURLOPT_SSL_VERIFYPEER(3)\fP
+.IP CURLOPT_SSL_VERIFYSTATUS
+Verify the SSL certificate's status. See \fICURLOPT_SSL_VERIFYSTATUS(3)\fP
 .IP CURLOPT_CAINFO
 CA cert bundle. See \fICURLOPT_CAINFO(3)\fP
 .IP CURLOPT_ISSUERCERT
@@ -444,8 +464,6 @@ Issuer certificate. See \fICURLOPT_ISSUERCERT(3)\fP
 Path to CA cert bundle. See \fICURLOPT_CAPATH(3)\fP
 .IP CURLOPT_CRLFILE
 Certificate Revocation List. See \fICURLOPT_CRLFILE(3)\fP
-.IP CURLOPT_SSL_VERIFYHOST
-Verify the host name in the SSL certificate. See \fICURLOPT_SSL_VERIFYHOST(3)\fP
 .IP CURLOPT_CERTINFO
 Extract certificate info. See \fICURLOPT_CERTINFO(3)\fP
 .IP CURLOPT_PINNEDPUBLICKEY
--- a/docs/libcurl/curl_easy_unescape.3
+++ b/docs/libcurl/curl_easy_unescape.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -48,4 +48,4 @@ Added in 7.15.4 and replaces the old \fIcurl_unescape(3)\fP function.
 .SH RETURN VALUE
 A pointer to a zero terminated string or NULL if it failed.
 .SH "SEE ALSO"
-.BR curl_easy_escape "(3), " curl_free "(3)," RFC 2396
+.BR curl_easy_escape "(3), " curl_free "(3)," RFC 3986
--- a/docs/libcurl/curl_getdate.3
+++ b/docs/libcurl/curl_getdate.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -91,7 +91,7 @@ Sat, 11 Sep 2004 21:32:11 +0200
 This parser was written to handle date formats specified in RFC 822 (including
 the update in RFC 1123) using time zone name or time zone delta and RFC 850
 (obsoleted by RFC 1036) and ANSI C's asctime() format. These formats are the
-only ones RFC2616 says HTTP applications may use.
+only ones RFC 7231 says HTTP applications may use.
 .SH RETURN VALUE
 This function returns -1 when it fails to parse the date string. Otherwise it
 returns the number of seconds as described.
--- a/docs/libcurl/curl_multi_info_read.3
+++ b/docs/libcurl/curl_multi_info_read.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -49,8 +49,8 @@ calling \fIcurl_multi_cleanup(3)\fP, \fIcurl_multi_remove_handle(3)\fP or
 \fIcurl_easy_cleanup(3)\fP.

 The 'CURLMsg' struct is very simple and only contains very basic information.
-If more involved information is wanted, the particular "easy handle" in
-present in that struct and can thus be used in subsequent regular
+If more involved information is wanted, the particular "easy handle" is
+present in that struct and can be used in subsequent regular
 \fIcurl_easy_getinfo(3)\fP calls (or similar):

 .nf
@@ -68,6 +68,24 @@ is done, and then \fBresult\fP contains the return code for the easy handle
 that just completed.

 At this point, there are no other \fBmsg\fP types defined.
+.SH EXAMPLE
+.nf
+struct CURLMsg *m;
+
+/* call curl_multi_perform or curl_multi_socket_action first, then loop
+   through and check if there are any transfers that have completed */
+
+do {
+  int msgq = 0;
+  m = curl_multi_info_read(multi_handle, &msgq);
+  if(m && (m->msg == CURLMSG_DONE)) {
+    CURL *e = m->easy_handle;
+    transfers--;
+    curl_multi_remove_handle(multi_handle, e);
+    curl_easy_cleanup(e);
+  }
+} while(m);
+.fi
 .SH "RETURN VALUE"
 A pointer to a filled-in struct, or NULL if it failed or ran out of
 structs. It also writes the number of messages left in the queue (after this
--- a/docs/libcurl/curl_multi_perform.3
+++ b/docs/libcurl/curl_multi_perform.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -49,6 +49,55 @@ added handle fails very quickly, it may never be counted as a running_handle.

 When \fIrunning_handles\fP is set to zero (0) on the return of this function,
 there is no longer any transfers in progress.
+.SH EXAMPLE
+.nf
+#ifdef _WIN32
+#define SHORT_SLEEP Sleep(100)
+#else
+#define SHORT_SLEEP usleep(100000)
+#endif
+
+fd_set fdread;
+fd_set fdwrite;
+fd_set fdexcep;
+int maxfd = -1;
+
+long curl_timeo;
+
+curl_multi_timeout(multi_handle, &curl_timeo);
+if(curl_timeo < 0)
+  curl_timeo = 1000;
+
+timeout.tv_sec = curl_timeo / 1000;
+timeout.tv_usec = (curl_timeo % 1000) * 1000;
+
+FD_ZERO(&fdread);
+FD_ZERO(&fdwrite);
+FD_ZERO(&fdexcep);
+
+/* get file descriptors from the transfers */
+mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+
+if(maxfd == -1) {
+  SHORT_SLEEP;
+  rc = 0;
+}
+else
+  rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+
+switch(rc) {
+case -1:
+  /* select error */
+  break;
+case 0:
+default:
+  /* timeout or readable/writable sockets */
+  curl_multi_perform(multi_handle, &still_running);
+  break;
+}
+
+/* if there are still transfers, loop! */
+.fi
 .SH "RETURN VALUE"
 CURLMcode type, general libcurl multi interface error code.

--- a/docs/libcurl/curl_multi_setopt.3
+++ b/docs/libcurl/curl_multi_setopt.3
@@ -47,6 +47,8 @@ See \fICURLMOPT_PIPELINING(3)\fP
 See \fICURLMOPT_TIMERFUNCTION(3)\fP
 .IP CURLMOPT_TIMERDATA
 See \fICURLMOPT_TIMERDATA(3)\fP
+.IP CURLMOPT_MAXCONNECTS
+See \fICURLMOPT_MAXCONNECTS(3)\fP
 .IP CURLMOPT_MAX_HOST_CONNECTIONS
 See \fICURLMOPT_MAX_HOST_CONNECTIONS(3)\fP
 .IP CURLMOPT_MAX_PIPELINE_LENGTH
--- a/docs/libcurl/curl_multi_timeout.3
+++ b/docs/libcurl/curl_multi_timeout.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -49,6 +49,22 @@ SHOULD instead use \fIcurl_multi_setopt(3)\fP and its
 Note: if libcurl returns a -1 timeout here, it just means that libcurl
 currently has no stored timeout value. You must not wait too long (more than a
 few seconds perhaps) before you call curl_multi_perform() again.
+.SH EXAMPLE
+.nf
+struct timeval timeout;
+long timeo;
+
+curl_multi_timeout(multi_handle, &timeo);
+if(timeo < 0)
+  /* no set timeout, use a default */
+  timeo = 980;
+
+timeout.tv_sec = timeo / 1000;
+timeout.tv_usec = (timeo % 1000) * 1000;
+
+/* wait for activities no longer than the set timeout */
+select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+.fi
 .SH "RETURN VALUE"
 The standard CURLMcode for multi interface error codes.
 .SH "TYPICAL USAGE"
--- a/docs/libcurl/curl_multi_wait.3
+++ b/docs/libcurl/curl_multi_wait.3
@@ -44,7 +44,7 @@ The calling application may pass additional curl_waitfd structures which are
 similar to \fIpoll(2)\fP's pollfd structure to be waited on in the same call.

 On completion, if \fInumfds\fP is non-NULL, it will be populated with the
-total number of file descriptors on which interesting events occured. This
+total number of file descriptors on which interesting events occurred. This
 number can include both libcurl internal descriptors as well as descriptors
 provided in \fIextra_fds\fP.

--- a/Show More
+++ b/Show More