RELEASE-NOTES: 7.43.0 release

THANKS: updated with 7.43.0 names
http: do not leak basic auth credentials on re-used connections
2015-06-17 07:44:53 +02:00 · 2015-06-17 07:43:13 +02:00 · 2015-06-17 07:43:13 +02:00 · 2015-06-17 07:43:13 +02:00 · 2015-06-17 07:43:13 +02:00 · 2015-06-17 00:17:03 -04:00
214 changed files with 5191 additions and 5224 deletions
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -16,11 +16,9 @@ Send your suggestions using one of these methods:

 1. in a mail to the mailing list

- 2. in the [bug tracker](https://sourceforge.net/p/curl/bugs/)
+ 2. as a pull request on github

- 3. as a pull request on github
-
- 4. as an issue on github
+ 3. as an issue on github
   

 / The cURL team!
--- a/Makefile.am
+++ b/Makefile.am
@@ -118,7 +118,7 @@ WINBUILD_DIST = winbuild/BUILD.WINDOWS.txt winbuild/gen_resp_file.bat	\
 winbuild/Makefile.msvc.names

 EXTRA_DIST = CHANGES COPYING maketgz Makefile.dist curl-config.in	\
- RELEASE-NOTES buildconf libcurl.pc.in MacOSX-Framework	\
+ RELEASE-NOTES buildconf libcurl.pc.in MacOSX-Framework scripts/zsh.pl	\
 $(CMAKE_DIST) $(VC_DIST) $(WINBUILD_DIST) lib/libcurl.vers.in

 CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ)	\
--- a/4
+++ b/4
@@ -38,12 +38,12 @@ GIT

  To download the very latest source off the GIT server do this:

-    git clone git://github.com/bagder/curl.git
+    git clone https://github.com/bagder/curl.git

  (you'll get a directory named curl created, filled with the source code)

 NOTICE

  Curl contains pieces of source code that is Copyright (c) 1998, 1999
-  Kungliga Tekniska H<EFBFBD>gskolan. This notice is included here to comply with the
+  Kungliga Tekniska Högskolan. This notice is included here to comply with the
  distribution terms.
--- a/148
+++ b/148
@@ -1,22 +1,92 @@
-Curl and libcurl 7.42.1
+Curl and libcurl 7.43.0

- Public curl releases:         146
- Command line options:         173
- curl_easy_setopt() options:   216
+ Public curl releases:         147
+ Command line options:         176
+ curl_easy_setopt() options:   219
 Public functions in libcurl:  58
- Contributors:                 1265
+ Contributors:                 1291
+
+This release includes the following changes:
+
+ o Added CURLOPT_PROXY_SERVICE_NAME[11]
+ o Added CURLOPT_SERVICE_NAME[12]
+ o New curl option: --proxy-service-name[13]
+ o Mew curl option: --service-name [14]
+ o New curl option: --data-raw [5]
+ o Added CURLOPT_PIPEWAIT [15]
+ o Added support for multiplexing transfers using HTTP/2, enable this
+   with the new CURLPIPE_MULTIPLEX bit for CURLMOPT_PIPELINING [16]
+ o HTTP/2: requires nghttp2 1.0.0 or later
+ o scripts: add zsh.pl for generating zsh completion
+ o curl.h: add CURL_HTTP_VERSION_2

 This release includes the following bugfixes:

- o CURLOPT_HEADEROPT: default to separate [5]
- o dist: include {src,lib}/checksrc.whitelist [1]
- o connectionexists: fix build without NTLM [2]
- o docs: distribute the CURLOPT_PINNEDPUBLICKEY(3) man page, too
- o curl -z: do not write empty file on unmet condition [3]
- o openssl: fix serial number output [4]
+ o CVE-2015-3236: lingering HTTP credentials in connection re-use [30]
+ o CVE-2015-3237: SMB send off unrelated memory contents [31]
+ o nss: fix compilation failure with old versions of NSS [1]
 o curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION
- o sws: init http2 state properly
- o curl.1: fix typo
+ o schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error
+ o Curl_ossl_init: load builtin modules [2]
+ o configure: follow-up fix for krb5-config [3]
+ o sasl_sspi: Populate domain from the realm in the challenge [4]
+ o netrc: support 'default' token
+ o README: convert to UTF-8
+ o cyassl: Implement public key pinning
+ o nss: implement public key pinning for NSS backend
+ o mingw build: add arch -m32/-m64 to LDFLAGS
+ o schannel: Fix out of bounds array [6]
+ o configure: remove autogenerated files by autoconf
+ o configure: remove --automake from libtoolize call
+ o acinclude.m4: fix shell test for default CA cert bundle/path
+ o schannel: fix regression in schannel_recv [7]
+ o openssl: skip trace outputs for ssl_ver == 0 [8]
+ o gnutls: properly retrieve certificate status
+ o netrc: Read in text mode when cygwin [9]
+ o winbuild: Document the option used to statically link the CRT [10]
+ o FTP: Make EPSV use the control IP address rather than the original host
+ o FTP: fix dangling conn->ip_addr dereference on verbose EPSV
+ o conncache: keep bundles on host+port bases, not only host names
+ o runtests.pl: use 'h2c' now, no -14 anymore
+ o curlver: introducing new version number (checking) macros
+ o openssl: boringssl build brekage, use SSL_CTX_set_msg_callback [17]
+ o CURLOPT_POSTFIELDS.3: correct variable names [18]
+ o curl_easy_unescape.3: update RFC reference [19]
+ o gnutls: don't fail on non-fatal alerts during handshake
+ o testcurl.pl: allow source to be in an arbitrary directory
+ o CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy
+ o SSPI-error: Change SEC_E_ILLEGAL_MESSAGE description [20]
+ o parse_proxy: switch off tunneling if non-HTTP proxy [21]
+ o share_init: fix OOM crash
+ o perl: remove subdir, not touched in 9 years
+ o CURLOPT_COOKIELIST.3: Add example
+ o CURLOPT_COOKIE.3: Explain that the cookies won't be modified [22]
+ o CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain [23]
+ o FAQ: How do I port libcurl to my OS?
+ o openssl: Use TLS_client_method for OpenSSL 1.1.0+
+ o HTTP-NTLM: fail auth on connection close instead of looping [24]
+ o curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT [25]
+ o curl_getdate.3: update RFC reference
+ o curl_multi_info_read.3: added example
+ o curl_multi_perform.3: added example
+ o curl_multi_timeout.3: added example
+ o cookie: Stop exporting any-domain cookies [26]
+ o openssl: remove dummy callback use from SSL_CTX_set_verify()
+ o openssl: remove SSL_get_session()-using code
+ o openssl: removed USERDATA_IN_PWD_CALLBACK kludge
+ o openssl: removed error string #ifdef
+ o openssl: Fix verification of server-sent legacy intermediates [27]
+ o docs: man page indentation and syntax fixes
+ o docs: Spelling fixes
+ o fopen.c: fix a few compiler warnings
+ o CURLOPT_OPENSOCKETFUNCTION: return error at once [28]
+ o schannel: Add support for optional client certificates
+ o build: Properly detect OpenSSL 1.0.2 when using configure
+ o urldata: store POST size in state.infilesize too [29]
+ o security:choose_mech remove dead code
+ o rtsp_do: remove dead code
+ o docs: many HTTP URIs changed to HTTPS
+ o schannel: schannel_recv overhaul [32]

 This release includes the following known bugs:

@@ -25,17 +95,51 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:

-  Alessandro Ghedini, Alexander Elgert, Daniel Stenberg, Kamil Dudka,
-  Oren Souroujon, Patrick Rapin, Viktor Szakáts, Yehezkel Horowitz,
-  (8 contributors)
+  Alessandro Ghedini, Alexander Dyagilev, Anders Bakken, Anthony Avina,
+  Ashish Shukla, Bert Huijben, Brian Chrisman, Brian Prodoehl, Chris Araman,
+  Dagobert Michelsen, Dan Fandrich, Daniel Melani, Daniel Stenberg,
+  Dmitry Eremin-Solenikov, Drake Arconis, Egon Eckert, Frank Meier, Fred Stluka,
+  Gisle Vanem, Grant Pannell, Isaac Boukris, Jens Rantil, Joel Depooter,
+  Kamil Dudka, Linus Nielsen Feltzing, Linus Nielsen Feltzing Feltzing,
+  Liviu Chircu, Marc Hoersken, Michael Osipov, Oren Souroujon, Orgad Shaneh,
+  Patrick Monnerat, Patrick Rapin, Paul Howarth, Paul Oliver, Rafayel Mkrtchyan,
+  Ray Satiro, Sean Boudreau, Tatsuhiro Tsujikawa, Tomas Tomecek, Viktor Szakáts,
+  Ville Skyttä, Yehezkel Horowitz,
+  (43 contributors)

        Thanks! (and sorry if I forgot to mention someone)

 References to bug reports and discussions on issues:

- [1] = http://curl.haxx.se/mail/archive-2015-04/0046.html
- [2] = http://curl.haxx.se/bug/?i=231
- [3] = https://github.com/bagder/curl/issues/237
- [4] = https://github.com/bagder/curl/issues/235
- [5] = http://curl.haxx.se/docs/adv_20150429.html
- 
+ [1] = http://curl.haxx.se/mail/lib-2015-04/0095.html
+ [2] = https://github.com/bagder/curl/pull/206
+ [3] = https://github.com/bagder/curl/commit/5b668606527613179d0349f21b4ab0df2971e3d2#commitcomment-10473445
+ [4] = https://github.com/bagder/curl/pull/141
+ [5] = https://github.com/bagder/curl/issues/198
+ [6] = http://curl.haxx.se/mail/lib-2015-04/0199.html
+ [7] = https://github.com/bagder/curl/issues/244
+ [8] = https://github.com/bagder/curl/issues/219
+ [9] = https://github.com/bagder/curl/pull/258
+ [10] = https://github.com/bagder/curl/issues/254
+ [11] = http://curl.haxx.se/libcurl/c/CURLOPT_PROXY_SERVICE_NAME.html
+ [12] = http://curl.haxx.se/libcurl/c/CURLOPT_SERVICE_NAME.html
+ [13] = http://curl.haxx.se/docs/manpage.html#--proxy-service-name
+ [14] = http://curl.haxx.se/docs/manpage.html#--service-name
+ [15] = http://curl.haxx.se/libcurl/c/CURLOPT_PIPEWAIT.html
+ [16] = http://curl.haxx.se/libcurl/c/CURLMOPT_PIPELINING.html
+ [17] = https://github.com/bagder/curl/issues/275
+ [18] = https://github.com/bagder/curl/issues/281
+ [19] = https://github.com/bagder/curl/issues/282
+ [20] = https://github.com/bagder/curl/issues/267
+ [21] = http://curl.haxx.se/mail/lib-2015-05/0056.html
+ [22] = http://curl.haxx.se/mail/lib-2015-05/0115.html
+ [23] = http://curl.haxx.se/mail/lib-2015-05/0137.html
+ [24] = https://github.com/bagder/curl/issues/256
+ [25] = https://github.com/bagder/curl/pull/258#issuecomment-107093055
+ [26] = https://github.com/bagder/curl/issues/292
+ [27] = https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest
+ [28] = http://curl.haxx.se/mail/lib-2015-06/0047.html
+ [29] = http://curl.haxx.se/mail/lib-2015-06/0019.html
+ [30] = http://curl.haxx.se/docs/adv_20150617A.html
+ [31] = http://curl.haxx.se/docs/adv_20150617B.html
+ [32] = https://github.com/bagder/curl/issues/244
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -2452,23 +2452,6 @@ AC_DEFUN([CURL_CHECK_FUNC_SELECT], [
 ])


-# This is only a temporary fix. This macro is here to replace the broken one
-# delivered by the automake project (including the 1.9.6 release). As soon as
-# they ship a working version we SHOULD remove this work-around.
-
-AC_DEFUN([AM_MISSING_HAS_RUN],
-[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
-test x"${MISSING+set}" = xset || MISSING="\${SHELL} \"$am_aux_dir/missing\""
-# Use eval to expand $SHELL
-if eval "$MISSING --run true"; then
-  am_missing_run="$MISSING --run "
-else
-  am_missing_run=
-  AC_MSG_WARN([`missing' script is too old or missing])
-fi
-])
-
-
 dnl CURL_VERIFY_RUNTIMELIBS
 dnl -------------------------------------------------
 dnl Verify that the shared libs found so far can be used when running
@@ -2676,7 +2659,7 @@ AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
    AC_DEFINE_UNQUOTED(CURL_CA_PATH, "$capath", [Location of default ca path])
    AC_MSG_RESULT([$capath (capath)])
  fi
-  if test "x$ca" == "xno" && test "x$capath" == "xno"; then
+  if test "x$ca" = "xno" && test "x$capath" = "xno"; then
    AC_MSG_RESULT([no])
  fi
 ])
--- a/4
+++ b/4
@@ -318,6 +318,8 @@ for fname in .deps \
    ltsugar.m4 \
    ltversion.m4 \
    lt~obsolete.m4 \
+    missing \
+    install-sh \
    stamp-h1 \
    stamp-h2 \
    stamp-h3 ; do
@@ -329,7 +331,7 @@ done
 #

 echo "buildconf: running libtoolize"
-${libtoolize} --copy --automake --force || die "libtoolize command failed"
+${libtoolize} --copy --force || die "libtoolize command failed"

 # When using libtool 1.5.X (X < 26) we copy libtool.m4 to our local m4
 # subdirectory and this local copy is patched to fix some warnings that
--- a/configure.ac
+++ b/configure.ac
@@ -1194,8 +1194,6 @@ if test x"$want_gss" = xyes; then
  if test -z "$GSSAPI_INCS"; then
     if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
        GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi`
-     elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
-        GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
     elif test -f "$KRB5CONFIG"; then
        GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi`
     elif test "$GSSAPI_ROOT" != "yes"; then
@@ -2843,7 +2841,9 @@ if test X"$want_h2" != Xno; then
    CPPFLAGS="$CPPFLAGS $CPP_H2"
    LIBS="$LIB_H2 $LIBS"

-    AC_CHECK_LIB(nghttp2, nghttp2_session_callbacks_set_send_callback,
+    # use nghttp2_option_set_no_recv_client_magic to require nghttp2
+    # >= 1.0.0
+    AC_CHECK_LIB(nghttp2, nghttp2_option_set_no_recv_client_magic,
      [
       AC_CHECK_HEADERS(nghttp2/nghttp2.h,
          curl_h2_msg="enabled (nghttp2)"
--- a/docs/BINDINGS
+++ b/docs/BINDINGS
@@ -50,7 +50,7 @@ Cocoa
 D

  Written by Kenneth Bogert
-  http://curl.haxx.se/libcurl/d/
+  http://dlang.org/library/std/net/curl.html

 Dylan

@@ -60,7 +60,7 @@ Dylan
 Eiffel

  Written by Eiffel Software
-  http://curl.haxx.se/libcurl/eiffel/
+  https://room.eiffel.com/library/curl

 Euphoria

@@ -78,7 +78,7 @@ Ferite

 Gambas

-  http://gambas.sourceforge.net
+  http://gambas.sourceforge.net/

 glib/GTK+

@@ -102,8 +102,7 @@ Haskell

 Java

-  Maintained by [blank]
-  http://curl.haxx.se/libcurl/java/
+  https://github.com/pjlegato/curl-java

 Julia

@@ -131,7 +130,7 @@ Mono
 .NET

  libcurl-net by Jeffrey Phillips
-  http://sourceforge.net/projects/libcurl-net/
+  https://sourceforge.net/projects/libcurl-net/

 node.js

@@ -146,7 +145,7 @@ Object-Pascal
 O'Caml

  Written by Lars Nilsson
-  http://sourceforge.net/projects/ocurl/
+  https://sourceforge.net/projects/ocurl/

 Pascal

@@ -155,13 +154,13 @@ Pascal

 Perl

-  Maintained by Cris Bailiff
-  http://curl.haxx.se/libcurl/perl/
+  Maintained by Cris Bailiff and Bálint Szilakszi
+  https://github.com/szbalint/WWW--Curl

 PHP

  Written by Sterling Hughes
-  http://curl.haxx.se/libcurl/php/
+  https://php.net/curl

 PostgreSQL

@@ -175,8 +174,7 @@ Python

 R

-  RCurl by Duncan Temple Lang
-  http://www.omegahat.org/RCurl/
+  http://cran.r-project.org/package=curl

 Rexx

@@ -197,10 +195,15 @@ Ruby
  ruby-curl-multi - written by Kristjan Petursson and Keith Rarick
  http://curl-multi.rubyforge.org/

+Rust
+
+  curl-rust - by Carl Lerche
+  https://github.com/carllerche/curl-rust
+
 Scheme

  Bigloo binding by Kirill Lisovsky
-  http://curl.haxx.se/libcurl/scheme/
+  http://www.metapaper.net/lisovsky/web/curl/

 S-Lang

@@ -230,7 +233,7 @@ Tcl
 Visual Basic

  libcurl-vb by Jeffrey Phillips
-  http://sourceforge.net/projects/libcurl-vb/
+  https://sourceforge.net/projects/libcurl-vb/

 Visual Foxpro

@@ -250,3 +253,8 @@ XBLite

  Written by David Szafranski
  http://perso.wanadoo.fr/xblite/libraries.html
+
+Xojo
+
+  Written by Andrew Lambert
+  https://github.com/charonn0/RB-libcURL
--- a/docs/CONTRIBUTE
+++ b/docs/CONTRIBUTE
@@ -203,7 +203,7 @@

 You need to first checkout the repository:

-     git clone git://github.com/bagder/curl.git
+     git clone https://github.com/bagder/curl.git

 You then proceed and edit all the files you like and you commit them to your
 local repository:
@@ -245,8 +245,8 @@

 For unix-like operating systems:

-     http://www.gnu.org/software/patch/patch.html
-     http://www.gnu.org/directory/diffutils.html
+     https://savannah.gnu.org/projects/patch/
+     https://www.gnu.org/software/diffutils/

 For Windows:

--- a/docs/DISTRO-DILEMMA
+++ b/docs/DISTRO-DILEMMA
@@ -112,7 +112,7 @@ The Better License, Original BSD, GPL or LGPL?
 In Debian land, there seems to be a common opinion that LGPL is "maximally
 compatible" with apps while Original BSD is not. Like this:

-        http://lists.debian.org/debian-devel/2005/09/msg01417.html
+        https://lists.debian.org/debian-devel/2005/09/msg01417.html

 More SSL Libraries

@@ -163,13 +163,13 @@ Distro Angle of this Problem
 Footnotes

 [1] = http://www.xfree86.org/3.3.6/COPYRIGHT2.html#6
- [2] = http://www.fsf.org/licensing/essays/bsd.html
- [3] = http://www.fsf.org/licensing/licenses/gpl.html
+ [2] = https://www.gnu.org/philosophy/bsd.html
+ [3] = https://www.gnu.org/licenses/gpl.html
 [4] = http://curl.haxx.se/docs/copyright.html
- [5] = http://www.openssl.org/source/license.html
- [6] = http://www.fsf.org/licensing/licenses/gpl.html end of section 3
- [7] = http://www.fsf.org/licensing/licenses/lgpl.html
- [8] = http://en.wikipedia.org/wiki/OpenSSL_exception
+ [5] = https://www.openssl.org/source/license.html
+ [6] = https://www.gnu.org/licenses/gpl.html end of section 3
+ [7] = https://www.gnu.org/licenses/lgpl.html
+ [8] = https://en.wikipedia.org/wiki/OpenSSL_exception

 Feedback/Updates provided by

--- a/docs/FAQ
+++ b/docs/FAQ
@@ -21,6 +21,7 @@ FAQ
  1.12 I have a problem who can I chat with?
  1.13 curl's ECCN number?
  1.14 How do I submit my patch?
+  1.15 How do I port libcurl to my OS?

 2. Install Related Problems
  2.1 configure doesn't find OpenSSL even when it is installed
@@ -351,7 +352,7 @@ FAQ
  cryptography. When doing so, the Export Control Classification Number (ECCN)
  is used to identify the level of export control etc.

-  ASF gives a good explanation at http://www.apache.org/dev/crypto.html
+  ASF gives a good explanation at https://www.apache.org/dev/crypto.html

  We believe curl's number might be ECCN 5D002, another possibility is
  5D992. It seems necessary to write them, asking to confirm.
@@ -380,6 +381,19 @@ FAQ

  Lots of more details are found in the CONTRIBUTE and INTERNALS docs.

+  1.15 How do I port libcurl to my OS?
+
+  Here's a rough step-by-step:
+
+  1. copy a suitable lib/config-*.h file as a start to lib/config-[youros].h
+
+  2. edit lib/config-[youros].h to match your OS and setup
+
+  3. edit lib/curl_setup.h to include config-[youros].h when your OS is
+     detected by the preprocessor, in the style others already exist
+
+  4. compile lib/*.c and make them into a library
+

 2. Install Related Problems

@@ -1028,7 +1042,7 @@ FAQ
  timeout is set.

  See option TcpMaxConnectRetransmissions on this page:
-  http://support.microsoft.com/?scid=kb%3Ben-us%3B175523&x=6&y=7
+  https://support.microsoft.com/en-us/kb/175523/en-us

  Also, even on non-Windows systems there may run a firewall or anti-virus
  software or similar that accepts the connection but does not actually do
@@ -1045,7 +1059,7 @@ FAQ
  You'll find that even if D:\blah.txt does exist, cURL returns a 'file
  not found' error.

-  According to RFC 1738 (http://www.faqs.org/rfcs/rfc1738.html),
+  According to RFC 1738 (https://www.ietf.org/rfc/rfc1738.txt),
  file:// URLs must contain a host component, but it is ignored by
  most implementations. In the above example, 'D:' is treated as the
  host component, and is taken away. Thus, cURL tries to open '/blah.txt'.
@@ -1149,13 +1163,13 @@ FAQ
  If you use a OpenSSL-powered libcurl in a multi-threaded environment, you
  need to provide one or two locking functions:

-    http://www.openssl.org/docs/crypto/threads.html
+    https://www.openssl.org/docs/crypto/threads.html

  If you use a GnuTLS-powered libcurl in a multi-threaded environment, you
  need to provide locking function(s) for libgcrypt (which is used by GnuTLS
  for the crypto functions).

-    http://www.gnu.org/software/gnutls/manual/html_node/Multi_002dthreaded-applications.html
+    https://web.archive.org/web/20111103083330/http://www.gnu.org/software/gnutls/manual/html_node/Multi_002dthreaded-applications.html

  No special locking is needed with a NSS-powered libcurl. NSS is thread-safe.

@@ -1331,7 +1345,7 @@ FAQ
  Also note that on many networks NATs or other IP-munging techniques are used
  that makes you see and use a different IP address locally than what the
  remote server will see you coming from. You may also consider using
-  http://www.torproject.org .
+  https://www.torproject.org/ .

  5.13 How do I stop an ongoing transfer?

--- a/docs/HTTP-COOKIES
+++ b/docs/HTTP-COOKIES
@@ -36,7 +36,7 @@ HTTP Cookies
  For a very long time, the only spec explaining how to use cookies was the
  original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html

-  In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published
+  In 2011, RFC6265 (https://www.ietf.org/rfc/rfc6265.txt) was finally published
  and details how cookies work within HTTP.

  1.2 Cookies saved to disk
--- a/docs/HTTP2.md
+++ b/docs/HTTP2.md
@@ -0,0 +1,107 @@
+HTTP/2 with curl
+================
+
+[HTTP/2 Spec](https://www.rfc-editor.org/rfc/rfc7540.txt)
+[http2 explained](http://daniel.haxx.se/http2/)
+
+Build prerequisites
+-------------------
+  - nghttp2
+  - OpenSSL, NSS, GnutTLS or PolarSSL with a new enough version
+
+[nghttp2](https://nghttp2.org/)
+-------------------------------
+
+libcurl uses this 3rd party library for the low level protocol handling
+parts. The reason for this is that HTTP/2 is much more complex at that layer
+than HTTP/1.1 (which we implement on our own) and that nghttp2 is an already
+existing and well functional library.
+
+We require at least version 1.0.0.
+
+Over an http:// URL
+-------------------
+
+If `CURLOPT_HTTP_VERSION` is set to `CURL_HTTP_VERSION_2_0`, libcurl will
+include an upgrade header in the initial request to the host to allow
+upgrading to HTTP/2.
+
+Possibly we can later introduce an option that will cause libcurl to fail if
+not possible to upgrade. Possibly we introduce an option that makes libcurl
+use HTTP/2 at once over http://
+
+Over an https:// URL
+--------------------
+
+If `CURLOPT_HTTP_VERSION` is set to `CURL_HTTP_VERSION_2_0`, libcurl will use
+ALPN (or NPN) to negotiate which protocol to continue with. Possibly introduce
+an option that will cause libcurl to fail if not possible to use HTTP/2.
+Consider options to explicitly disable ALPN and/or NPN.
+
+ALPN is the TLS extension that HTTP/2 is expected to use. The NPN extension is
+for a similar purpose, was made prior to ALPN and is used for SPDY so early
+HTTP/2 servers are implemented using NPN before ALPN support is widespread.
+
+SSL libs
+--------
+
+The challenge is the ALPN and NPN support and all our different SSL
+backends. You may need a fairly updated SSL library version for it to
+provide the necessary TLS features. Right now we support:
+
+  - OpenSSL:  ALPN and NPN
+  - NSS:      ALPN and NPN
+  - GnuTLS:   ALPN
+  - PolarSSL: ALPN
+
+Multiplexing
+------------
+
+Starting in 7.43.0, libcurl fully supports HTTP/2 multiplexing, which is the
+term for doing multiple independent transfers over the same physical TCP
+connection.
+
+To take advantage of multiplexing, you need to use the multi interface and set
+`CURLMOPT_PIPELINING` to `CURLPIPE_MULTIPLEX`. With that bit set, libcurl will
+attempt to re-use existing HTTP/2 connections and just add a new stream over
+that when doing subsequent parallel requests.
+
+While libcurl sets up a connection to a HTTP server there is a period during
+which it doesn't know if it can pipeline or do multiplexing and if you add new
+transfers in that period, libcurl will default to start new connections for
+those transfers. With the new option `CURLOPT_PIPEWAIT` (added in 7.43.0), you
+can ask that a transfer should rather wait and see in case there's a
+connection for the same host in progress that might end up being possible to
+multiplex on. It favours keeping the number of connections low to the cost of
+slightly longer time to first byte transferred.
+
+Applications
+------------
+
+We hide HTTP/2's binary nature and convert received HTTP/2 traffic to headers
+in HTTP 1.1 style. This allows applications to work unmodified.
+
+curl tool
+---------
+
+curl offers the `--http2` command line option to enable use of HTTP/2
+
+HTTP Alternative Services
+-------------------------
+
+Alt-Svc is a suggested extension with a corresponding frame (ALTSVC) in HTTP/2
+that tells the client about an alternative "route" to the same content for the
+same origin server that you get the response from. A browser or long-living
+client can use that hint to create a new connection asynchronously.  For
+libcurl, we may introduce a way to bring such clues to the applicaton and/or
+let a subsequent request use the alternate route
+automatically. [Spec](https://tools.ietf.org/html/draft-ietf-httpbis-alt-svc-05)
+
+TODO
+----
+
+  - Provide API to set priorities / dependencies of individual streams
+
+  - Implement "prior-knowledge" HTTP/2 connecitons over clear text so that
+    curl can connect with HTTP/2 at once without 1.1+Upgrade.
+
--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -173,13 +173,13 @@ Win32
   advice given above.

   KB94248  - How To Use the C Run-Time
-              http://support.microsoft.com/kb/94248/en-us
+              https://support.microsoft.com/kb/94248/en-us

   KB140584 - How to link with the correct C Run-Time (CRT) library
-              http://support.microsoft.com/kb/140584/en-us
+              https://support.microsoft.com/kb/140584/en-us

   KB190799 - Potential Errors Passing CRT Objects Across DLL Boundaries
-              http://msdn.microsoft.com/en-us/library/ms235460
+              https://msdn.microsoft.com/en-us/library/ms235460

   If your app is misbehaving in some strange way, or it is suffering
   from memory corruption, before asking for further help, please try
@@ -209,8 +209,8 @@ Win32
   environment variables, for example:

     set ZLIB_PATH=c:\zlib-1.2.8
-     set OPENSSL_PATH=c:\openssl-0.9.8zc
-     set LIBSSH2_PATH=c:\libssh2-1.4.3
+     set OPENSSL_PATH=c:\openssl-1.0.2c
+     set LIBSSH2_PATH=c:\libssh2-1.6.0

   ATTENTION: if you want to build with libssh2 support you have to use latest
   version 0.17 - previous versions will NOT work with 7.17.0 and later!
@@ -232,7 +232,7 @@ Win32
   - optional MingW32-built OpenLDAP SDK available from:
     http://www.gknw.net/mirror/openldap/
   - optional recent Novell CLDAP SDK available from:
-     http://developer.novell.com/ndk/cldap.htm
+     https://www.novell.com/developer/ndk/ldap_libraries_for_c.html

   Cygwin
   ------
@@ -254,7 +254,7 @@ Win32
   If you use MSVC 6 it is required that you use the February 2003 edition of
   the 'Platform SDK' which can be downloaded from:

-   http://www.microsoft.com/en-us/download/details.aspx?id=12261
+   https://www.microsoft.com/en-us/download/details.aspx?id=12261

   Building any software with MSVC 6 without having PSDK installed is just
   asking for trouble down the road once you have released it, you might notice
@@ -263,7 +263,7 @@ Win32
   software built in such way will at some point regret having done so.

   If the compiler has been updated with the installation of a service pack as
-   those mentioned in http://support.microsoft.com/kb/194022 the compiler can be
+   those mentioned in https://support.microsoft.com/kb/194022 the compiler can be
   safely used to read source code, translate and make it object code.

   But, even with the service packs mentioned above installed, the resulting
@@ -299,7 +299,7 @@ Win32
   Then run 'nmake vc' in curl's root directory.

   If you want to compile with zlib support, you will need to build
-   zlib (http://www.gzip.org/zlib/) as well. Please read the zlib
+   zlib (http://www.zlib.net/) as well. Please read the zlib
   documentation on how to compile zlib. Define the ZLIB_PATH environment
   variable to the location of zlib.h and zlib.lib, for example:

@@ -665,12 +665,10 @@ NetWare
   - gnu make and awk running on the platform you compile on;
     native Win32 versions can be downloaded from:
     http://www.gknw.net/development/prgtools/
-   - recent Novell LibC SDK available from:
-     http://developer.novell.com/ndk/libc.htm
-   - or recent Novell CLib SDK available from:
-     http://developer.novell.com/ndk/clib.htm
+   - recent Novell LibC or Novell CLib SDK available from:
+     https://www.novell.com/developer/ndk/
   - optional recent Novell CLDAP SDK available from:
-     http://developer.novell.com/ndk/cldap.htm
+     https://www.novell.com/developer/ndk/ldap_libraries_for_c.html
   - optional zlib sources (static or dynamic linking with zlib.imp);
     sources with NetWare Makefile can be obtained from:
     http://www.gknw.net/mirror/zlib/
@@ -825,7 +823,7 @@ VxWorks

   To build libcurl for VxWorks you need:

-      - CYGWIN (free, http://cygwin.com/)
+      - CYGWIN (free, https://cygwin.com/)
      - Wind River Workbench (commercial)

   If you have CYGWIN and Workbench installed on you machine
@@ -1086,18 +1084,18 @@ Useful URLs

 axTLS        http://axtls.sourceforge.net/
 c-ares       http://c-ares.haxx.se/
-GNU GSS      http://www.gnu.org/software/gss/
-GnuTLS       http://www.gnu.org/software/gnutls/
-Heimdal      http://www.pdc.kth.se/heimdal/
-libidn       http://www.gnu.org/software/libidn/
+GNU GSS      https://www.gnu.org/software/gss/
+GnuTLS       https://www.gnu.org/software/gnutls/
+Heimdal      http://www.h5l.org/
+libidn       https://www.gnu.org/software/libidn/
 libmetalink  https://launchpad.net/libmetalink/
 libssh2      http://www.libssh2.org/
 MIT Kerberos http://web.mit.edu/kerberos/www/dist/
-NSS          http://www.mozilla.org/projects/security/pki/nss/
+NSS          https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
 OpenLDAP     http://www.openldap.org/
-OpenSSL      http://www.openssl.org/
-PolarSSL     http://polarssl.org/
-yassl        http://www.yassl.com/
+OpenSSL      https://www.openssl.org/
+PolarSSL     https://tls.mbed.org/
+wolfSSL      https://www.wolfssl.com/wolfSSL/
 Zlib         http://www.zlib.net/

 MingW        http://www.mingw.org/
--- a/docs/INSTALL.devcpp
+++ b/docs/INSTALL.devcpp
@@ -95,7 +95,7 @@ install instructions may produce erratic behaviour in DevCpp. For further info
 check the following sites

 http://aditsu.freeunixhost.com/dev-cpp-faq.html
-http://sourceforge.net/forum/message.php?msg_id=3252213
+https://sourceforge.net/p/dev-cpp/discussion/48211/thread/2a85ea46

 As I have mentioned before I will confine this to the SSL Library compilations
 but the process is very similar for compilation of the executable - curl.exe;
--- a/docs/INTERNALS
+++ b/docs/INTERNALS
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -97,7 +97,7 @@ may have been fixed since this was written!
  something beyond ascii but currently libcurl will only pass in the verbatim
  string the app provides. There are several browsers that already do this
  encoding. The key seems to be the updated draft to RFC2231:
-  http://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02
+  https://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02

 66. When using telnet, the time limitation options don't work.
  http://curl.haxx.se/bug/view.cgi?id=846
--- a/docs/LIBCURL-STRUCTS
+++ b/docs/LIBCURL-STRUCTS
@@ -1,245 +0,0 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
-Structs in libcurl
-
-This document should cover 7.32.0 pretty accurately, but will make sense even
-for older and later versions as things don't change drastically that often.
-
- 1. The main structs in libcurl
-  1.1 SessionHandle
-  1.2 connectdata
-  1.3 Curl_multi
-  1.4 Curl_handler
-  1.5 conncache
-  1.6 Curl_share
-  1.7 CookieInfo
-
-==============================================================================
-
-1. The main structs in libcurl
-
-  1.1 SessionHandle
-
-  The SessionHandle handle struct is the one returned to the outside in the
-  external API as a "CURL *". This is usually known as an easy handle in API
-  documentations and examples.
-
-  Information and state that is related to the actual connection is in the
-  'connectdata' struct. When a transfer is about to be made, libcurl will
-  either create a new connection or re-use an existing one. The particular
-  connectdata that is used by this handle is pointed out by
-  SessionHandle->easy_conn.
-
-  Data and information that regard this particular single transfer is put in
-  the SingleRequest sub-struct.
-
-  When the SessionHandle struct is added to a multi handle, as it must be in
-  order to do any transfer, the ->multi member will point to the Curl_multi
-  struct it belongs to. The ->prev and ->next members will then be used by the
-  multi code to keep a linked list of SessionHandle structs that are added to
-  that same multi handle. libcurl always uses multi so ->multi *will* point to
-  a Curl_multi when a transfer is in progress.
-
-  ->mstate is the multi state of this particular SessionHandle. When
-  multi_runsingle() is called, it will act on this handle according to which
-  state it is in. The mstate is also what tells which sockets to return for a
-  specific SessionHandle when curl_multi_fdset() is called etc.
-
-  The libcurl source code generally use the name 'data' for the variable that
-  points to the SessionHandle.
-
-
-  1.2 connectdata
-
-  A general idea in libcurl is to keep connections around in a connection
-  "cache" after they have been used in case they will be used again and then
-  re-use an existing one instead of creating a new as it creates a significant
-  performance boost.
-
-  Each 'connectdata' identifies a single physical connection to a server. If
-  the connection can't be kept alive, the connection will be closed after use
-  and then this struct can be removed from the cache and freed.
-
-  Thus, the same SessionHandle can be used multiple times and each time select
-  another connectdata struct to use for the connection. Keep this in mind, as
-  it is then important to consider if options or choices are based on the
-  connection or the SessionHandle.
-
-  Functions in libcurl will assume that connectdata->data points to the
-  SessionHandle that uses this connection.
-
-  As a special complexity, some protocols supported by libcurl require a
-  special disconnect procedure that is more than just shutting down the
-  socket. It can involve sending one or more commands to the server before
-  doing so. Since connections are kept in the connection cache after use, the
-  original SessionHandle may no longer be around when the time comes to shut
-  down a particular connection. For this purpose, libcurl holds a special
-  dummy 'closure_handle' SessionHandle in the Curl_multi struct to 
-
-  FTP uses two TCP connections for a typical transfer but it keeps both in
-  this single struct and thus can be considered a single connection for most
-  internal concerns.
-
-  The libcurl source code generally use the name 'conn' for the variable that
-  points to the connectdata.
-
-
-  1.3 Curl_multi
-
-  Internally, the easy interface is implemented as a wrapper around multi
-  interface functions. This makes everything multi interface.
-
-  Curl_multi is the multi handle struct exposed as "CURLM *" in external APIs.
-
-  This struct holds a list of SessionHandle structs that have been added to
-  this handle with curl_multi_add_handle(). The start of the list is ->easyp
-  and ->num_easy is a counter of added SessionHandles.
-
-  ->msglist is a linked list of messages to send back when
-  curl_multi_info_read() is called. Basically a node is added to that list
-  when an individual SessionHandle's transfer has completed.
-
-  ->hostcache points to the name cache. It is a hash table for looking up name
-  to IP. The nodes have a limited life time in there and this cache is meant
-  to reduce the time for when the same name is wanted within a short period of
-  time.
-
-  ->timetree points to a tree of SessionHandles, sorted by the remaining time
-  until it should be checked - normally some sort of timeout. Each
-  SessionHandle has one node in the tree.
-
-  ->sockhash is a hash table to allow fast lookups of socket descriptor to
-  which SessionHandle that uses that descriptor. This is necessary for the
-  multi_socket API.
-
-  ->conn_cache points to the connection cache. It keeps track of all
-  connections that are kept after use. The cache has a maximum size.
-
-  ->closure_handle is described in the 'connectdata' section.
-
-  The libcurl source code generally use the name 'multi' for the variable that
-  points to the Curl_multi struct.
-
-
-  1.4 Curl_handler
-
-  Each unique protocol that is supported by libcurl needs to provide at least
-  one Curl_handler struct. It defines what the protocol is called and what
-  functions the main code should call to deal with protocol specific issues.
-  In general, there's a source file named [protocol].c in which there's a
-  "struct Curl_handler Curl_handler_[protocol]" declared. In url.c there's
-  then the main array with all individual Curl_handler structs pointed to from
-  a single array which is scanned through when a URL is given to libcurl to
-  work with.
-
-  ->scheme is the URL scheme name, usually spelled out in uppercase. That's
-  "HTTP" or "FTP" etc. SSL versions of the protcol need its own Curl_handler
-  setup so HTTPS separate from HTTP.
-
-  ->setup_connection is called to allow the protocol code to allocate protocol
-  specific data that then gets associated with that SessionHandle for the rest
-  of this transfer. It gets freed again at the end of the transfer. It will be
-  called before the 'connectdata' for the transfer has been selected/created.
-  Most protocols will allocate its private 'struct [PROTOCOL]' here and assign
-  SessionHandle->req.protop to point to it.
-
-  ->connect_it allows a protocol to do some specific actions after the TCP
-  connect is done, that can still be considered part of the connection phase.
-
-  Some protocols will alter the connectdata->recv[] and connectdata->send[]
-  function pointers in this function.
-
-  ->connecting is similarly a function that keeps getting called as long as the
-  protocol considers itself still in the connecting phase.
-
-  ->do_it is the function called to issue the transfer request. What we call
-  the DO action internally. If the DO is not enough and things need to be kept
-  getting done for the entire DO sequence to complete, ->doing is then usually
-  also provided. Each protocol that needs to do multiple commands or similar
-  for do/doing need to implement their own state machines (see SCP, SFTP,
-  FTP). Some protocols (only FTP and only due to historical reasons) has a
-  separate piece of the DO state called DO_MORE.
-
-  ->doing keeps getting called while issuing the transfer request command(s)
-
-  ->done gets called when the transfer is complete and DONE. That's after the
-  main data has been transferred.
-
-  ->do_more gets called during the DO_MORE state. The FTP protocol uses this
-  state when setting up the second connection.
-
-  ->proto_getsock
-  ->doing_getsock
-  ->domore_getsock
-  ->perform_getsock
-  Functions that return socket information. Which socket(s) to wait for which
-  action(s) during the particular multi state.
-
-  ->disconnect is called immediately before the TCP connection is shutdown.
-
-  ->readwrite gets called during transfer to allow the protocol to do extra
-  reads/writes
-
-  ->defport is the default report TCP or UDP port this protocol uses
-
-  ->protocol is one or more bits in the CURLPROTO_* set. The SSL versions have
-  their "base" protocol set and then the SSL variation. Like "HTTP|HTTPS".
-
-  ->flags is a bitmask with additional information about the protocol that will
-  make it get treated differently by the generic engine:
-
-    PROTOPT_SSL - will make it connect and negotiate SSL
-
-    PROTOPT_DUAL - this protocol uses two connections
-
-    PROTOPT_CLOSEACTION - this protocol has actions to do before closing the
-    connection. This flag is no longer used by code, yet still set for a bunch
-    protocol handlers.
-  
-    PROTOPT_DIRLOCK - "direction lock". The SSH protocols set this bit to
-    limit which "direction" of socket actions that the main engine will
-    concern itself about.
-
-    PROTOPT_NONETWORK - a protocol that doesn't use network (read file:)
-
-    PROTOPT_NEEDSPWD - this protocol needs a password and will use a default
-    one unless one is provided
-
-    PROTOPT_NOURLQUERY - this protocol can't handle a query part on the URL
-    (?foo=bar)
-
-
-  1.5 conncache
-
-  Is a hash table with connections for later re-use. Each SessionHandle has
-  a pointer to its connection cache. Each multi handle sets up a connection
-  cache that all added SessionHandles share by default.
-
-
-  1.6 Curl_share
-  
-  The libcurl share API allocates a Curl_share struct, exposed to the external
-  API as "CURLSH *".
-
-  The idea is that the struct can have a set of own versions of caches and
-  pools and then by providing this struct in the CURLOPT_SHARE option, those
-  specific SessionHandles will use the caches/pools that this share handle
-  holds.
-
-  Then individual SessionHandle structs can be made to share specific things
-  that they otherwise wouldn't, such as cookies.
-
-  The Curl_share struct can currently hold cookies, DNS cache and the SSL
-  session cache.
-
-  
-  1.7 CookieInfo
-
-  This is the main cookie struct. It holds all known cookies and related
-  information. Each SessionHandle has its own private CookieInfo even when
-  they are added to a multi handle. They can be made to share cookies by using
-  the share API.
--- a/docs/LICENSE-MIXING
+++ b/docs/LICENSE-MIXING
@@ -23,29 +23,29 @@ libcurl http://curl.haxx.se/docs/copyright.html
        Uses an MIT (or Modified BSD)-style license that is as liberal as
        possible.

-OpenSSL http://www.openssl.org/source/license.html
+OpenSSL https://www.openssl.org/source/license.html

        (May be used for SSL/TLS support) Uses an Original BSD-style license
        with an announcement clause that makes it "incompatible" with GPL. You
        are not allowed to ship binaries that link with OpenSSL that includes
        GPL code (unless that specific GPL code includes an exception for
        OpenSSL - a habit that is growing more and more common). If OpenSSL's
-        licensing is a problem for you, consider using GnuTLS or yassl
-        instead.
+        licensing is a problem for you, consider using another TLS library.

 GnuTLS  http://www.gnutls.org/

        (May be used for SSL/TLS support) Uses the LGPL[3] license. If this is
-        a problem for you, consider using OpenSSL instead. Also note that
+        a problem for you, consider using another TLS library. Also note that
        GnuTLS itself depends on and uses other libs (libgcrypt and
        libgpg-error) and they too are LGPL- or GPL-licensed.

-yassl   http://www.yassl.com/
+WolfSSL   https://www.wolfssl.com/

-        (May be used for SSL/TLS support) Uses the GPL[1] license. If this is
-        a problem for you, consider using OpenSSL or GnuTLS instead.
+        (May be used for SSL/TLS support) Uses the GPL[1] license or a
+        propietary license. If this is a problem for you, consider using
+        another TLS library.

-NSS     http://www.mozilla.org/projects/security/pki/nss/
+NSS     https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS

        (May be used for SSL/TLS support) Is covered by the MPL[4] license,
        the GPL[1] license and the LGPL[3] license. You may choose to license
@@ -57,13 +57,29 @@ axTLS   http://axtls.sourceforge.net/

        (May be used for SSL/TLS support) Uses a Modified BSD-style license.

+mbedTLS https://tls.mbed.org/
+
+        (May be used for SSL/TLS support) Uses the GPL[1] license or a
+        propietary license. If this is a problem for you, consider using
+        another TLS library.
+
+BoringSSL https://boringssl.googlesource.com/
+
+        (May be used for SSL/TLS support) As an OpenSSL fork, it has the same
+        license as that.
+
+libressl http://www.libressl.org/
+
+        (May be used for SSL/TLS support) As an OpenSSL fork, it has the same
+        license as that.
+
 c-ares  http://daniel.haxx.se/projects/c-ares/license.html

        (Used for asynchronous name resolves) Uses an MIT license that is very
        liberal and imposes no restrictions on any other library or part you
        may link with.

-zlib    http://www.gzip.org/zlib/zlib_license.html
+zlib    http://www.zlib.net/zlib_license.html

        (Used for compressed Transfer-Encoding support) Uses an MIT-style
        license that shouldn't collide with any other library.
@@ -73,12 +89,12 @@ MIT Kerberos http://web.mit.edu/kerberos/www/dist/
        (May be used for GSS support) MIT licensed, that shouldn't collide
        with any other parts.

-Heimdal http://www.pdc.kth.se/heimdal/
+Heimdal http://www.h5l.org

        (May be used for GSS support) Heimdal is Original BSD licensed with
        the announcement clause.

-GNU GSS http://www.gnu.org/software/gss/
+GNU GSS https://www.gnu.org/software/gss/

        (May be used for GSS support) GNU GSS is GPL licensed. Note that you
        may not distribute binary curl packages that uses this if you build
@@ -105,10 +121,10 @@ libssh2 http://www.libssh2.org/
        (Used for scp and sftp support) libssh2 uses a Modified BSD-style
        license.

-[1] = GPL - GNU General Public License: http://www.gnu.org/licenses/gpl.html
-[2] = http://www.fsf.org/licenses/gpl-faq.html#GPLIncompatibleLibs details on
+[1] = GPL - GNU General Public License: https://www.gnu.org/licenses/gpl.html
+[2] = https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs details on
      how to write such an exception to the GPL
 [3] = LGPL - GNU Lesser General Public License:
-      http://www.gnu.org/licenses/lgpl.html
+      https://www.gnu.org/licenses/lgpl.html
 [4] = MPL - Mozilla Public License:
-      http://www.mozilla.org/MPL/
+      https://www.mozilla.org/MPL/
--- a/docs/MAIL-ETIQUETTE
+++ b/docs/MAIL-ETIQUETTE
@@ -230,7 +230,7 @@ MAIL ETIQUETTE
  Quote as little as possible. Just enough to provide the context you cannot
  leave out. A lengthy description can be found here:

-      http://www.netmeister.org/news/learn2quote.html
+      https://www.netmeister.org/news/learn2quote.html

  2.7 Digest

--- a/docs/MANUAL
+++ b/docs/MANUAL
@@ -470,8 +470,8 @@ COOKIES
  stored cookies which match the request as it follows the location.  The
  file "empty.txt" may be a nonexistent file.

-  Alas, to both read and write cookies from a netscape cookie file, you can
-  set both -b and -c to use the same file:
+  To read and write cookies from a netscape cookie file, you can set both -b
+  and -c to use the same file:

        curl -b cookies.txt -c cookies.txt www.example.com

--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -37,8 +37,8 @@ EXTRA_DIST = MANUAL BUGS CONTRIBUTE FAQ FEATURES INTERNALS SSLCERTS	 \
 README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS	 \
 KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY INSTALL		 \
 $(PDFPAGES) LICENSE-MIXING README.netware DISTRO-DILEMMA INSTALL.devcpp \
- MAIL-ETIQUETTE HTTP-COOKIES LIBCURL-STRUCTS SECURITY RELEASE-PROCEDURE  \
- SSL-PROBLEMS
+ MAIL-ETIQUETTE HTTP-COOKIES SECURITY RELEASE-PROCEDURE  \
+ SSL-PROBLEMS HTTP2.md ROADMAP.md

 MAN2HTML= roffit < $< >$@

--- a/docs/RELEASE-PROCEDURE
+++ b/docs/RELEASE-PROCEDURE
@@ -1,9 +1,3 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
 curl release procedure - how to do a release
 ============================================

@@ -84,12 +78,12 @@ Coming dates
 Based on the description above, here are some planned release dates (at the
 time of this writing):

- February 25, 2015 (version 7.41.0)
- April 22, 2015
- June 17, 2015
+- June 17, 2015 (version 7.43.0)
 - August 12, 2015
 - October 7, 2015
 - December 2, 2015
 - January 27, 2016
 - March 23, 2016
 - May 18, 2016
+- July 13, 2016
+- September 7, 2016
--- a/docs/ROADMAP.md
+++ b/docs/ROADMAP.md
@@ -5,44 +5,100 @@ Roadmap of things Daniel Stenberg and Steve Holme want to work on next. It is
 intended to serve as a guideline for others for information, feedback and
 possible participation.

-New stuff - libcurl
+HTTP/2
+------
+
+- test suite
+
+   Base this on existing nghttp2 server to start with to make functional
+   tests. Later on we can adopt that code or work with nghttp2 to provide ways
+   to have the http2 server respond with broken responses to make sure we deal
+   with that nicely as well.
+
+   To decide: if we need to bundle parts of the nghttp2 stuff that probably
+   won't be shipped by many distros.
+
+- stream properties API
+
+   Provide options for setting priorities and dependencies among the streams
+   (easy handles). They are mostly information set for the stream and sent to
+   the server so we don't have to add much logic for this.
+
+- server push
+
+   Not exactly clear exactly how to support this API-wise, but by adding
+   handles without asking for a resource it could be a way to be prepared to
+   receive pushes in case such are sent. We probably need it to still specify
+   a URL with host name, port etc but we probably need a special option to
+   tell libcurl it is for server push purposes.
+
+- provide option for HTTP/2 "prior knowledge" over clear text
+
+   As it would avoid the roundtrip-heavy Upgrade: procedures when you _know_
+   it speaks HTTP/2.
+
+- provide option to allow curl to default to HTTP/2 only when using HTTPS
+
+   We could switch on HTTP/2 by-default for HTTPS quite easily and it
+   shouldn't hurt anyone, while HTTP/2 for HTTP by default could introduce
+   lots of Upgrade: roundtrips that users won't like. So a separated option
+   alternative makes sense.
+
+SRV records
+-----------
+
+How to find services for specific domains/hosts.
+
+HTTPS to proxy
+--------------
+
+To avoid network traffic to/from the proxy getting snooped on.
+
+curl_formadd()
+--------------
+
+make sure there's an easy handle passed in to `curl_formadd()`,
+`curl_formget()` and `curl_formfree()` by adding replacement functions and
+deprecating the old ones to allow custom mallocs and more
+
+third-party SASL
+----------------
+
+add support for third-party SASL libraries such as Cyrus SASL - may need to
+move existing native and SSPI based authentication into vsasl folder after
+reworking HTTP and SASL code
+
+SASL authentication in LDAP
+---------------------------
+
+...
+
+Simplify the SMTP email
+-----------------------
+
+Simplify the SMTP email interface so that programmers don't have to
+construct the body of an email that contains all the headers, alternative
+content, images and attachments - maintain raw interface so that
+programmers that want to do this can
+
+email capabilities
+------------------
+
+Allow the email protocols to return the capabilities before
+authenticating. This will allow an application to decide on the best
+authentication mechanism
+
+Win32 pthreads
+--------------
+
+Allow Windows threading model to be replaced by Win32 pthreads port
+
+dynamic buffer size
 -------------------

-1. HTTP/2
-
- - test suite
- - http2 multiplexing/pipelining
- - provide option for HTTP/2 "prior knowledge" over clear text
- - provide option to allow curl to default to HTTP/2 only when using HTTPS
-
-2. SRV records
-
-3. HTTPS to proxy
-
-4. make sure there's an easy handle passed in to `curl_formadd()`,
-   `curl_formget()` and `curl_formfree()` by adding replacement functions and
-   deprecating the old ones to allow custom mallocs and more
-
-5. add support for third-party SASL libraries such as Cyrus SASL - may need to
-   move existing native and SSPI based authentication into vsasl folder after
-   reworking HTTP and SASL code
-
-6. SASL authentication in LDAP
-
-7. Simplify the SMTP email interface so that programmers don't have to
-   construct the body of an email that contains all the headers, alternative
-   content, images and attachments - maintain raw interface so that
-   programmers that want to do this can
-
-8. Allow the email protocols to return the capabilities before
-    authenticating. This will allow an application to decide on the best
-    authentication mechanism
-
-9. Allow Windows threading model to be replaced by Win32 pthreads port
-
-10. Implement a dynamic buffer size to allow SFTP to use much larger buffers
-    and possibly allow the size to be customizable by applications. Use less
-    memory when handles are not in use?
+Implement a dynamic buffer size to allow SFTP to use much larger buffers and
+possibly allow the size to be customizable by applications. Use less memory
+when handles are not in use?

 New stuff - curl
 ----------------
--- a/docs/SSL-PROBLEMS
+++ b/docs/SSL-PROBLEMS
@@ -53,7 +53,7 @@ SSL ciphers

  References:

-  http://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01
+  https://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01
  
 Allow BEAST

--- a/docs/THANKS
+++ b/docs/THANKS
@@ -36,6 +36,7 @@ Alex Suykov
 Alex Vinnik
 Alex aka WindEagle
 Alexander Beedie
+Alexander Dyagilev
 Alexander Elgert
 Alexander Klauer
 Alexander Kourakos
@@ -55,6 +56,7 @@ Alona Rossen
 Amol Pattekar
 Amr Shahin
 Anatoli Tubman
+Anders Bakken
 Anders Gustafsson
 Anders Havn
 Andi Jahja
@@ -90,6 +92,7 @@ Andy Serpa
 Andy Tsouladze
 Angus Mackay
 Anthon Pang
+Anthony Avina
 Anthony Bryan
 Anthony G. Basile
 Antoine Calando
@@ -104,6 +107,7 @@ Arnaud Ebalard
 Arthur Murray
 Arve Knudsen
 Arvid Norberg
+Ashish Shukla
 Ask Bjørn Hansen
 Askar Safin
 Ates Goral
@@ -131,6 +135,7 @@ Benoit Neil
 Benoit Sigoure
 Bernard Leak
 Bernhard Reutner-Fischer
+Bert Huijben
 Bertrand Demiddelaer
 Bill Doyle
 Bill Egert
@@ -157,8 +162,10 @@ Brandon Wang
 Brendan Jurd
 Brent Beardsley
 Brian Akins
+Brian Chrisman
 Brian Dessent
 Brian J. Murrell
+Brian Prodoehl
 Brian R Duffy
 Brian Ulm
 Brock Noland
@@ -182,6 +189,7 @@ Charles Romestant
 Chen Prog
 Chih-Chung Chang
 Chris "Bob Bob"
+Chris Araman
 Chris Combes
 Chris Conlon
 Chris Deidun
@@ -245,6 +253,7 @@ Daniel Black
 Daniel Cater
 Daniel Egger
 Daniel Johnson
+Daniel Melani
 Daniel Mentz
 Daniel Steinberg
 Daniel Stenberg
@@ -306,6 +315,7 @@ Dirk Manske
 Dmitri Shubin
 Dmitriy Sergeyev
 Dmitry Bartsevich
+Dmitry Eremin-Solenikov
 Dmitry Falko
 Dmitry Kurochkin
 Dmitry Popov
@@ -321,6 +331,7 @@ Douglas Kilpatrick
 Douglas R. Horner
 Douglas Steinwand
 Dov Murik
+Drake Arconis
 Duane Cathey
 Duncan Mac-Vicar Prett
 Dustin Boswell
@@ -335,6 +346,7 @@ Edward Rudd
 Edward Sheldrake
 Eelco Dolstra
 Eetu Ojanen
+Egon Eckert
 Eldar Zaitov
 Ellis Pritchard
 Elmira A Semenova
@@ -390,6 +402,7 @@ François Charlier
 Fred Machado
 Fred New
 Fred Noz
+Fred Stluka
 Frederic Lepied
 Fredrik Thulin
 Gabriel Kuri
@@ -427,6 +440,7 @@ Glenn Sheridan
 Gordon Marler
 Gorilla Maguila
 Grant Erickson
+Grant Pannell
 Greg Hewgill
 Greg Morse
 Greg Onufer
@@ -540,6 +554,7 @@ Jeff Lawson
 Jeff Phillips
 Jeff Pohlmeyer
 Jeff Weber
+Jens Rantil
 Jeremy Friesner
 Jeremy Huddleston
 Jeremy Lin
@@ -567,6 +582,7 @@ Joe Halpin
 Joe Malicki
 Joe Mason
 Joel Chen
+Joel Depooter
 Jofell Gallardo
 Johan Anderson
 Johan Lantz
@@ -705,6 +721,7 @@ Lindley French
 Ling Thio
 Linus Nielsen Feltzing
 Lisa Xu
+Liviu Chircu
 Liza Alenchery
 Lluís Batlle i Rossell
 Loic Dachary
@@ -888,6 +905,7 @@ Oliver Schindler
 Olivier Berger
 Oren Souroujon
 Oren Tirosh
+Orgad Shaneh
 Ori Avtalion
 Oscar Koeroo
 Oscar Norlander
@@ -916,6 +934,7 @@ Paul Marks
 Paul Marquis
 Paul Moore
 Paul Nolan
+Paul Oliver
 Paul Querna
 Paul Saab
 Pavel Cenek
@@ -973,6 +992,7 @@ Quinn Slack
 Radu Simionescu
 Rafa Muyo
 Rafael Sagula
+Rafayel Mkrtchyan
 Rafaël Carré
 Rainer Canavan
 Rainer Jung
@@ -1076,6 +1096,7 @@ Scott Barrett
 Scott Cantor
 Scott Davis
 Scott McCreary
+Sean Boudreau
 Sebastian Rasmussen
 Senthil Raja Velu
 Sergei Nikulov
@@ -1191,6 +1212,7 @@ Tomas Hoger
 Tomas Mlcoch
 Tomas Pospisek
 Tomas Szepe
+Tomas Tomecek
 Tomasz Kojm
 Tomasz Lacki
 Tommie Gannert
@@ -1218,6 +1240,7 @@ Victor Snezhko
 Vijay Panghal
 Vikram Saxena
 Viktor Szakáts
+Ville Skyttä
 Vilmos Nebehaj
 Vincent Bronner
 Vincent Le Normand
--- a/docs/THANKS-filter
+++ b/docs/THANKS-filter
@@ -49,3 +49,4 @@ s/tetetest tetetest//
 s/Jiří Hruška/Jiri Hruska/
 s/Viktor Szakats/Viktor Szakáts/
 s/Jonathan Cardoso/Jonathan Cardoso Machado/
+s/Linus Nielsen/Linus Nielsen Feltzing/
--- a/docs/TODO
+++ b/docs/TODO
@@ -49,6 +49,7 @@
 5.3 Rearrange request header order
 5.4 SPDY
 5.5 auth= in URLs
+ 5.6 Refuse "downgrade" redirects

 6. TELNET
 6.1 ditch stdin
@@ -207,7 +208,7 @@

 To prevent local users from snooping on your traffic to the proxy. Supported
 by Chrome already:
- http://www.chromium.org/developers/design-documents/secure-web-proxy
+ https://www.chromium.org/developers/design-documents/secure-web-proxy

 ...and by Firefox soon:
 https://bugzilla.mozilla.org/show_bug.cgi?id=378637
@@ -264,7 +265,7 @@
 HOST is a command for a client to tell which host name to use, to offer FTP
 servers named-based virtual hosting:

- http://tools.ietf.org/html/rfc7151
+ https://tools.ietf.org/html/rfc7151

 4.2 Alter passive/active on failure and retry

@@ -348,6 +349,14 @@ This is not detailed in any FTP specification.

 Additionally this should be implemented for proxy base URLs as well.

+5.6 Refuse "downgrade" redirects
+
+ See https://github.com/bagder/curl/issues/226
+
+ Consider a way to tell curl to refuse to "downgrade" protocol with a redirect
+ and/or possibly a bit that refuses redirect to change protocol completely.
+
+
 6. TELNET

 6.1 ditch stdin
@@ -420,7 +429,7 @@ be the same as/similar to FTP.

 11.2 Honor file timestamps

-The timestamp of the transfered file should reflect that of the original file.
+The timestamp of the transferred file should reflect that of the original file.

 11.3 Use NTLMv2

@@ -484,7 +493,7 @@ Currently the SMB authentication uses NTLMv1.

 DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL
 keys and certs over DNS using DNSSEC as an alternative to the CA model.
- http://www.rfc-editor.org/rfc/rfc6698.txt
+ https://www.rfc-editor.org/rfc/rfc6698.txt

 An initial patch was posted by Suresh Krishnaswamy on March 7th 2013
 (http://curl.haxx.se/mail/lib-2013-03/0075.html) but it was a too simple
@@ -514,7 +523,7 @@ Currently the SMB authentication uses NTLMv1.
 Therefore support for the existing -E/--cert and --key options should be
 implemented by supplying a custom certificate to the SChannel APIs, see:
 - Getting a Certificate for Schannel
-   http://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx
+   https://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx

 15.2 Add support for custom server certificate validation

@@ -525,7 +534,7 @@ Currently the SMB authentication uses NTLMv1.
 Therefore support for the existing --cacert or --capath options should be
 implemented by supplying a custom certificate to the SChannel APIs, see:
 - Getting a Certificate for Schannel
-   http://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx
+   https://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx

 15.3 Add support for the --ciphers option

@@ -536,7 +545,7 @@ Currently the SMB authentication uses NTLMv1.
 Therefore support for the existing --ciphers option should be implemented
 by mapping the OpenSSL/GnuTLS cipher suites to the SChannel APIs, see
 - Specifying Schannel Ciphers and Cipher Strengths
-   http://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx
+   https://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx

 16. SASL

--- a/docs/VERSIONS
+++ b/docs/VERSIONS
@@ -1,22 +1,18 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
 Version Numbers and Releases
+============================

 Curl is not only curl. Curl is also libcurl. They're actually individually
 versioned, but they mostly follow each other rather closely.

 The version numbering is always built up using the same system:

-        X.Y[.Z]
+        X.Y.Z

- Where
-   X is main version number
-   Y is release number
-   Z is patch number
+  - X is main version number
+  - Y is release number
+  - Z is patch number
+
+## Bumping numbers

 One of these numbers will get bumped in each new release. The numbers to the
 right of a bumped number will be reset to zero. If Z is zero, it may not be
@@ -57,4 +53,4 @@ Version Numbers and Releases
 release. It makes comparisons with greater than and less than work.

 This number is also available as three separate defines:
- LIBCURL_VERSION_MAJOR, LIBCURL_VERSION_MINOR and LIBCURL_VERSION_PATCH.
+ `LIBCURL_VERSION_MAJOR`, `LIBCURL_VERSION_MINOR` and `LIBCURL_VERSION_PATCH`.
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -39,8 +39,7 @@ resume, Metalink, and more. As you will see below, the number of features will
 make your head spin!

 curl is powered by libcurl for all transfer-related features. See
-.BR libcurl (3)
-for details.
+\fIlibcurl(3)\fP for details.
 .SH URL
 The URL syntax is protocol-dependent. You'll find a detailed description in
 RFC 3986.
@@ -269,11 +268,11 @@ If this option is used several times, the last one will be used.
 .IP "--ciphers <list of ciphers>"
 (SSL) Specifies which ciphers to use in the connection. The list of ciphers
 must specify valid ciphers. Read up on SSL cipher list details on this URL:
-\fIhttp://www.openssl.org/docs/apps/ciphers.html\fP
+\fIhttps://www.openssl.org/docs/apps/ciphers.html\fP

 NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of NSS
 ciphers is in the NSSCipherSuite entry at this URL:
-\fIhttp://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\fP
+\fIhttps://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\fP

 If this option is used several times, the last one will be used.
 .IP "--compressed"
@@ -315,9 +314,10 @@ presses the submit button. This will cause curl to pass the data to the server
 using the content-type application/x-www-form-urlencoded.  Compare to
 \fI-F, --form\fP.

-\fI-d, --data\fP is the same as \fI--data-ascii\fP. To post data purely binary,
-you should instead use the \fI--data-binary\fP option. To URL-encode the value
-of a form field you may use \fI--data-urlencode\fP.
+\fI-d, --data\fP is the same as \fI--data-ascii\fP. \fI--data-raw\fP is almost
+the same but does not have a special interpretation of the @ character. To
+post data purely binary, you should instead use the \fI--data-binary\fP option.
+To URL-encode the value of a form field you may use \fI--data-urlencode\fP.

 If any of these options is used more than once on the same command line, the
 data pieces specified will be merged together with a separating
@@ -329,7 +329,8 @@ read the data from, or - if you want curl to read the data from
 stdin. Multiple files can also be specified. Posting data from a file
 named 'foobar' would thus be done with \fI--data\fP @foobar. When --data is
 told to read from a file like that, carriage returns and newlines will be
-stripped out.
+stripped out. If you don't want the @ character to have a special
+interpretation use \fI--data-raw\fP instead.
 .IP "-D, --dump-header <file>"
 Write the protocol headers to the specified file.

@@ -354,6 +355,10 @@ and carriage returns are preserved and conversions are never done.

 If this option is used several times, the ones following the first will append
 data as described in \fI-d, --data\fP.
+.IP "--data-raw <data>"
+(HTTP) This posts data similarly to \fI--data\fP but without the special
+interpretation of the @ character. See \fI-d, --data\fP.
+(Added in 7.43.0)
 .IP "--data-urlencode <data>"
 (HTTP) This posts data, similar to the other --data options with the exception
 that this performs URL-encoding. (Added in 7.18.0)
@@ -548,10 +553,10 @@ indicating its identity. A public key is extracted from this certificate and
 if it does not exactly match the public key provided to this option, curl will
 abort the connection before sending or receiving any data.

-This is currently only implemented in the OpenSSL, GnuTLS and GSKit backends.
+Added in 7.39.0 for OpenSSL, GnuTLS and GSKit. Added in 7.43.0 for NSS and
+wolfSSL/CyaSSL. Other SSL backends not supported.

 If this option is used several times, the last one will be used.
-(Added in 7.39.0)
 .IP "--cert-status"
 (SSL) Tells curl to verify the status of the server certificate by using the
 Certificate Status Request (aka. OCSP stapling) TLS extension.
@@ -661,6 +666,7 @@ curl does one CWD with the full target directory and then operates on the file
 \&"normally" (like in the multicwd case). This is somewhat more standards
 compliant than 'nocwd' but without the full penalty of 'multicwd'.
 .RE
+.IP
 (Added in 7.15.1)
 .IP "--ftp-pasv"
 (FTP) Use passive mode for the data connection. Passive is the internal default
@@ -1053,13 +1059,10 @@ in Metalink file, hash check will fail.
 Makes curl scan the \fI.netrc\fP (\fI_netrc\fP on Windows) file in the user's
 home directory for login name and password. This is typically used for FTP on
 Unix. If used with HTTP, curl will enable user authentication. See
-.BR netrc(4)
-or
-.BR ftp(1)
-for details on the file format. Curl will not complain if that file
-doesn't have the right permissions (it should not be either world- or
-group-readable). The environment variable "HOME" is used to find the home
-directory.
+\fInetrc(5)\fP \fIftp(1)\fP for details on the file format. Curl will not
+complain if that file doesn't have the right permissions (it should not be
+either world- or group-readable). The environment variable "HOME" is used to
+find the home directory.

 A quick and very simple example of how to setup a \fI.netrc\fP to allow curl
 to FTP to the machine host.domain.com with user name \&'myself' and password
@@ -1221,7 +1224,7 @@ i.e "my.host.domain" to specify the machine
 make curl pick the same IP address that is already used for the control
 connection
 .RE
-
+.IP
 If this option is used several times, the last one will be used. Disable the
 use of PORT with \fI--ftp-pasv\fP. Disable the attempt to use the EPRT command
 instead of PORT by using \fI--disable-eprt\fP. EPRT is really PORT++.
@@ -1326,6 +1329,11 @@ with a remote host. (Added in 7.17.1)
 .IP "--proxy-ntlm"
 Tells curl to use HTTP NTLM authentication when communicating with the given
 proxy. Use \fI--ntlm\fP for enabling NTLM with a remote host.
+.IP "--proxy-service-name <servicename>"
+This option allows you to change the service name for proxy negotiation.
+
+Examples: --proxy-negotiate proxy-name \fI--proxy-service-name\fP sockd would use
+sockd/proxy-name.  (Added in 7.43.0).
 .IP "--proxy1.0 <proxyhost[:port]>"
 Use the specified HTTP 1.0 proxy. If the port number is not specified, it is
 assumed at port 1080.
@@ -1423,7 +1431,7 @@ specifies 300 bytes from offset 500(H)
 .B 100-199,500-599
 specifies two separate 100-byte ranges(*)(H)
 .RE
-
+.IP
 (*) = NOTE that this will cause the server to reply with a multipart
 response!

@@ -1507,6 +1515,11 @@ terminal/stdout unless you redirect it.
 .IP "--sasl-ir"
 Enable initial response in SASL authentication.
 (Added in 7.31.0)
+.IP "--service-name <servicename>"
+This option allows you to change the service name for SPNEGO.
+
+Examples: --negotiate \fI--service-name\fP sockd would use
+sockd/server-name.  (Added in 7.43.0).
 .IP "-S, --show-error"
 When used with \fI-s\fP it makes curl show an error message if it fails.
 .IP "--ssl"
@@ -1882,7 +1895,7 @@ displayed with millisecond resolution.
 The URL that was fetched last. This is most meaningful if you've told curl
 to follow location: headers.
 .RE
-
+.IP
 If this option is used several times, the last one will be used.
 .IP "-x, --proxy <[protocol://][user:password@]proxyhost[:port]>"
 Use the specified proxy.
--- a/docs/examples/Makefile.inc
+++ b/docs/examples/Makefile.inc
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -31,7 +31,8 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \
  pop3-dele pop3-top pop3-stat pop3-noop pop3-ssl pop3-tls pop3-multi      \
  imap-list imap-lsub imap-fetch imap-store imap-append imap-examine       \
  imap-search imap-create imap-delete imap-copy imap-noop imap-ssl         \
-  imap-tls imap-multi url2file sftpget ftpsget postinmemory
+  imap-tls imap-multi url2file sftpget ftpsget postinmemory http2-download \
+  http2-upload

 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
--- a/docs/examples/Makefile.m32
+++ b/docs/examples/Makefile.m32
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
 ###########################################################################
 #
 ## Makefile for building curl examples with MingW (GCC-3.2 or later)
-## and optionally OpenSSL (0.9.8), libssh2 (1.3), zlib (1.2.5), librtmp (2.3)
+## and optionally OpenSSL (1.0.2a), libssh2 (1.5), zlib (1.2.8), librtmp (2.4)
 ##
 ## Usage:   mingw32-make -f Makefile.m32 CFG=-feature1[-feature2][-feature3][...]
 ## Example: mingw32-make -f Makefile.m32 CFG=-zlib-ssl-spi-winidn
@@ -38,23 +38,23 @@ ZLIB_PATH = ../../../zlib-1.2.8
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8zc
+OPENSSL_PATH = ../../../openssl-1.0.2a
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../../libssh2-1.4.3
+LIBSSH2_PATH = ../../../libssh2-1.5.0
 endif
 # Edit the path below to point to the base of your librtmp package.
 ifndef LIBRTMP_PATH
-LIBRTMP_PATH = ../../../librtmp-2.3
+LIBRTMP_PATH = ../../../librtmp-2.4
 endif
 # Edit the path below to point to the base of your libidn package.
 ifndef LIBIDN_PATH
-LIBIDN_PATH = ../../../libidn-1.18
+LIBIDN_PATH = ../../../libidn-1.30
 endif
 # Edit the path below to point to the base of your MS IDN package.
 # Microsoft Internationalized Domain Names (IDN) Mitigation APIs 1.1
-# http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad6158d7-ddba-416a-9109-07607425a815
+# https://www.microsoft.com/en-us/download/details.aspx?id=734
 ifndef WINIDN_PATH
 WINIDN_PATH = ../../../Microsoft IDN Mitigation APIs
 endif
@@ -62,6 +62,10 @@ endif
 ifndef LDAP_SDK
 LDAP_SDK = c:/novell/ndk/cldapsdk/win32
 endif
+# Edit the path below to point to the base of your nghttp2 package.
+ifndef NGHTTP2_PATH
+NGHTTP2_PATH = ../../../nghttp2-1.0.0
+endif

 PROOT = ../..

@@ -72,14 +76,24 @@ endif

 # Edit the var below to set to your architecture or set environment var.
 ifndef ARCH
-ARCH = w32
+ifeq ($(findstring x86_64,$(shell $(CC) -dumpmachine)),x86_64)
+ARCH    = w64
+else
+ARCH    = w32
+endif
 endif

 CC	= $(CROSSPREFIX)gcc
 CFLAGS	= -g -O2 -Wall
 CFLAGS	+= -fno-strict-aliasing
 ifeq ($(ARCH),w64)
-CFLAGS	+= -D_AMD64_
+CFLAGS	+= -m64 -D_AMD64_
+LDFLAGS += -m64
+RCFLAGS += -F pe-x86-64
+else
+CFLAGS	+= -m32
+LDFLAGS += -m32
+RCFLAGS += -F pe-i386
 endif
 # comment LDFLAGS below to keep debug info
 LDFLAGS	= -s
@@ -158,9 +172,12 @@ ifeq ($(findstring -metalink,$(CFG)),-metalink)
 METALINK = 1
 endif
 ifeq ($(findstring -winssl,$(CFG)),-winssl)
-SCHANNEL = 1
+WINSSL = 1
 SSPI = 1
 endif
+ifeq ($(findstring -nghttp2,$(CFG)),-nghttp2)
+NGHTTP2 = 1
+endif

 INCLUDES = -I. -I$(PROOT) -I$(PROOT)/include -I$(PROOT)/lib

@@ -184,6 +201,10 @@ ifdef RTMP
  CFLAGS += -DUSE_LIBRTMP
  curl_LDADD += -L"$(LIBRTMP_PATH)/librtmp" -lrtmp -lwinmm
 endif
+ifdef NGHTTP2
+  CFLAGS += -DUSE_NGHTTP2
+  curl_LDADD += -L"$(NGHTTP2_PATH)/lib" -lnghttp2
+endif
 ifdef SSH2
  CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H
  curl_LDADD += -L"$(LIBSSH2_PATH)/win32" -lssh2
@@ -204,7 +225,7 @@ ifdef SSL
  ifndef DYN
    OPENSSL_LIBS += -lgdi32 -lcrypt32
  endif
-  CFLAGS += -DUSE_SSLEAY
+  CFLAGS += -DUSE_OPENSSL
  curl_LDADD += -L"$(OPENSSL_LIBPATH)" $(OPENSSL_LIBS)
 endif
 ifdef ZLIB
@@ -223,7 +244,7 @@ endif
 endif
 ifdef SSPI
  CFLAGS += -DUSE_WINDOWS_SSPI
-  ifdef SCHANNEL
+  ifdef WINSSL
    CFLAGS += -DUSE_SCHANNEL
  endif
 endif
--- a/docs/examples/Makefile.netware
+++ b/docs/examples/Makefile.netware
@@ -19,12 +19,12 @@ endif

 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../../openssl-0.9.8zc
+OPENSSL_PATH = ../../../openssl-1.0.2a
 endif

 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../../libssh2-1.4.3
+LIBSSH2_PATH = ../../../libssh2-1.5.0
 endif

 # Edit the path below to point to the base of your axTLS package.
@@ -34,12 +34,12 @@ endif

 # Edit the path below to point to the base of your libidn package.
 ifndef LIBIDN_PATH
-LIBIDN_PATH = ../../../libidn-1.18
+LIBIDN_PATH = ../../../libidn-1.30
 endif

 # Edit the path below to point to the base of your librtmp package.
 ifndef LIBRTMP_PATH
-LIBRTMP_PATH = ../../../librtmp-2.3
+LIBRTMP_PATH = ../../../librtmp-2.4
 endif

 # Edit the path below to point to the base of your fbopenssl package.
--- a/docs/examples/cookie_interface.c
+++ b/docs/examples/cookie_interface.c
@@ -96,7 +96,12 @@ main(void)
      return 1;
    }

-    /* HTTP-header style cookie */
+    /* HTTP-header style cookie. If you use the Set-Cookie format and don't
+    specify a domain then the cookie is sent for any domain and will not be
+    modified, likely not what you intended. Starting in 7.43.0 any-domain
+    cookies will not be exported either. For more information refer to the
+    CURLOPT_COOKIELIST documentation.
+    */
    snprintf(nline, sizeof(nline),
      "Set-Cookie: OLD_PREF=3d141414bf4209321; "
      "expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.google.com");
--- a/docs/examples/curlx.c
+++ b/docs/examples/curlx.c
@@ -490,7 +490,7 @@ int main(int argc, char **argv) {
        BIO_printf(p.errorbio,"the response has a correct mimetype : %s\n",
                   response);
      else
-        BIO_printf(p.errorbio,"the reponse doesn\'t has an acceptable "
+        BIO_printf(p.errorbio,"the response doesn\'t have an acceptable "
                   "mime type, it is %s instead of %s\n",
                   response,mimetypeaccept);
  }
--- a/docs/examples/fopen.c
+++ b/docs/examples/fopen.c
@@ -108,7 +108,7 @@ static size_t write_callback(char *buffer,
      size=rembuff;
    }
    else {
-      /* realloc suceeded increase buffer size*/
+      /* realloc succeeded increase buffer size*/
      url->buffer_len+=size - rembuff;
      url->buffer=newbuff;
    }
@@ -131,7 +131,7 @@ static int fill_buffer(URL_FILE *file, size_t want)
  CURLMcode mc; /* curl_multi_fdset() return code */

  /* only attempt to fill buffer if transactions still running and buffer
-   * doesnt exceed required size already
+   * doesn't exceed required size already
   */
  if((!file->still_running) || (file->buffer_pos > want))
    return 0;
@@ -205,7 +205,7 @@ static int fill_buffer(URL_FILE *file, size_t want)
 }

 /* use to remove want bytes from the front of a files buffer */
-static int use_buffer(URL_FILE *file,int want)
+static int use_buffer(URL_FILE *file, size_t want)
 {
  /* sort out buffer */
  if((file->buffer_pos - want) <=0) {
@@ -229,7 +229,7 @@ static int use_buffer(URL_FILE *file,int want)
 URL_FILE *url_fopen(const char *url,const char *operation)
 {
  /* this code could check for URLs or types in the 'url' and
-     basicly use the real fopen() for standard files */
+     basically use the real fopen() for standard files */

  URL_FILE *file;
  (void)operation;
@@ -375,7 +375,7 @@ char *url_fgets(char *ptr, size_t size, URL_FILE *file)

  switch(file->type) {
  case CFTYPE_FILE:
-    ptr = fgets(ptr,size,file->handle.file);
+    ptr = fgets(ptr, (int)size, file->handle.file);
    break;

  case CFTYPE_CURL:
@@ -451,7 +451,7 @@ int main(int argc, char *argv[])
  URL_FILE *handle;
  FILE *outf;

-  int nread;
+  size_t nread;
  char buffer[256];
  const char *url;

@@ -499,7 +499,7 @@ int main(int argc, char *argv[])
  }

  do {
-    nread = url_fread(buffer, 1,sizeof(buffer), handle);
+    nread = url_fread(buffer, 1, sizeof(buffer), handle);
    fwrite(buffer,1,nread,outf);
  } while(nread);

--- a/docs/examples/ftpget.c
+++ b/docs/examples/ftpget.c
@@ -53,7 +53,7 @@ int main(void)
  CURL *curl;
  CURLcode res;
  struct FtpFile ftpfile={
-    "curl.tar.gz", /* name to store the file as if succesful */
+    "curl.tar.gz", /* name to store the file as if successful */
    NULL
  };

--- a/docs/examples/ftpsget.c
+++ b/docs/examples/ftpsget.c
@@ -55,7 +55,7 @@ int main(void)
  CURL *curl;
  CURLcode res;
  struct FtpFile ftpfile={
-    "yourfile.bin", /* name to store the file as if succesful */
+    "yourfile.bin", /* name to store the file as if successful */
    NULL
  };

--- a/docs/examples/http2-download.c
+++ b/docs/examples/http2-download.c
@@ -0,0 +1,288 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include <stdio.h>
+#include <stdlib.h>
+
+/* somewhat unix-specific */
+#include <sys/time.h>
+#include <unistd.h>
+
+/* curl stuff */
+#include <curl/curl.h>
+
+#ifndef CURLPIPE_MULTIPLEX
+/* This little trick will just make sure that we don't enable pipelining for
+   libcurls old enough to not have this symbol. It is _not_ defined to zero in
+   a recent libcurl header. */
+#define CURLPIPE_MULTIPLEX 0
+#endif
+
+#define NUM_HANDLES 1000
+
+void *curl_hnd[NUM_HANDLES];
+int num_transfers;
+
+/* a handle to number lookup, highly ineffective when we do many
+   transfers... */
+static int hnd2num(CURL *hnd)
+{
+  int i;
+  for(i=0; i< num_transfers; i++) {
+    if(curl_hnd[i] == hnd)
+      return i;
+  }
+  return 0; /* weird, but just a fail-safe */
+}
+
+static
+void dump(const char *text, int num, unsigned char *ptr, size_t size,
+          char nohex)
+{
+  size_t i;
+  size_t c;
+
+  unsigned int width=0x10;
+
+  if(nohex)
+    /* without the hex output, we can fit more on screen */
+    width = 0x40;
+
+  fprintf(stderr, "%d %s, %ld bytes (0x%lx)\n",
+          num, text, (long)size, (long)size);
+
+  for(i=0; i<size; i+= width) {
+
+    fprintf(stderr, "%4.4lx: ", (long)i);
+
+    if(!nohex) {
+      /* hex not disabled, show it */
+      for(c = 0; c < width; c++)
+        if(i+c < size)
+          fprintf(stderr, "%02x ", ptr[i+c]);
+        else
+          fputs("   ", stderr);
+    }
+
+    for(c = 0; (c < width) && (i+c < size); c++) {
+      /* check for 0D0A; if found, skip past and start a new line of output */
+      if (nohex && (i+c+1 < size) && ptr[i+c]==0x0D && ptr[i+c+1]==0x0A) {
+        i+=(c+2-width);
+        break;
+      }
+      fprintf(stderr, "%c",
+              (ptr[i+c]>=0x20) && (ptr[i+c]<0x80)?ptr[i+c]:'.');
+      /* check again for 0D0A, to avoid an extra \n if it's at width */
+      if (nohex && (i+c+2 < size) && ptr[i+c+1]==0x0D && ptr[i+c+2]==0x0A) {
+        i+=(c+3-width);
+        break;
+      }
+    }
+    fputc('\n', stderr); /* newline */
+  }
+}
+
+static
+int my_trace(CURL *handle, curl_infotype type,
+             char *data, size_t size,
+             void *userp)
+{
+  const char *text;
+  int num = hnd2num(handle);
+  (void)handle; /* prevent compiler warning */
+  (void)userp;
+  switch (type) {
+  case CURLINFO_TEXT:
+    fprintf(stderr, "== %d Info: %s", num, data);
+  default: /* in case a new one is introduced to shock us */
+    return 0;
+
+  case CURLINFO_HEADER_OUT:
+    text = "=> Send header";
+    break;
+  case CURLINFO_DATA_OUT:
+    text = "=> Send data";
+    break;
+  case CURLINFO_SSL_DATA_OUT:
+    text = "=> Send SSL data";
+    break;
+  case CURLINFO_HEADER_IN:
+    text = "<= Recv header";
+    break;
+  case CURLINFO_DATA_IN:
+    text = "<= Recv data";
+    break;
+  case CURLINFO_SSL_DATA_IN:
+    text = "<= Recv SSL data";
+    break;
+  }
+
+  dump(text, num, (unsigned char *)data, size, 1);
+  return 0;
+}
+
+static void setup(CURL *hnd, int num)
+{
+  FILE *out;
+  char filename[128];
+
+  sprintf(filename, "dl-%d", num);
+
+  out = fopen(filename, "wb");
+
+  /* write to this file */
+  curl_easy_setopt(hnd, CURLOPT_WRITEDATA, out);
+
+  /* set the same URL */
+  curl_easy_setopt(hnd, CURLOPT_URL, "https://localhost:8443/index.html");
+
+  /* send it verbose for max debuggaility */
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace);
+
+  /* HTTP/2 please */
+  curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0);
+
+  /* we use a self-signed test server, skip verification during debugging */
+  curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L);
+  curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L);
+
+#if (CURLPIPE_MULTIPLEX > 0)
+  /* wait for pipe connection to confirm */
+  curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L);
+#endif
+
+  curl_hnd[num] = hnd;
+}
+
+/*
+ * Simply download two files over HTTP/2, using the same physical connection!
+ */
+int main(int argc, char **argv)
+{
+  CURL *easy[NUM_HANDLES];
+  CURLM *multi_handle;
+  int i;
+  int still_running; /* keep number of running handles */
+
+  if(argc > 1)
+    /* if given a number, do that many transfers */
+    num_transfers = atoi(argv[1]);
+
+  if(!num_transfers || (num_transfers > NUM_HANDLES))
+    num_transfers = 3; /* a suitable low default */
+
+  /* init a multi stack */
+  multi_handle = curl_multi_init();
+
+  for(i=0; i<num_transfers; i++) {
+    easy[i] = curl_easy_init();
+    /* set options */
+    setup(easy[i], i);
+
+    /* add the individual transfer */
+    curl_multi_add_handle(multi_handle, easy[i]);
+  }
+
+  curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX);
+
+  /* we start some action by calling perform right away */
+  curl_multi_perform(multi_handle, &still_running);
+
+  do {
+    struct timeval timeout;
+    int rc; /* select() return code */
+    CURLMcode mc; /* curl_multi_fdset() return code */
+
+    fd_set fdread;
+    fd_set fdwrite;
+    fd_set fdexcep;
+    int maxfd = -1;
+
+    long curl_timeo = -1;
+
+    FD_ZERO(&fdread);
+    FD_ZERO(&fdwrite);
+    FD_ZERO(&fdexcep);
+
+    /* set a suitable timeout to play around with */
+    timeout.tv_sec = 1;
+    timeout.tv_usec = 0;
+
+    curl_multi_timeout(multi_handle, &curl_timeo);
+    if(curl_timeo >= 0) {
+      timeout.tv_sec = curl_timeo / 1000;
+      if(timeout.tv_sec > 1)
+        timeout.tv_sec = 1;
+      else
+        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+    }
+
+    /* get file descriptors from the transfers */
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
+
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
+
+    switch(rc) {
+    case -1:
+      /* select error */
+      break;
+    case 0:
+    default:
+      /* timeout or readable/writable sockets */
+      curl_multi_perform(multi_handle, &still_running);
+      break;
+    }
+  } while(still_running);
+
+  curl_multi_cleanup(multi_handle);
+
+  for(i=0; i<num_transfers; i++)
+    curl_easy_cleanup(easy[i]);
+
+  return 0;
+}
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -0,0 +1,352 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include <stdio.h>
+#include <stdlib.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+
+/* somewhat unix-specific */
+#include <sys/time.h>
+#include <unistd.h>
+
+/* curl stuff */
+#include <curl/curl.h>
+
+#ifndef CURLPIPE_MULTIPLEX
+/* This little trick will just make sure that we don't enable pipelining for
+   libcurls old enough to not have this symbol. It is _not_ defined to zero in
+   a recent libcurl header. */
+#define CURLPIPE_MULTIPLEX 0
+#endif
+
+#define NUM_HANDLES 1000
+
+void *curl_hnd[NUM_HANDLES];
+int num_transfers;
+
+/* a handle to number lookup, highly ineffective when we do many
+   transfers... */
+static int hnd2num(CURL *hnd)
+{
+  int i;
+  for(i=0; i< num_transfers; i++) {
+    if(curl_hnd[i] == hnd)
+      return i;
+  }
+  return 0; /* weird, but just a fail-safe */
+}
+
+static
+void dump(const char *text, int num, unsigned char *ptr, size_t size,
+          char nohex)
+{
+  size_t i;
+  size_t c;
+  unsigned int width=0x10;
+
+  if(nohex)
+    /* without the hex output, we can fit more on screen */
+    width = 0x40;
+
+  fprintf(stderr, "%d %s, %ld bytes (0x%lx)\n",
+          num, text, (long)size, (long)size);
+
+  for(i=0; i<size; i+= width) {
+
+    fprintf(stderr, "%4.4lx: ", (long)i);
+
+    if(!nohex) {
+      /* hex not disabled, show it */
+      for(c = 0; c < width; c++)
+        if(i+c < size)
+          fprintf(stderr, "%02x ", ptr[i+c]);
+        else
+          fputs("   ", stderr);
+    }
+
+    for(c = 0; (c < width) && (i+c < size); c++) {
+      /* check for 0D0A; if found, skip past and start a new line of output */
+      if (nohex && (i+c+1 < size) && ptr[i+c]==0x0D && ptr[i+c+1]==0x0A) {
+        i+=(c+2-width);
+        break;
+      }
+      fprintf(stderr, "%c",
+              (ptr[i+c]>=0x20) && (ptr[i+c]<0x80)?ptr[i+c]:'.');
+      /* check again for 0D0A, to avoid an extra \n if it's at width */
+      if (nohex && (i+c+2 < size) && ptr[i+c+1]==0x0D && ptr[i+c+2]==0x0A) {
+        i+=(c+3-width);
+        break;
+      }
+    }
+    fputc('\n', stderr); /* newline */
+  }
+}
+
+static
+int my_trace(CURL *handle, curl_infotype type,
+             char *data, size_t size,
+             void *userp)
+{
+  char timebuf[20];
+  const char *text;
+  int num = hnd2num(handle);
+  static time_t epoch_offset;
+  static int    known_offset;
+  struct timeval tv;
+  time_t secs;
+  struct tm *now;
+
+  (void)handle; /* prevent compiler warning */
+  (void)userp;
+
+  gettimeofday(&tv, NULL);
+  if(!known_offset) {
+    epoch_offset = time(NULL) - tv.tv_sec;
+    known_offset = 1;
+  }
+  secs = epoch_offset + tv.tv_sec;
+  now = localtime(&secs);  /* not thread safe but we don't care */
+  snprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld",
+           now->tm_hour, now->tm_min, now->tm_sec, (long)tv.tv_usec);
+
+  switch (type) {
+  case CURLINFO_TEXT:
+    fprintf(stderr, "%s [%d] Info: %s", timebuf, num, data);
+  default: /* in case a new one is introduced to shock us */
+    return 0;
+
+  case CURLINFO_HEADER_OUT:
+    text = "=> Send header";
+    break;
+  case CURLINFO_DATA_OUT:
+    text = "=> Send data";
+    break;
+  case CURLINFO_SSL_DATA_OUT:
+    text = "=> Send SSL data";
+    break;
+  case CURLINFO_HEADER_IN:
+    text = "<= Recv header";
+    break;
+  case CURLINFO_DATA_IN:
+    text = "<= Recv data";
+    break;
+  case CURLINFO_SSL_DATA_IN:
+    text = "<= Recv SSL data";
+    break;
+  }
+
+  dump(text, num, (unsigned char *)data, size, 1);
+  return 0;
+}
+
+struct input {
+  FILE *in;
+  size_t bytes_read; /* count up */
+  CURL *hnd;
+};
+
+static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *userp)
+{
+  struct input *i = userp;
+  size_t retcode = fread(ptr, size, nmemb, i->in);
+  i->bytes_read += retcode;
+  return retcode;
+}
+
+struct input indata[NUM_HANDLES];
+
+static void setup(CURL *hnd, int num, const char *upload)
+{
+  FILE *out;
+  char url[256];
+  char filename[128];
+  struct stat file_info;
+  curl_off_t uploadsize;
+
+  sprintf(filename, "dl-%d", num);
+  out = fopen(filename, "wb");
+
+  sprintf(url, "https://localhost:8443/upload-%d", num);
+
+  /* get the file size of the local file */
+  stat(upload, &file_info);
+  uploadsize = file_info.st_size;
+
+  indata[num].in = fopen(upload, "rb");
+  indata[num].hnd = hnd;
+
+  /* write to this file */
+  curl_easy_setopt(hnd, CURLOPT_WRITEDATA, out);
+
+  /* we want to use our own read function */
+  curl_easy_setopt(hnd, CURLOPT_READFUNCTION, read_callback);
+  /* read from this file */
+  curl_easy_setopt(hnd, CURLOPT_READDATA, &indata[num]);
+  /* provide the size of the upload */
+  curl_easy_setopt(hnd, CURLOPT_INFILESIZE_LARGE, uploadsize);
+
+  /* send in the URL to store the upload as */
+  curl_easy_setopt(hnd, CURLOPT_URL, url);
+
+  /* upload please */
+  curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L);
+
+  /* send it verbose for max debuggaility */
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace);
+
+  /* HTTP/2 please */
+  curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0);
+
+  /* we use a self-signed test server, skip verification during debugging */
+  curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L);
+  curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L);
+
+#if (CURLPIPE_MULTIPLEX > 0)
+  /* wait for pipe connection to confirm */
+  curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L);
+#endif
+
+  curl_hnd[num] = hnd;
+}
+
+/*
+ * Upload all files over HTTP/2, using the same physical connection!
+ */
+int main(int argc, char **argv)
+{
+  CURL *easy[NUM_HANDLES];
+  CURLM *multi_handle;
+  int i;
+  int still_running; /* keep number of running handles */
+  const char *filename = "index.html";
+
+  if(argc > 1)
+    /* if given a number, do that many transfers */
+    num_transfers = atoi(argv[1]);
+
+  if(argc > 2)
+    /* if given a file name, upload this! */
+    filename = argv[2];
+
+  if(!num_transfers || (num_transfers > NUM_HANDLES))
+    num_transfers = 3; /* a suitable low default */
+
+  /* init a multi stack */
+  multi_handle = curl_multi_init();
+
+  for(i=0; i<num_transfers; i++) {
+    easy[i] = curl_easy_init();
+    /* set options */
+    setup(easy[i], i, filename);
+
+    /* add the individual transfer */
+    curl_multi_add_handle(multi_handle, easy[i]);
+  }
+
+  curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX);
+
+  /* We do HTTP/2 so let's stick to one connection per host */
+  curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, 1L);
+
+  /* we start some action by calling perform right away */
+  curl_multi_perform(multi_handle, &still_running);
+
+  do {
+    struct timeval timeout;
+    int rc; /* select() return code */
+    CURLMcode mc; /* curl_multi_fdset() return code */
+
+    fd_set fdread;
+    fd_set fdwrite;
+    fd_set fdexcep;
+    int maxfd = -1;
+
+    long curl_timeo = -1;
+
+    FD_ZERO(&fdread);
+    FD_ZERO(&fdwrite);
+    FD_ZERO(&fdexcep);
+
+    /* set a suitable timeout to play around with */
+    timeout.tv_sec = 1;
+    timeout.tv_usec = 0;
+
+    curl_multi_timeout(multi_handle, &curl_timeo);
+    if(curl_timeo >= 0) {
+      timeout.tv_sec = curl_timeo / 1000;
+      if(timeout.tv_sec > 1)
+        timeout.tv_sec = 1;
+      else
+        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+    }
+
+    /* get file descriptors from the transfers */
+    mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+
+    if(mc != CURLM_OK)
+    {
+      fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc);
+      break;
+    }
+
+    /* On success the value of maxfd is guaranteed to be >= -1. We call
+       select(maxfd + 1, ...); specially in case of (maxfd == -1) there are
+       no fds ready yet so we call select(0, ...) --or Sleep() on Windows--
+       to sleep 100ms, which is the minimum suggested value in the
+       curl_multi_fdset() doc. */
+
+    if(maxfd == -1) {
+#ifdef _WIN32
+      Sleep(100);
+      rc = 0;
+#else
+      /* Portable sleep for platforms other than Windows. */
+      struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
+      rc = select(0, NULL, NULL, NULL, &wait);
+#endif
+    }
+    else {
+      /* Note that on some platforms 'timeout' may be modified by select().
+         If you need access to the original value save a copy beforehand. */
+      rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+    }
+
+    switch(rc) {
+    case -1:
+      /* select error */
+      break;
+    case 0:
+    default:
+      /* timeout or readable/writable sockets */
+      curl_multi_perform(multi_handle, &still_running);
+      break;
+    }
+  } while(still_running);
+
+  curl_multi_cleanup(multi_handle);
+
+  for(i=0; i<num_transfers; i++)
+    curl_easy_cleanup(easy[i]);
+
+  return 0;
+}
--- a/docs/examples/imap-ssl.c
+++ b/docs/examples/imap-ssl.c
@@ -60,7 +60,7 @@ int main(void)
     * they have mentioned in their server certificate's commonName (or
     * subjectAltName) fields, libcurl will refuse to connect. You can skip
     * this check, but this will make the connection less secure. */
-#ifdef SKIP_HOSTNAME_VERFICATION
+#ifdef SKIP_HOSTNAME_VERIFICATION
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
 #endif

--- a/docs/examples/multi-post.c
+++ b/docs/examples/multi-post.c
@@ -64,7 +64,7 @@ int main(void)
  curl = curl_easy_init();
  multi_handle = curl_multi_init();

-  /* initalize custom header list (stating that Expect: 100-continue is not
+  /* initialize custom header list (stating that Expect: 100-continue is not
     wanted */
  headerlist = curl_slist_append(headerlist, buf);
  if(curl && multi_handle) {
--- a/docs/examples/multi-single.c
+++ b/docs/examples/multi-single.c
@@ -81,7 +81,7 @@ int main(void)
    }

    /* 'numfds' being zero means either a timeout or no file descriptors to
-       wait for. Try timeout on first occurance, then assume no file
+       wait for. Try timeout on first occurrence, then assume no file
       descriptors and no file descriptors to wait for means wait for 100
       milliseconds. */

--- a/docs/examples/pop3-multi.c
+++ b/docs/examples/pop3-multi.c
@@ -69,7 +69,7 @@ int main(void)
  curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
  curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");

-  /* This will retreive message 1 from the user's mailbox */
+  /* This will retrieve message 1 from the user's mailbox */
  curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");

  /* Tell the multi stack about our easy handle */
--- a/docs/examples/pop3-retr.c
+++ b/docs/examples/pop3-retr.c
@@ -39,7 +39,7 @@ int main(void)
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");

-    /* This will retreive message 1 from the user's mailbox */
+    /* This will retrieve message 1 from the user's mailbox */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");

    /* Perform the retr */
--- a/docs/examples/pop3-ssl.c
+++ b/docs/examples/pop3-ssl.c
@@ -40,7 +40,7 @@ int main(void)
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");

-    /* This will retreive message 1 from the user's mailbox. Note the use of
+    /* This will retrieve message 1 from the user's mailbox. Note the use of
     * pop3s:// rather than pop3:// to request a SSL based connection. */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3s://pop.example.com/1");

@@ -60,7 +60,7 @@ int main(void)
     * they have mentioned in their server certificate's commonName (or
     * subjectAltName) fields, libcurl will refuse to connect. You can skip
     * this check, but this will make the connection less secure. */
-#ifdef SKIP_HOSTNAME_VERFICATION
+#ifdef SKIP_HOSTNAME_VERIFICATION
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
 #endif

--- a/docs/examples/pop3-tls.c
+++ b/docs/examples/pop3-tls.c
@@ -40,7 +40,7 @@ int main(void)
    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");

-    /* This will retreive message 1 from the user's mailbox */
+    /* This will retrieve message 1 from the user's mailbox */
    curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");

    /* In this example, we'll start with a plain text connection, and upgrade
--- a/docs/examples/postit2.c
+++ b/docs/examples/postit2.c
@@ -73,7 +73,7 @@ int main(int argc, char *argv[])
               CURLFORM_END);

  curl = curl_easy_init();
-  /* initalize custom header list (stating that Expect: 100-continue is not
+  /* initialize custom header list (stating that Expect: 100-continue is not
     wanted */
  headerlist = curl_slist_append(headerlist, buf);
  if(curl) {
--- a/docs/examples/sftpget.c
+++ b/docs/examples/sftpget.c
@@ -58,7 +58,7 @@ int main(void)
  CURL *curl;
  CURLcode res;
  struct FtpFile ftpfile={
-    "yourfile.bin", /* name to store the file as if succesful */
+    "yourfile.bin", /* name to store the file as if successful */
    NULL
  };

--- a/docs/examples/smtp-mail.c
+++ b/docs/examples/smtp-mail.c
@@ -24,7 +24,7 @@
 #include <curl/curl.h>

 /* This is a simple example showing how to send mail using libcurl's SMTP
- * capabilities. For an exmaple of using the multi interface please see
+ * capabilities. For an example of using the multi interface please see
 * smtp-multi.c.
 *
 * Note that this example requires libcurl 7.20.0 or above.
--- a/docs/examples/smtp-ssl.c
+++ b/docs/examples/smtp-ssl.c
@@ -111,7 +111,7 @@ int main(void)
     * they have mentioned in their server certificate's commonName (or
     * subjectAltName) fields, libcurl will refuse to connect. You can skip
     * this check, but this will make the connection less secure. */
-#ifdef SKIP_HOSTNAME_VERFICATION
+#ifdef SKIP_HOSTNAME_VERIFICATION
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
 #endif

--- a/docs/examples/xmlstream.c
+++ b/docs/examples/xmlstream.c
@@ -120,7 +120,7 @@ int main(void)
  XML_SetElementHandler(parser, startElement, endElement);
  XML_SetCharacterDataHandler(parser, characterDataHandler);

-  /* Initalize a libcurl handle. */
+  /* Initialize a libcurl handle. */
  curl_global_init(CURL_GLOBAL_ALL ^ CURL_GLOBAL_SSL);
  curl_handle = curl_easy_init();
  curl_easy_setopt(curl_handle, CURLOPT_URL, "http://www.w3schools.com/xml/simple.xml");
--- a/docs/libcurl/.gitignore
+++ b/docs/libcurl/.gitignore
@@ -1,2 +1,3 @@
 *.html
 *.pdf
+libcurl-symbols.3
--- a/docs/libcurl/curl_easy_cleanup.3
+++ b/docs/libcurl/curl_easy_cleanup.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -63,5 +63,6 @@ if(curl) {
 }
 .fi
 .SH "SEE ALSO"
-.BR curl_easy_init "(3), "
-
+.BR curl_easy_init "(3), " curl_easy_duphandle "(3), "
+.BR curl_easy_reset "(3), "
+.BR curl_multi_cleanup "(3), " curl_multi_remove_handle "(3) "
--- a/docs/libcurl/curl_easy_duphandle.3
+++ b/docs/libcurl/curl_easy_duphandle.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -47,4 +47,6 @@ in a synchronous way, the input handle may not be in use when cloned.
 If this function returns NULL, something went wrong and no valid handle was
 returned.
 .SH "SEE ALSO"
-.BR curl_easy_init "(3)," curl_easy_cleanup "(3)," curl_global_init "(3)"
+.BR curl_easy_init "(3)," curl_easy_cleanup "(3)," curl_easy_reset "(3),"
+.BR curl_global_init "(3)"
+
--- a/docs/libcurl/curl_easy_escape.3
+++ b/docs/libcurl/curl_easy_escape.3
@@ -29,13 +29,13 @@ curl_easy_escape - URL encodes the given string
 .BI "char *curl_easy_escape( CURL *" curl ", char *" string ", int "length " );"
 .ad
 .SH DESCRIPTION
-This function converts the given input \fBstring\fP to an URL encoded string
+This function converts the given input \fIstring\fP to a URL encoded string
 and returns that as a new allocated string. All input characters that are not
 a-z, A-Z, 0-9, '-', '.', '_' or '~' are converted to their "URL escaped"
 version (%NN where NN is a two-digit hexadecimal number).

-If the \fBlength\fP argument is set to 0 (zero), \fIcurl_easy_escape(3)\fP
-uses strlen() on the input \fBurl\fP to find out the size.
+If \fIlength\fP is set to 0 (zero), \fIcurl_easy_escape(3)\fP uses strlen() on
+the input \fIstring\fP to find out the size.

 You must \fIcurl_free(3)\fP the returned string when you're done with it.
 .SH AVAILABILITY
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -165,6 +165,10 @@ Tunnel through the HTTP proxy. \fICURLOPT_HTTPPROXYTUNNEL(3)\fP
 Socks5 GSSAPI service name. \fICURLOPT_SOCKS5_GSSAPI_SERVICE(3)\fP
 .IP CURLOPT_SOCKS5_GSSAPI_NEC
 Socks5 GSSAPI NEC mode. See \fICURLOPT_SOCKS5_GSSAPI_NEC(3)\fP
+.IP CURLOPT_PROXY_SERVICE_NAME
+Proxy service name. \fICURLOPT_PROXY_SERVICE_NAME(3)\fP
+.IP CURLOPT_SERVICE_NAME
+SPNEGO service name. \fICURLOPT_SERVICE_NAME(3)\fP
 .IP CURLOPT_INTERFACE
 Bind connection locally to this. See \fICURLOPT_INTERFACE(3)\fP
 .IP CURLOPT_LOCALPORT
--- a/docs/libcurl/curl_easy_unescape.3
+++ b/docs/libcurl/curl_easy_unescape.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -48,4 +48,4 @@ Added in 7.15.4 and replaces the old \fIcurl_unescape(3)\fP function.
 .SH RETURN VALUE
 A pointer to a zero terminated string or NULL if it failed.
 .SH "SEE ALSO"
-.BR curl_easy_escape "(3), " curl_free "(3)," RFC 2396
+.BR curl_easy_escape "(3), " curl_free "(3)," RFC 3986
--- a/docs/libcurl/curl_getdate.3
+++ b/docs/libcurl/curl_getdate.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -91,7 +91,7 @@ Sat, 11 Sep 2004 21:32:11 +0200
 This parser was written to handle date formats specified in RFC 822 (including
 the update in RFC 1123) using time zone name or time zone delta and RFC 850
 (obsoleted by RFC 1036) and ANSI C's asctime() format. These formats are the
-only ones RFC2616 says HTTP applications may use.
+only ones RFC 7231 says HTTP applications may use.
 .SH RETURN VALUE
 This function returns -1 when it fails to parse the date string. Otherwise it
 returns the number of seconds as described.
--- a/docs/libcurl/curl_multi_info_read.3
+++ b/docs/libcurl/curl_multi_info_read.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -49,8 +49,8 @@ calling \fIcurl_multi_cleanup(3)\fP, \fIcurl_multi_remove_handle(3)\fP or
 \fIcurl_easy_cleanup(3)\fP.

 The 'CURLMsg' struct is very simple and only contains very basic information.
-If more involved information is wanted, the particular "easy handle" in
-present in that struct and can thus be used in subsequent regular
+If more involved information is wanted, the particular "easy handle" is
+present in that struct and can be used in subsequent regular
 \fIcurl_easy_getinfo(3)\fP calls (or similar):

 .nf
@@ -68,6 +68,24 @@ is done, and then \fBresult\fP contains the return code for the easy handle
 that just completed.

 At this point, there are no other \fBmsg\fP types defined.
+.SH EXAMPLE
+.nf
+struct CURLMsg *m;
+
+/* call curl_multi_perform or curl_multi_socket_action first, then loop
+   through and check if there are any transfers that have completed */
+
+do {
+  int msgq = 0;
+  m = curl_multi_info_read(multi_handle, &msgq);
+  if(m && (m->msg == CURLMSG_DONE)) {
+    CURL *e = m->easy_handle;
+    transfers--;
+    curl_multi_remove_handle(multi_handle, e);
+    curl_easy_cleanup(e);
+  }
+} while(m);
+.fi
 .SH "RETURN VALUE"
 A pointer to a filled-in struct, or NULL if it failed or ran out of
 structs. It also writes the number of messages left in the queue (after this
--- a/docs/libcurl/curl_multi_perform.3
+++ b/docs/libcurl/curl_multi_perform.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -49,6 +49,55 @@ added handle fails very quickly, it may never be counted as a running_handle.

 When \fIrunning_handles\fP is set to zero (0) on the return of this function,
 there is no longer any transfers in progress.
+.SH EXAMPLE
+.nf
+#ifdef _WIN32
+#define SHORT_SLEEP Sleep(100)
+#else
+#define SHORT_SLEEP usleep(100000)
+#endif
+
+fd_set fdread;
+fd_set fdwrite;
+fd_set fdexcep;
+int maxfd = -1;
+
+long curl_timeo;
+
+curl_multi_timeout(multi_handle, &curl_timeo);
+if(curl_timeo < 0)
+  curl_timeo = 1000;
+
+timeout.tv_sec = curl_timeo / 1000;
+timeout.tv_usec = (curl_timeo % 1000) * 1000;
+
+FD_ZERO(&fdread);
+FD_ZERO(&fdwrite);
+FD_ZERO(&fdexcep);
+
+/* get file descriptors from the transfers */
+mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+
+if(maxfd == -1) {
+  SHORT_SLEEP;
+  rc = 0;
+}
+else
+  rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+
+switch(rc) {
+case -1:
+  /* select error */
+  break;
+case 0:
+default:
+  /* timeout or readable/writable sockets */
+  curl_multi_perform(multi_handle, &still_running);
+  break;
+}
+
+/* if there are still transfers, loop! */
+.fi
 .SH "RETURN VALUE"
 CURLMcode type, general libcurl multi interface error code.

--- a/docs/libcurl/curl_multi_timeout.3
+++ b/docs/libcurl/curl_multi_timeout.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -49,6 +49,22 @@ SHOULD instead use \fIcurl_multi_setopt(3)\fP and its
 Note: if libcurl returns a -1 timeout here, it just means that libcurl
 currently has no stored timeout value. You must not wait too long (more than a
 few seconds perhaps) before you call curl_multi_perform() again.
+.SH EXAMPLE
+.nf
+struct timeval timeout;
+long timeo;
+
+curl_multi_timeout(multi_handle, &timeo);
+if(timeo < 0)
+  /* no set timeout, use a default */
+  timeo = 980;
+
+timeout.tv_sec = timeo / 1000;
+timeout.tv_usec = (timeo % 1000) * 1000;
+
+/* wait for activities no longer than the set timeout */
+select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+.fi
 .SH "RETURN VALUE"
 The standard CURLMcode for multi interface error codes.
 .SH "TYPICAL USAGE"
--- a/docs/libcurl/curl_multi_wait.3
+++ b/docs/libcurl/curl_multi_wait.3
@@ -44,7 +44,7 @@ The calling application may pass additional curl_waitfd structures which are
 similar to \fIpoll(2)\fP's pollfd structure to be waited on in the same call.

 On completion, if \fInumfds\fP is non-NULL, it will be populated with the
-total number of file descriptors on which interesting events occured. This
+total number of file descriptors on which interesting events occurred. This
 number can include both libcurl internal descriptors as well as descriptors
 provided in \fIextra_fds\fP.

--- a/docs/libcurl/libcurl-multi.3
+++ b/docs/libcurl/libcurl-multi.3
@@ -136,7 +136,7 @@ normal multi interface. Then you also set two callbacks with the
 CURLMOPT_SOCKETFUNCTION and CURLMOPT_TIMERFUNCTION options to
 \fIcurl_multi_setopt(3)\fP. They are two callback functions that libcurl will
 call with information about what sockets to wait for, and for what activity,
-and what the curret timeout time is - if that expires libcurl should be
+and what the current timeout time is - if that expires libcurl should be
 notified.

 The multi_socket API is designed to inform your application about which
--- a/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.3
+++ b/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -29,8 +29,9 @@ CURLMOPT_MAX_HOST_CONNECTIONS \- set max number of connections to a single host
 CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_MAX_HOST_CONNECTIONS, long max);
 .SH DESCRIPTION
 Pass a long to indicate \fBmax\fP. The set number will be used as the maximum
-amount of simultaneously open connections to a single host. For each new
-session to a host, libcurl will open a new connection up to the limit set by
+amount of simultaneously open connections to a single host (a host being the
+same as a host name + port number pair). For each new session to a host,
+libcurl will open a new connection up to the limit set by
 \fICURLMOPT_MAX_HOST_CONNECTIONS(3)\fP. When the limit is reached, the
 sessions will be pending until a connection becomes available. If
 \fICURLMOPT_PIPELINING(3)\fP is enabled, libcurl will try to pipeline if the
@@ -40,6 +41,9 @@ The default \fBmax\fP value is 0, unlimited.  However, for backwards
 compatibility, setting it to 0 when \fICURLMOPT_PIPELINING(3)\fP is 1 will not
 be treated as unlimited. Instead it will open only 1 connection and try to
 pipeline on it.
+
+This set limit is also used for proxy connections, and then the proxy is
+considered to be the host for which this limit counts.
 .SH DEFAULT
 0
 .SH PROTOCOLS
--- a/docs/libcurl/opts/CURLMOPT_PIPELINING.3
+++ b/docs/libcurl/opts/CURLMOPT_PIPELINING.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -26,17 +26,28 @@ CURLMOPT_PIPELINING \- enable/disable HTTP pipelining
 .SH SYNOPSIS
 #include <curl/curl.h>

-CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_PIPELINING, bool onoff);
+CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_PIPELINING, long bits);
 .SH DESCRIPTION
-Set the \fBonoff\fP parameter to 1 to make libcurl use HTTP pipelining for
-HTTP transfers done using this multi handle, as far as possible. This means
-that if you add a second request that can use an already existing connection,
-the second request will be \&"piped" on the same connection rather than being
-executed in parallel.
+Set the \fBbits\fP parameter to 1 to make libcurl use HTTP pipelining for
+HTTP/1.1 transfers done using this multi handle, as far as possible. This
+means that if you add a second request that can use an already existing
+connection, the second request will be \&"piped" on the same connection rather
+than being executed in parallel.

 When using pipelining, there are also several other related options that are
 interesting to tweak and adjust to alter how libcurl spreads out requests on
 different connections or not etc.
+
+Starting in 7.43.0, the \fBbits\fP parameter's bit 1 also has a meaning and
+libcurl is now offering symbol names for the bits:
+.IP CURLPIPE_NOTHING (0)
+Default, which means doing no attempts at pipelining or multiplexing.
+.IP CURLPIPE_HTTP1 (1)
+If this bit is set, libcurl will try to pipeline HTTP/1.1 requests on
+connections that are already established and in use to hosts.
+.IP CURLPIPE_MULTIPLEX (2)
+If this bit is set, libcurl will try to multiplex the new transfer over an
+existing connection if possible. This requires HTTP/2.
 .SH DEFAULT
 0 (off)
 .SH PROTOCOLS
@@ -44,7 +55,7 @@ HTTP(S)
 .SH EXAMPLE
 TODO
 .SH AVAILABILITY
-Added in 7.16.0
+Added in 7.16.0. Multiplex support bit added in 7.43.0.
 .SH RETURN VALUE
 Returns CURLM_OK if the option is supported, and CURLM_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"
--- a/docs/libcurl/opts/CURLOPT_CHUNK_DATA.3
+++ b/docs/libcurl/opts/CURLOPT_CHUNK_DATA.3
@@ -29,8 +29,8 @@ CURLOPT_CHUNK_DATA \- custom pointer to the FTP chunk callbacks
 CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CHUNK_DATA, void *pointer);
 .SH DESCRIPTION
 Pass a \fIpointer\fP that will be untouched by libcurl and passed as the ptr
-argument to the \fICURL_CHUNK_BGN_FUNTION(3)\fP and
-\fICURL_CHUNK_END_FUNTION(3)\fP.
+argument to the \fICURL_CHUNK_BGN_FUNCTION(3)\fP and
+\fICURL_CHUNK_END_FUNCTION(3)\fP.
 .SH DEFAULT
 NULL
 .SH PROTOCOLS
--- a/docs/libcurl/opts/CURLOPT_COOKIE.3
+++ b/docs/libcurl/opts/CURLOPT_COOKIE.3
@@ -40,6 +40,15 @@ This option sets the cookie header explicitly in the outgoing request(s). If
 multiple requests are done due to authentication, followed redirections or
 similar, they will all get this cookie passed on.

+The cookies set by this option are separate from the internal cookie storage
+held by the cookie engine and will not be modified by it. If you enable the
+cookie engine and either you've imported a cookie of the same name (e.g. 'foo')
+or the server has set one, it will have no effect on the cookies you set here.
+A request to the server will send both the 'foo' held by the cookie engine and
+the 'foo' held by this option. To set a cookie that is instead held by the
+cookie engine and can be modified by the server use
+\fICURLOPT_COOKIELIST(3)\fP.
+
 Using this option multiple times will only make the latest string override the
 previous ones.

--- a/docs/libcurl/opts/CURLOPT_COOKIELIST.3
+++ b/docs/libcurl/opts/CURLOPT_COOKIELIST.3
@@ -36,6 +36,16 @@ Such a cookie can be either a single line in Netscape / Mozilla format or just
 regular HTTP-style header (Set-Cookie: ...) format. This will also enable the
 cookie engine. This adds that single cookie to the internal cookie store.

+If you use the Set-Cookie format and don't specify a domain then the cookie
+is sent for any domain and will not be modified. If a server sets a cookie of
+the same name (or maybe you've imported one) then both will be sent on a future
+transfer to that server, likely not what you intended. Either set a domain in
+Set-Cookie (doing that will include sub domains) or use the Netscape format as
+shown in EXAMPLE.
+
+Starting in 7.43.0 the aforementioned any-domain cookies will not appear in the
+lists exported by \fICURLINFO_COOKIELIST(3)\fP and \fICURLOPT_COOKIEJAR(3)\fP.
+
 Additionally, there are commands available that perform actions if you pass in
 these exact strings:
 .IP ALL
@@ -55,7 +65,46 @@ NULL
 .SH PROTOCOLS
 HTTP
 .SH EXAMPLE
-TODO
+.nf
+/* This example shows an inline import of a cookie in Netscape format.
+You can set the cookie as HttpOnly to prevent XSS attacks by prepending
+#HttpOnly_ to the hostname. That may be useful if the cookie will later
+be imported by a browser.
+*/
+
+#define SEP  "\\t"  /* Tab separates the fields */
+
+char *my_cookie =
+  "example.com"    /* Hostname */
+  SEP "FALSE"      /* Include subdomains */
+  SEP "/"          /* Path */
+  SEP "FALSE"      /* Secure */
+  SEP "0"          /* Expiry in epoch time format. 0 == Session */
+  SEP "foo"        /* Name */
+  SEP "bar";       /* Value */
+
+/* my_cookie is imported immediately via CURLOPT_COOKIELIST.
+*/
+curl_easy_setopt(curl, CURLOPT_COOKIELIST, my_cookie);
+
+/* The list of cookies in cookies.txt will not be imported until right
+before a transfer is performed. Cookies in the list that have the same
+hostname, path and name as in my_cookie are skipped. That is because
+libcurl has already imported my_cookie and it's considered a "live"
+cookie. A live cookie won't be replaced by one read from a file.
+*/
+curl_easy_setopt(curl, CURLOPT_COOKIEFILE, "cookies.txt");  /* import */
+
+/* Cookies are exported after curl_easy_cleanup is called. The server
+may have added, deleted or modified cookies by then. The cookies that
+were skipped on import are not exported.
+*/
+curl_easy_setopt(curl, CURLOPT_COOKIEJAR, "cookies.txt");  /* export */
+
+res = curl_easy_perform(curl);  /* cookies imported from cookies.txt */
+
+curl_easy_cleanup(curl);  /* cookies exported to cookies.txt */
+.fi
 .SH AVAILABILITY
 ALL was added in 7.14.1

--- a/docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.3
+++ b/docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -37,6 +37,9 @@ Tunneling essentially means that a CONNECT is sent to the proxy, asking it to
 connect to a remote host on a specific port number and then the traffic is
 just passed through the proxy. Proxies tend to whitelist specific port numbers
 it allows CONNECT requests to and often only port 80 and 443 are allowed.
+
+When using this, it only makes sense to use \fICURLOPT_PROXYTYPE(3)\fP set to
+a HTTP proxy.
 .SH DEFAULT
 0
 .SH PROTOCOLS
@@ -48,4 +51,4 @@ Always
 .SH RETURN VALUE
 Returns CURLE_OK
 .SH "SEE ALSO"
-.BR CURLOPT_PROXY "(3), "
+.BR CURLOPT_PROXY "(3), " CURLOPT_PROXYTYPE "(3), " CURLOPT_PROXYPORT "(3), "
--- a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
+++ b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
@@ -50,11 +50,22 @@ if(curl) {
  curl_easy_perform(curl);
 }
 .fi
+.SH PUBLIC KEY EXTRACTION
+If you do not have the server's public key file you can extract it from the
+server's certificate.
+.nf
+openssl x509 -in www.test.com.pem -pubkey -noout > www.test.com.pubkey.pem
+.fi
+The public key is output in PEM format and contains a header, base64 data and a
+footer:
+.nf
+-----BEGIN PUBLIC KEY-----
+[BASE 64 DATA]
+-----END PUBLIC KEY-----
+.fi
 .SH AVAILABILITY
-If built TLS enabled. This is currently only implemented in the OpenSSL,
-GnuTLS and GSKit backends.
-
-Added in libcurl 7.39.0
+Added in 7.39.0 for OpenSSL, GnuTLS and GSKit. Added in 7.43.0 for
+NSS and wolfSSL/CyaSSL. Other SSL backends not supported.
 .SH RETURN VALUE
 Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
 CURLE_OUT_OF_MEMORY if there was insufficient heap space.
--- a/docs/libcurl/opts/CURLOPT_PIPEWAIT.3
+++ b/docs/libcurl/opts/CURLOPT_PIPEWAIT.3
@@ -0,0 +1,63 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PIPEWAIT 3 "12 May 2015" "libcurl 7.43.0" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PIPEWAIT \- wait for pipelining/multiplexing
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PIPEWAIT, long wait);
+.SH DESCRIPTION
+Set \fIwait\fP to 1L to tell libcurl to prefer to wait for a connection to
+confirm or deny that it can do pipelining or multiplexing before continuing.
+
+When about to perform a new transfer that allows pipelining or multiplexing,
+libcurl will check for existing connections to re-use and pipeline on. If no
+such connection exists it will immediately continue and create a fresh new
+connection to use.
+
+By setting this option to 1 - and having \fICURLMOPT_PIPELINE\fP enabled for
+the multi handle this transfer is associated with - libcurl will instead wait
+for the connection to reveal if it is possible to pipeline/multiplex on before
+it continues. This enables libcurl to much better keep the number of
+connections to a minimum when using pipelining or multiplexing protocols.
+
+The effect thus becomes that with this option set, libcurl prefers to wait and
+re-use an existing connection for pipelining rather than the opposite: prefer
+to open a new connection rather than waiting.
+
+The waiting time is as long as it takes for the connection to get up and for
+libcurl to get the necessary response back that informs it about its protocol
+and support level.
+.SH DEFAULT
+0 (off)
+.SH PROTOCOLS
+HTTP(S)
+.SH EXAMPLE
+.SH AVAILABILITY
+Added in 7.43.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_FORBID_REUSE "(3), " CURLOPT_FRESH_CONNECT "(3), "
+.BR CURLMOPT_PIPELINING "(3), " CURLMOPT_MAX_HOST_CONNECTIONS "(3), "
--- a/docs/libcurl/opts/CURLOPT_POSTFIELDS.3
+++ b/docs/libcurl/opts/CURLOPT_POSTFIELDS.3
@@ -44,6 +44,9 @@ used by HTML forms. Change Content-Type with \fICURLOPT_HTTPHEADER(3)\fP.

 Using \fICURLOPT_POSTFIELDS(3)\fP implies \fICURLOPT_POST(3)\fP.

+You can use \fIcurl_easy_escape(3)\fP to url-encode your data, if necessary. It
+returns a pointer to an encoded string that can be passed as \fIpostdata\fP.
+
 If you want to do a zero-byte POST, you need to set
 \fICURLOPT_POSTFIELDSIZE(3)\fP explicitly to zero, as simply setting
 \fICURLOPT_POSTFIELDS(3)\fP to NULL or "" just effectively disables the
--- a/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3
@@ -0,0 +1,45 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SERVICE_NAME 3 "17 Jun 2015" "libcurl 7.43.0" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SERVICE_NAME \- proxy service name
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SERVICE_NAME, char *name);
+.SH DESCRIPTION
+Pass a char * as parameter to a string holding the \fIname\fP of the
+service. The default service name is "HTTP". This option allows you to change it.
+..SH DEFAULT
+See above
+.SH PROTOCOLS
+Most
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.43.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY "(3), " CURLOPT_PROXYTYPE "(3), "
--- a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
+++ b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
@@ -0,0 +1,46 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_SERVICE_NAME 3 "17 Jun 2015" "libcurl 7.43.0" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_SERVICE_NAME \- SPNEGO service name
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SERVICE_NAME, char *name);
+.SH DESCRIPTION
+Pass a char * as parameter to a string holding the \fIname\fP of the
+service. The default service name is "HTTP". This option allows you to
+change it.
+..SH DEFAULT
+See above
+.SH PROTOCOLS
+Most
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.43.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY "(3), " CURLOPT_PROXYTYPE "(3), "
--- a/docs/libcurl/opts/CURLOPT_TCP_KEEPALIVE.3
+++ b/docs/libcurl/opts/CURLOPT_TCP_KEEPALIVE.3
@@ -50,7 +50,7 @@ if(curl) {
  curl_easy_setopt(curl, CURLOPT_TCP_KEEPIDLE, 120L);

  /* interval time between keep-alive probes: 60 seconds */
-  curl_easy_setopt(curl, CURLOPT_TCP_KEEPIDLE, 60L);
+  curl_easy_setopt(curl, CURLOPT_TCP_KEEPINTVL, 60L);

  curl_easy_perform(curl);
 }
--- a/docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.3
+++ b/docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.3
@@ -48,7 +48,7 @@ if(curl) {
  curl_easy_setopt(curl, CURLOPT_TCP_KEEPIDLE, 120L);

  /* interval time between keep-alive probes: 60 seconds */
-  curl_easy_setopt(curl, CURLOPT_TCP_KEEPIDLE, 60L);
+  curl_easy_setopt(curl, CURLOPT_TCP_KEEPINTVL, 60L);

  curl_easy_perform(curl);
 }
--- a/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.3
+++ b/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.3
@@ -46,7 +46,7 @@ if(curl) {
  curl_easy_setopt(curl, CURLOPT_TCP_KEEPIDLE, 120L);

  /* interval time between keep-alive probes: 60 seconds */
-  curl_easy_setopt(curl, CURLOPT_TCP_KEEPIDLE, 60L);
+  curl_easy_setopt(curl, CURLOPT_TCP_KEEPINTVL, 60L);

  curl_easy_perform(curl);
 }
--- a/docs/libcurl/opts/Makefile.am
+++ b/docs/libcurl/opts/Makefile.am
@@ -66,9 +66,9 @@ man_MANS = CURLOPT_ACCEPT_ENCODING.3 CURLOPT_ACCEPTTIMEOUT_MS.3		\
 CURLOPT_NEW_DIRECTORY_PERMS.3 CURLOPT_NEW_FILE_PERMS.3			\
 CURLOPT_NOBODY.3 CURLOPT_NOPROGRESS.3 CURLOPT_NOPROXY.3		\
 CURLOPT_NOSIGNAL.3 CURLOPT_OPENSOCKETDATA.3				\
- CURLOPT_OPENSOCKETFUNCTION.3 CURLOPT_PASSWORD.3 			\
- CURLOPT_PINNEDPUBLICKEY.3 CURLOPT_PORT.3				\
- CURLOPT_POST.3 CURLOPT_POSTFIELDS.3 CURLOPT_POSTFIELDSIZE.3		\
+ CURLOPT_OPENSOCKETFUNCTION.3 CURLOPT_PASSWORD.3			\
+ CURLOPT_PINNEDPUBLICKEY.3 CURLOPT_PORT.3 CURLOPT_POST.3		\
+ CURLOPT_POSTFIELDS.3 CURLOPT_POSTFIELDSIZE.3				\
 CURLOPT_POSTFIELDSIZE_LARGE.3 CURLOPT_POSTQUOTE.3 CURLOPT_POSTREDIR.3	\
 CURLOPT_PREQUOTE.3 CURLOPT_PRIVATE.3 CURLOPT_PROGRESSDATA.3		\
 CURLOPT_PROGRESSFUNCTION.3 CURLOPT_PROTOCOLS.3 CURLOPT_PROXY.3		\
@@ -113,7 +113,8 @@ man_MANS = CURLOPT_ACCEPT_ENCODING.3 CURLOPT_ACCEPTTIMEOUT_MS.3		\
 CURLMOPT_PIPELINING_SERVER_BL.3 CURLMOPT_PIPELINING_SITE_BL.3		\
 CURLMOPT_SOCKETDATA.3 CURLMOPT_SOCKETFUNCTION.3 CURLMOPT_TIMERDATA.3	\
 CURLMOPT_TIMERFUNCTION.3 CURLOPT_UNIX_SOCKET_PATH.3			\
- CURLOPT_PATH_AS_IS.3
+ CURLOPT_PATH_AS_IS.3 CURLOPT_PROXY_SERVICE_NAME.3			\
+ CURLOPT_SERVICE_NAME.3 CURLOPT_PIPEWAIT.3

 HTMLPAGES = CURLOPT_ACCEPT_ENCODING.html CURLOPT_ACCEPTTIMEOUT_MS.html	\
 CURLOPT_ADDRESS_SCOPE.html CURLOPT_APPEND.html				\
@@ -169,8 +170,7 @@ HTMLPAGES = CURLOPT_ACCEPT_ENCODING.html CURLOPT_ACCEPTTIMEOUT_MS.html	\
 CURLOPT_NOPROGRESS.html CURLOPT_NOPROXY.html CURLOPT_NOSIGNAL.html	\
 CURLOPT_OPENSOCKETDATA.html CURLOPT_OPENSOCKETFUNCTION.html		\
 CURLOPT_PASSWORD.html CURLOPT_PINNEDPUBLICKEY.html CURLOPT_PORT.html	\
- CURLOPT_POST.html							\
- CURLOPT_POSTFIELDS.html CURLOPT_POSTFIELDSIZE.html			\
+ CURLOPT_POST.html CURLOPT_POSTFIELDS.html CURLOPT_POSTFIELDSIZE.html	\
 CURLOPT_POSTFIELDSIZE_LARGE.html CURLOPT_POSTQUOTE.html		\
 CURLOPT_POSTREDIR.html CURLOPT_PREQUOTE.html CURLOPT_PRIVATE.html	\
 CURLOPT_PROGRESSDATA.html CURLOPT_PROGRESSFUNCTION.html		\
@@ -220,7 +220,9 @@ HTMLPAGES = CURLOPT_ACCEPT_ENCODING.html CURLOPT_ACCEPTTIMEOUT_MS.html	\
 CURLMOPT_PIPELINING_SERVER_BL.html CURLMOPT_PIPELINING_SITE_BL.html	\
 CURLMOPT_SOCKETDATA.html CURLMOPT_SOCKETFUNCTION.html			\
 CURLMOPT_TIMERDATA.html CURLMOPT_TIMERFUNCTION.html			\
- CURLOPT_UNIX_SOCKET_PATH.html CURLOPT_PATH_AS_IS.html
+ CURLOPT_UNIX_SOCKET_PATH.html CURLOPT_PATH_AS_IS.html			\
+ CURLOPT_PROXY_SERVICE_NAME.html CURLOPT_SERVICE_NAME.html		\
+ CURLOPT_PIPEWAIT.html

 PDFPAGES = CURLOPT_ACCEPT_ENCODING.pdf CURLOPT_ACCEPTTIMEOUT_MS.pdf	\
 CURLOPT_ADDRESS_SCOPE.pdf CURLOPT_APPEND.pdf CURLOPT_AUTOREFERER.pdf	\
@@ -272,9 +274,9 @@ PDFPAGES = CURLOPT_ACCEPT_ENCODING.pdf CURLOPT_ACCEPTTIMEOUT_MS.pdf	\
 CURLOPT_NEW_DIRECTORY_PERMS.pdf CURLOPT_NEW_FILE_PERMS.pdf		\
 CURLOPT_NOBODY.pdf CURLOPT_NOPROGRESS.pdf CURLOPT_NOPROXY.pdf		\
 CURLOPT_NOSIGNAL.pdf CURLOPT_OPENSOCKETDATA.pdf			\
- CURLOPT_OPENSOCKETFUNCTION.pdf CURLOPT_PASSWORD.pdf 			\
- CURLOPT_PINNEDPUBLICKEY.pdf CURLOPT_PORT.pdf				\
- CURLOPT_POST.pdf CURLOPT_POSTFIELDS.pdf CURLOPT_POSTFIELDSIZE.pdf	\
+ CURLOPT_OPENSOCKETFUNCTION.pdf CURLOPT_PASSWORD.pdf			\
+ CURLOPT_PINNEDPUBLICKEY.pdf CURLOPT_PORT.pdf CURLOPT_POST.pdf		\
+ CURLOPT_POSTFIELDS.pdf CURLOPT_POSTFIELDSIZE.pdf			\
 CURLOPT_POSTFIELDSIZE_LARGE.pdf CURLOPT_POSTQUOTE.pdf			\
 CURLOPT_POSTREDIR.pdf CURLOPT_PREQUOTE.pdf CURLOPT_PRIVATE.pdf		\
 CURLOPT_PROGRESSDATA.pdf CURLOPT_PROGRESSFUNCTION.pdf			\
@@ -324,7 +326,9 @@ PDFPAGES = CURLOPT_ACCEPT_ENCODING.pdf CURLOPT_ACCEPTTIMEOUT_MS.pdf	\
 CURLMOPT_PIPELINING_SERVER_BL.pdf CURLMOPT_PIPELINING_SITE_BL.pdf	\
 CURLMOPT_SOCKETDATA.pdf CURLMOPT_SOCKETFUNCTION.pdf			\
 CURLMOPT_TIMERDATA.pdf CURLMOPT_TIMERFUNCTION.pdf			\
- CURLOPT_UNIX_SOCKET_PATH.pdf CURLOPT_PATH_AS_IS.pdf
+ CURLOPT_UNIX_SOCKET_PATH.pdf CURLOPT_PATH_AS_IS.pdf			\
+ CURLOPT_PROXY_SERVICE_NAME.pdf CURLOPT_SERVICE_NAME.pdf		\
+ CURLOPT_PIPEWAIT.pdf

 CLEANFILES = $(HTMLPAGES) $(PDFPAGES)

--- a/docs/libcurl/symbols-in-versions
+++ b/docs/libcurl/symbols-in-versions
@@ -433,6 +433,7 @@ CURLOPT_PASSWORD                7.19.1
 CURLOPT_PASV_HOST               7.12.1        7.16.0      7.15.5
 CURLOPT_PATH_AS_IS              7.42.0
 CURLOPT_PINNEDPUBLICKEY         7.39.0
+CURLOPT_PIPEWAIT                7.43.0
 CURLOPT_PORT                    7.1
 CURLOPT_POST                    7.1
 CURLOPT_POST301                 7.17.1        7.19.1
@@ -454,6 +455,7 @@ CURLOPT_PROXYPORT               7.1
 CURLOPT_PROXYTYPE               7.10
 CURLOPT_PROXYUSERNAME           7.19.1
 CURLOPT_PROXYUSERPWD            7.1
+CURLOPT_PROXY_SERVICE_NAME      7.43.0
 CURLOPT_PROXY_TRANSFER_MODE     7.18.0
 CURLOPT_PUT                     7.1
 CURLOPT_QUOTE                   7.1
@@ -477,6 +479,7 @@ CURLOPT_SASL_IR                 7.31.0
 CURLOPT_SEEKDATA                7.18.0
 CURLOPT_SEEKFUNCTION            7.18.0
 CURLOPT_SERVER_RESPONSE_TIMEOUT 7.20.0
+CURLOPT_SERVICE_NAME            7.43.0
 CURLOPT_SHARE                   7.10
 CURLOPT_SOCKOPTDATA             7.16.0
 CURLOPT_SOCKOPTFUNCTION         7.16.0
@@ -556,6 +559,9 @@ CURLPAUSE_RECV                  7.18.0
 CURLPAUSE_RECV_CONT             7.18.0
 CURLPAUSE_SEND                  7.18.0
 CURLPAUSE_SEND_CONT             7.18.0
+CURLPIPE_HTTP1                  7.43.0
+CURLPIPE_MULTIPLEX              7.43.0
+CURLPIPE_NOTHING                7.43.0
 CURLPROTO_ALL                   7.19.4
 CURLPROTO_DICT                  7.19.4
 CURLPROTO_FILE                  7.19.4
@@ -665,6 +671,7 @@ CURL_GLOBAL_WIN32               7.8.1
 CURL_HTTP_VERSION_1_0           7.9.1
 CURL_HTTP_VERSION_1_1           7.9.1
 CURL_HTTP_VERSION_2_0           7.33.0
+CURL_HTTP_VERSION_2             7.43.0
 CURL_HTTP_VERSION_NONE          7.9.1
 CURL_IPRESOLVE_V4               7.10.8
 CURL_IPRESOLVE_V6               7.10.8
--- a/docs/libcurl/symbols.pl
+++ b/docs/libcurl/symbols.pl
@@ -24,7 +24,7 @@
 # Experience has shown that the symbols-in-versions file is very useful to
 # applications that want to build with a wide range of libcurl versions.
 # It is however easy to get it wrong and the source gets a bit messy with all
-# the fixed numerical comparisions.
+# the fixed numerical comparisons.
 #
 # The point of this script is to provide an easy-to-use macro for libcurl-
 # using applications to do preprocessor checks for specific libcurl defines,
--- a/docs/mk-ca-bundle.1
+++ b/docs/mk-ca-bundle.1
@@ -43,7 +43,7 @@ curl, wget and more.
 The following options are supported:
 .IP -b
 backup an existing version of \fIoutputfilename\fP
-.IP -d [name]
+.IP "-d [name]"
 specify which Mozilla tree to pull certdata.txt from (or a custom URL). Valid
 names are: aurora, beta, central, mozilla, nss, release (default). They are
 shortcuts for which source tree to get the cert data from.
@@ -70,7 +70,7 @@ DATA_ENCIPHERMENT, KEY_AGREEMENT, KEY_CERT_SIGN, CRL_SIGN,
 SERVER_AUTH (default), CLIENT_AUTH, CODE_SIGNING, EMAIL_PROTECTION,
 IPSEC_END_SYSTEM, IPSEC_TUNNEL, IPSEC_USER, TIME_STAMPING, STEP_UP_APPROVED
 .RE
-
+.IP
 Valid trust levels are:
 .RS
 ALL, TRUSTED_DELEGATOR (default), NOT_TRUSTED, MUST_VERIFY_TRUST, TRUSTED
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -1632,6 +1632,15 @@ typedef enum {
  /* Do not squash dot-dot sequences */
  CINIT(PATH_AS_IS, LONG, 234),

+  /* Proxy Service Name */
+  CINIT(PROXY_SERVICE_NAME, OBJECTPOINT, 235),
+
+  /* Service Name */
+  CINIT(SERVICE_NAME, OBJECTPOINT, 236),
+
+  /* Wait/don't wait for pipe/mutex to clarify */
+  CINIT(PIPEWAIT, LONG, 237),
+
  CURLOPT_LASTENTRY /* the last unused */
 } CURLoption;

@@ -1686,6 +1695,11 @@ enum {
  CURL_HTTP_VERSION_LAST /* *ILLEGAL* http version */
 };

+/* Convenience definition simple because the name of the version is HTTP/2 and
+   not 2.0. The 2_0 version of the enum name was set while the version was
+   still planned to be 2.0 and we stick to it for compatibility. */
+#define CURL_HTTP_VERSION_2 CURL_HTTP_VERSION_2_0
+
 /*
 * Public API enums for RTSP requests
 */
--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -30,12 +30,12 @@

 /* This is the version number of the libcurl package from which this header
   file origins: */
-#define LIBCURL_VERSION "7.42.0-DEV"
+#define LIBCURL_VERSION "7.43.0-DEV"

 /* The numeric version number is also available "in parts" by using these
   defines: */
 #define LIBCURL_VERSION_MAJOR 7
-#define LIBCURL_VERSION_MINOR 42
+#define LIBCURL_VERSION_MINOR 43
 #define LIBCURL_VERSION_PATCH 0

 /* This is the numeric version of the libcurl version number, meant for easier
@@ -52,8 +52,12 @@
   This 6-digit (24 bits) hexadecimal number does not show pre-release number,
   and it is always a greater number in a more recent release. It makes
   comparisons with greater than and less than work.
+
+   Note: This define is the full hex number and _does not_ use the
+   CURL_VERSION_BITS() macro since curl's own configure script greps for it
+   and needs it to contain the full number.
 */
-#define LIBCURL_VERSION_NUM 0x072A00
+#define LIBCURL_VERSION_NUM 0x072B00

 /*
 * This is the date and time when the full source package was created. The
@@ -66,4 +70,8 @@
 */
 #define LIBCURL_TIMESTAMP "DEV"

+#define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|z)
+#define CURL_AT_LEAST_VERSION(x,y,z) \
+  (LIBCURL_VERSION_NUM >= CURL_VERSION_BITS(x, y, z))
+
 #endif /* __CURL_CURLVER_H */
--- a/include/curl/multi.h
+++ b/include/curl/multi.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -74,6 +74,11 @@ typedef enum {
   curl_multi_perform() and CURLM_CALL_MULTI_PERFORM */
 #define CURLM_CALL_MULTI_SOCKET CURLM_CALL_MULTI_PERFORM

+/* bitmask bits for CURLMOPT_PIPELINING */
+#define CURLPIPE_NOTHING   0L
+#define CURLPIPE_HTTP1     1L
+#define CURLPIPE_MULTIPLEX 2L
+
 typedef enum {
  CURLMSG_NONE, /* first, not used */
  CURLMSG_DONE, /* This easy handle has completed. 'result' contains
--- a/include/curl/typecheck-gcc.h
+++ b/include/curl/typecheck-gcc.h
@@ -270,6 +270,8 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
   (option) == CURLOPT_DNS_LOCAL_IP4 ||                                       \
   (option) == CURLOPT_DNS_LOCAL_IP6 ||                                       \
   (option) == CURLOPT_LOGIN_OPTIONS ||                                       \
+   (option) == CURLOPT_PROXY_SERVICE_NAME ||                                  \
+   (option) == CURLOPT_SERVICE_NAME ||                                        \
   0)

 /* evaluates to true if option takes a curl_write_callback argument */
--- a/527
+++ b/527
@@ -1,527 +0,0 @@
-#!/bin/sh
-# install - install a program, script, or datafile
-
-scriptversion=2011-11-20.07; # UTC
-
-# This originates from X11R5 (mit/util/scripts/install.sh), which was
-# later released in X11R6 (xc/config/util/install.sh) with the
-# following copyright and license.
-#
-# Copyright (C) 1994 X Consortium
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to
-# deal in the Software without restriction, including without limitation the
-# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
-# sell copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
-# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
-# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-#
-# Except as contained in this notice, the name of the X Consortium shall not
-# be used in advertising or otherwise to promote the sale, use or other deal-
-# ings in this Software without prior written authorization from the X Consor-
-# tium.
-#
-#
-# FSF changes to this file are in the public domain.
-#
-# Calling this script install-sh is preferred over install.sh, to prevent
-# 'make' implicit rules from creating a file called install from it
-# when there is no Makefile.
-#
-# This script is compatible with the BSD install script, but was written
-# from scratch.
-
-nl='
-'
-IFS=" ""	$nl"
-
-# set DOITPROG to echo to test this script
-
-# Don't use :- since 4.3BSD and earlier shells don't like it.
-doit=${DOITPROG-}
-if test -z "$doit"; then
-  doit_exec=exec
-else
-  doit_exec=$doit
-fi
-
-# Put in absolute file names if you don't have them in your path;
-# or use environment vars.
-
-chgrpprog=${CHGRPPROG-chgrp}
-chmodprog=${CHMODPROG-chmod}
-chownprog=${CHOWNPROG-chown}
-cmpprog=${CMPPROG-cmp}
-cpprog=${CPPROG-cp}
-mkdirprog=${MKDIRPROG-mkdir}
-mvprog=${MVPROG-mv}
-rmprog=${RMPROG-rm}
-stripprog=${STRIPPROG-strip}
-
-posix_glob='?'
-initialize_posix_glob='
-  test "$posix_glob" != "?" || {
-    if (set -f) 2>/dev/null; then
-      posix_glob=
-    else
-      posix_glob=:
-    fi
-  }
-'
-
-posix_mkdir=
-
-# Desired mode of installed file.
-mode=0755
-
-chgrpcmd=
-chmodcmd=$chmodprog
-chowncmd=
-mvcmd=$mvprog
-rmcmd="$rmprog -f"
-stripcmd=
-
-src=
-dst=
-dir_arg=
-dst_arg=
-
-copy_on_change=false
-no_target_directory=
-
-usage="\
-Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
-   or: $0 [OPTION]... SRCFILES... DIRECTORY
-   or: $0 [OPTION]... -t DIRECTORY SRCFILES...
-   or: $0 [OPTION]... -d DIRECTORIES...
-
-In the 1st form, copy SRCFILE to DSTFILE.
-In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
-In the 4th, create DIRECTORIES.
-
-Options:
-     --help     display this help and exit.
-     --version  display version info and exit.
-
-  -c            (ignored)
-  -C            install only if different (preserve the last data modification time)
-  -d            create directories instead of installing files.
-  -g GROUP      $chgrpprog installed files to GROUP.
-  -m MODE       $chmodprog installed files to MODE.
-  -o USER       $chownprog installed files to USER.
-  -s            $stripprog installed files.
-  -t DIRECTORY  install into DIRECTORY.
-  -T            report an error if DSTFILE is a directory.
-
-Environment variables override the default commands:
-  CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
-  RMPROG STRIPPROG
-"
-
-while test $# -ne 0; do
-  case $1 in
-    -c) ;;
-
-    -C) copy_on_change=true;;
-
-    -d) dir_arg=true;;
-
-    -g) chgrpcmd="$chgrpprog $2"
-	shift;;
-
-    --help) echo "$usage"; exit $?;;
-
-    -m) mode=$2
-	case $mode in
-	  *' '* | *'	'* | *'
-'*	  | *'*'* | *'?'* | *'['*)
-	    echo "$0: invalid mode: $mode" >&2
-	    exit 1;;
-	esac
-	shift;;
-
-    -o) chowncmd="$chownprog $2"
-	shift;;
-
-    -s) stripcmd=$stripprog;;
-
-    -t) dst_arg=$2
-	# Protect names problematic for 'test' and other utilities.
-	case $dst_arg in
-	  -* | [=\(\)!]) dst_arg=./$dst_arg;;
-	esac
-	shift;;
-
-    -T) no_target_directory=true;;
-
-    --version) echo "$0 $scriptversion"; exit $?;;
-
-    --)	shift
-	break;;
-
-    -*)	echo "$0: invalid option: $1" >&2
-	exit 1;;
-
-    *)  break;;
-  esac
-  shift
-done
-
-if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
-  # When -d is used, all remaining arguments are directories to create.
-  # When -t is used, the destination is already specified.
-  # Otherwise, the last argument is the destination.  Remove it from $@.
-  for arg
-  do
-    if test -n "$dst_arg"; then
-      # $@ is not empty: it contains at least $arg.
-      set fnord "$@" "$dst_arg"
-      shift # fnord
-    fi
-    shift # arg
-    dst_arg=$arg
-    # Protect names problematic for 'test' and other utilities.
-    case $dst_arg in
-      -* | [=\(\)!]) dst_arg=./$dst_arg;;
-    esac
-  done
-fi
-
-if test $# -eq 0; then
-  if test -z "$dir_arg"; then
-    echo "$0: no input file specified." >&2
-    exit 1
-  fi
-  # It's OK to call 'install-sh -d' without argument.
-  # This can happen when creating conditional directories.
-  exit 0
-fi
-
-if test -z "$dir_arg"; then
-  do_exit='(exit $ret); exit $ret'
-  trap "ret=129; $do_exit" 1
-  trap "ret=130; $do_exit" 2
-  trap "ret=141; $do_exit" 13
-  trap "ret=143; $do_exit" 15
-
-  # Set umask so as not to create temps with too-generous modes.
-  # However, 'strip' requires both read and write access to temps.
-  case $mode in
-    # Optimize common cases.
-    *644) cp_umask=133;;
-    *755) cp_umask=22;;
-
-    *[0-7])
-      if test -z "$stripcmd"; then
-	u_plus_rw=
-      else
-	u_plus_rw='% 200'
-      fi
-      cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
-    *)
-      if test -z "$stripcmd"; then
-	u_plus_rw=
-      else
-	u_plus_rw=,u+rw
-      fi
-      cp_umask=$mode$u_plus_rw;;
-  esac
-fi
-
-for src
-do
-  # Protect names problematic for 'test' and other utilities.
-  case $src in
-    -* | [=\(\)!]) src=./$src;;
-  esac
-
-  if test -n "$dir_arg"; then
-    dst=$src
-    dstdir=$dst
-    test -d "$dstdir"
-    dstdir_status=$?
-  else
-
-    # Waiting for this to be detected by the "$cpprog $src $dsttmp" command
-    # might cause directories to be created, which would be especially bad
-    # if $src (and thus $dsttmp) contains '*'.
-    if test ! -f "$src" && test ! -d "$src"; then
-      echo "$0: $src does not exist." >&2
-      exit 1
-    fi
-
-    if test -z "$dst_arg"; then
-      echo "$0: no destination specified." >&2
-      exit 1
-    fi
-    dst=$dst_arg
-
-    # If destination is a directory, append the input filename; won't work
-    # if double slashes aren't ignored.
-    if test -d "$dst"; then
-      if test -n "$no_target_directory"; then
-	echo "$0: $dst_arg: Is a directory" >&2
-	exit 1
-      fi
-      dstdir=$dst
-      dst=$dstdir/`basename "$src"`
-      dstdir_status=0
-    else
-      # Prefer dirname, but fall back on a substitute if dirname fails.
-      dstdir=`
-	(dirname "$dst") 2>/dev/null ||
-	expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
-	     X"$dst" : 'X\(//\)[^/]' \| \
-	     X"$dst" : 'X\(//\)$' \| \
-	     X"$dst" : 'X\(/\)' \| . 2>/dev/null ||
-	echo X"$dst" |
-	    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
-		   s//\1/
-		   q
-		 }
-		 /^X\(\/\/\)[^/].*/{
-		   s//\1/
-		   q
-		 }
-		 /^X\(\/\/\)$/{
-		   s//\1/
-		   q
-		 }
-		 /^X\(\/\).*/{
-		   s//\1/
-		   q
-		 }
-		 s/.*/./; q'
-      `
-
-      test -d "$dstdir"
-      dstdir_status=$?
-    fi
-  fi
-
-  obsolete_mkdir_used=false
-
-  if test $dstdir_status != 0; then
-    case $posix_mkdir in
-      '')
-	# Create intermediate dirs using mode 755 as modified by the umask.
-	# This is like FreeBSD 'install' as of 1997-10-28.
-	umask=`umask`
-	case $stripcmd.$umask in
-	  # Optimize common cases.
-	  *[2367][2367]) mkdir_umask=$umask;;
-	  .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
-
-	  *[0-7])
-	    mkdir_umask=`expr $umask + 22 \
-	      - $umask % 100 % 40 + $umask % 20 \
-	      - $umask % 10 % 4 + $umask % 2
-	    `;;
-	  *) mkdir_umask=$umask,go-w;;
-	esac
-
-	# With -d, create the new directory with the user-specified mode.
-	# Otherwise, rely on $mkdir_umask.
-	if test -n "$dir_arg"; then
-	  mkdir_mode=-m$mode
-	else
-	  mkdir_mode=
-	fi
-
-	posix_mkdir=false
-	case $umask in
-	  *[123567][0-7][0-7])
-	    # POSIX mkdir -p sets u+wx bits regardless of umask, which
-	    # is incompatible with FreeBSD 'install' when (umask & 300) != 0.
-	    ;;
-	  *)
-	    tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
-	    trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0
-
-	    if (umask $mkdir_umask &&
-		exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1
-	    then
-	      if test -z "$dir_arg" || {
-		   # Check for POSIX incompatibilities with -m.
-		   # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
-		   # other-writable bit of parent directory when it shouldn't.
-		   # FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
-		   ls_ld_tmpdir=`ls -ld "$tmpdir"`
-		   case $ls_ld_tmpdir in
-		     d????-?r-*) different_mode=700;;
-		     d????-?--*) different_mode=755;;
-		     *) false;;
-		   esac &&
-		   $mkdirprog -m$different_mode -p -- "$tmpdir" && {
-		     ls_ld_tmpdir_1=`ls -ld "$tmpdir"`
-		     test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
-		   }
-		 }
-	      then posix_mkdir=:
-	      fi
-	      rmdir "$tmpdir/d" "$tmpdir"
-	    else
-	      # Remove any dirs left behind by ancient mkdir implementations.
-	      rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null
-	    fi
-	    trap '' 0;;
-	esac;;
-    esac
-
-    if
-      $posix_mkdir && (
-	umask $mkdir_umask &&
-	$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
-      )
-    then :
-    else
-
-      # The umask is ridiculous, or mkdir does not conform to POSIX,
-      # or it failed possibly due to a race condition.  Create the
-      # directory the slow way, step by step, checking for races as we go.
-
-      case $dstdir in
-	/*) prefix='/';;
-	[-=\(\)!]*) prefix='./';;
-	*)  prefix='';;
-      esac
-
-      eval "$initialize_posix_glob"
-
-      oIFS=$IFS
-      IFS=/
-      $posix_glob set -f
-      set fnord $dstdir
-      shift
-      $posix_glob set +f
-      IFS=$oIFS
-
-      prefixes=
-
-      for d
-      do
-	test X"$d" = X && continue
-
-	prefix=$prefix$d
-	if test -d "$prefix"; then
-	  prefixes=
-	else
-	  if $posix_mkdir; then
-	    (umask=$mkdir_umask &&
-	     $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
-	    # Don't fail if two instances are running concurrently.
-	    test -d "$prefix" || exit 1
-	  else
-	    case $prefix in
-	      *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
-	      *) qprefix=$prefix;;
-	    esac
-	    prefixes="$prefixes '$qprefix'"
-	  fi
-	fi
-	prefix=$prefix/
-      done
-
-      if test -n "$prefixes"; then
-	# Don't fail if two instances are running concurrently.
-	(umask $mkdir_umask &&
-	 eval "\$doit_exec \$mkdirprog $prefixes") ||
-	  test -d "$dstdir" || exit 1
-	obsolete_mkdir_used=true
-      fi
-    fi
-  fi
-
-  if test -n "$dir_arg"; then
-    { test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
-    { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
-    { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
-      test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
-  else
-
-    # Make a couple of temp file names in the proper directory.
-    dsttmp=$dstdir/_inst.$$_
-    rmtmp=$dstdir/_rm.$$_
-
-    # Trap to clean up those temp files at exit.
-    trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
-
-    # Copy the file name to the temp name.
-    (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") &&
-
-    # and set any options; do chmod last to preserve setuid bits.
-    #
-    # If any of these fail, we abort the whole thing.  If we want to
-    # ignore errors from any of these, just make sure not to ignore
-    # errors from the above "$doit $cpprog $src $dsttmp" command.
-    #
-    { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
-    { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
-    { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
-    { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
-
-    # If -C, don't bother to copy if it wouldn't change the file.
-    if $copy_on_change &&
-       old=`LC_ALL=C ls -dlL "$dst"	2>/dev/null` &&
-       new=`LC_ALL=C ls -dlL "$dsttmp"	2>/dev/null` &&
-
-       eval "$initialize_posix_glob" &&
-       $posix_glob set -f &&
-       set X $old && old=:$2:$4:$5:$6 &&
-       set X $new && new=:$2:$4:$5:$6 &&
-       $posix_glob set +f &&
-
-       test "$old" = "$new" &&
-       $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
-    then
-      rm -f "$dsttmp"
-    else
-      # Rename the file to the real destination.
-      $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
-
-      # The rename failed, perhaps because mv can't rename something else
-      # to itself, or perhaps because mv is so ancient that it does not
-      # support -f.
-      {
-	# Now remove or move aside any old file at destination location.
-	# We try this two ways since rm can't unlink itself on some
-	# systems and the destination file might be busy for other
-	# reasons.  In this case, the final cleanup might fail but the new
-	# file should still install successfully.
-	{
-	  test ! -f "$dst" ||
-	  $doit $rmcmd -f "$dst" 2>/dev/null ||
-	  { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
-	    { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
-	  } ||
-	  { echo "$0: cannot unlink or rename $dst" >&2
-	    (exit 1); exit 1
-	  }
-	} &&
-
-	# Now rename the file to the real destination.
-	$doit $mvcmd "$dsttmp" "$dst"
-      }
-    fi || exit 1
-
-    trap '' 0
-  fi
-done
-
-# Local variables:
-# eval: (add-hook 'write-file-hooks 'time-stamp)
-# time-stamp-start: "scriptversion="
-# time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-time-zone: "UTC"
-# time-stamp-end: "; # UTC"
-# End:
--- a/lib/Makefile.Watcom
+++ b/lib/Makefile.Watcom
@@ -101,7 +101,7 @@ ZLIB_ROOT = ../../zlib-1.2.8
 !ifdef %libssh2_root
 LIBSSH2_ROOT = $(%libssh2_root)
 !else
-LIBSSH2_ROOT = ../../libssh2-1.4.3
+LIBSSH2_ROOT = ../../libssh2-1.5.0
 !endif

 !ifdef %librtmp_root
@@ -113,7 +113,7 @@ LIBRTMP_ROOT = ../../rtmpdump-2.3
 !ifdef %openssl_root
 OPENSSL_ROOT = $(%openssl_root)
 !else
-OPENSSL_ROOT = ../../openssl-0.9.8zc
+OPENSSL_ROOT = ../../openssl-1.0.2a
 !endif

 !ifdef %ares_root
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -21,10 +21,6 @@
 ###########################################################################
 AUTOMAKE_OPTIONS = foreign nostdinc

-DOCS = README.encoding README.memoryleak README.ares README.curlx	\
- README.hostip README.multi_socket README.httpauth README.pipelining    \
- README.curl_off_t README.pingpong
-
 CMAKE_DIST = CMakeLists.txt curl_config.h.cmake

 EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 config-win32.h	\
@@ -32,7 +28,7 @@ EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 config-win32.h	\
 makefile.dj config-dos.h libcurl.plist libcurl.rc config-amigaos.h	\
 makefile.amiga Makefile.netware nwlib.c nwos.c config-win32ce.h	\
 config-os400.h setup-os400.h config-symbian.h Makefile.Watcom		\
- config-tpf.h $(DOCS) mk-ca-bundle.pl mk-ca-bundle.vbs $(CMAKE_DIST)	\
+ config-tpf.h mk-ca-bundle.pl mk-ca-bundle.vbs $(CMAKE_DIST)	\
 firefox-db2pem.sh config-vxworks.h Makefile.vxworks checksrc.pl	\
 objnames-test08.sh objnames-test10.sh objnames.inc checksrc.whitelist

--- a/lib/Makefile.b32
+++ b/lib/Makefile.b32
@@ -27,7 +27,7 @@ ZLIB_PATH = ..\..\zlib-1.2.8

 # Edit the path below to point to the base of your OpenSSL package.
 !ifndef OPENSSL_PATH
-OPENSSL_PATH = ..\..\openssl-0.9.8zc
+OPENSSL_PATH = ..\..\openssl-1.0.2a
 !endif

 # Set libcurl static lib, dll and import lib
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -44,7 +44,7 @@ LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c   \
  http_negotiate_sspi.c http_proxy.c non-ascii.c asyn-ares.c            \
  asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c                \
  curl_ntlm_core.c curl_ntlm_msgs.c curl_sasl.c curl_multibyte.c        \
-  hostcheck.c bundles.c conncache.c pipeline.c dotdot.c x509asn1.c      \
+  hostcheck.c conncache.c pipeline.c dotdot.c x509asn1.c                \
  http2.c curl_sasl_sspi.c smb.c curl_sasl_gssapi.c curl_endian.c       \
  curl_des.c

@@ -62,7 +62,7 @@ LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \
  rtsp.h curl_threads.h warnless.h curl_hmac.h curl_rtmp.h              \
  curl_gethostname.h gopher.h http_proxy.h non-ascii.h asyn.h           \
  curl_ntlm.h curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h             \
-  curl_ntlm_msgs.h curl_sasl.h curl_multibyte.h hostcheck.h bundles.h   \
+  curl_ntlm_msgs.h curl_sasl.h curl_multibyte.h hostcheck.h             \
  conncache.h curl_setup_once.h multihandle.h setup-vms.h pipeline.h    \
  dotdot.h x509asn1.h http2.h sigpipe.h smb.h curl_endian.h curl_des.h  \
  curl_printf.h
--- a/lib/Makefile.m32
+++ b/lib/Makefile.m32
@@ -1,7 +1,7 @@
 ###########################################################################
 #
 ## Makefile for building libcurl.a with MingW (GCC-3.2 or later)
-## and optionally OpenSSL (0.9.8), libssh2 (1.3), zlib (1.2.5), librtmp (2.3)
+## and optionally OpenSSL (1.0.2a), libssh2 (1.5), zlib (1.2.8), librtmp (2.4)
 ##
 ## Usage:   mingw32-make -f Makefile.m32 CFG=-feature1[-feature2][-feature3][...]
 ## Example: mingw32-make -f Makefile.m32 CFG=-zlib-ssl-sspi-winidn
@@ -18,23 +18,23 @@ ZLIB_PATH = ../../zlib-1.2.8
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8zc
+OPENSSL_PATH = ../../openssl-1.0.2a
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-1.4.3
+LIBSSH2_PATH = ../../libssh2-1.5.0
 endif
 # Edit the path below to point to the base of your librtmp package.
 ifndef LIBRTMP_PATH
-LIBRTMP_PATH = ../../librtmp-2.3
+LIBRTMP_PATH = ../../librtmp-2.4
 endif
 # Edit the path below to point to the base of your libidn package.
 ifndef LIBIDN_PATH
-LIBIDN_PATH = ../../libidn-1.18
+LIBIDN_PATH = ../../libidn-1.30
 endif
 # Edit the path below to point to the base of your MS IDN package.
 # Microsoft Internationalized Domain Names (IDN) Mitigation APIs 1.1
-# http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad6158d7-ddba-416a-9109-07607425a815
+# https://www.microsoft.com/en-us/download/details.aspx?id=734
 ifndef WINIDN_PATH
 WINIDN_PATH = ../../Microsoft IDN Mitigation APIs
 endif
@@ -44,7 +44,7 @@ LDAP_SDK = c:/novell/ndk/cldapsdk/win32
 endif
 # Edit the path below to point to the base of your nghttp2 package.
 ifndef NGHTTP2_PATH
-NGHTTP2_PATH = ../../nghttp2-0.6.7
+NGHTTP2_PATH = ../../nghttp2-1.0.0
 endif

 PROOT = ..
@@ -76,9 +76,11 @@ endif

 ifeq ($(ARCH),w64)
 CFLAGS  += -m64 -D_AMD64_
+LDFLAGS += -m64
 RCFLAGS += -F pe-x86-64
 else
 CFLAGS  += -m32
+LDFLAGS += -m32
 RCFLAGS += -F pe-i386
 endif

--- a/lib/Makefile.netware
+++ b/lib/Makefile.netware
@@ -19,12 +19,12 @@ endif

 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8zc
+OPENSSL_PATH = ../../openssl-1.0.2a
 endif

 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-1.4.3
+LIBSSH2_PATH = ../../libssh2-1.5.0
 endif

 # Edit the path below to point to the base of your axTLS package.
--- a/lib/Makefile.vc6
+++ b/lib/Makefile.vc6
@@ -65,11 +65,11 @@
 !INCLUDE ..\winbuild\Makefile.msvc.names

 !IFNDEF OPENSSL_PATH
-OPENSSL_PATH   = ../../openssl-0.9.8zc
+OPENSSL_PATH   = ../../openssl-1.0.2a
 !ENDIF

 !IFNDEF LIBSSH2_PATH
-LIBSSH2_PATH   = ../../libssh2-1.4.3
+LIBSSH2_PATH   = ../../libssh2-1.5.0
 !ENDIF

 !IFNDEF ZLIB_PATH
@@ -90,7 +90,7 @@ MACHINE  = X86
 # If, for some reason the Windows SDK is installed but not installed
 # in the default location, you can specify WINDOWS_SDK_PATH.
 # It can be downloaded from:
-# http://www.microsoft.com/msdownload/platformsdk/sdkupdate/
+# https://msdn.microsoft.com/windows/bb980924.aspx

 # WINDOWS_SSPI = 1

@@ -528,7 +528,6 @@ X_OBJS= \
 	$(DIROBJ)\asyn-thread.obj \
 	$(DIROBJ)\axtls.obj \
 	$(DIROBJ)\base64.obj \
-	$(DIROBJ)\bundles.obj \
 	$(DIROBJ)\conncache.obj \
 	$(DIROBJ)\connect.obj \
 	$(DIROBJ)\content_encoding.obj \
--- a/lib/README.ares
+++ b/lib/README.ares
@@ -1,69 +0,0 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
-          How To Build libcurl to Use c-ares For Asynch Name Resolves
-          ===========================================================
-
-c-ares:
-  http://c-ares.haxx.se/
-
-NOTE
-  The latest libcurl version requires c-ares 1.6.0 or later.
-
-  Once upon the time libcurl built fine with the "original" ares. That is no
-  longer true. You need to use c-ares.
-
-Build c-ares
-============
-
-1. unpack the c-ares archive
-2. cd c-ares-dir
-3. ./configure
-4. make
-5. make install
-
-Build libcurl to use c-ares in the curl source tree
-===================================================
-
-1. name or symlink the c-ares source directory 'ares' in the curl source
-   directory
-2. ./configure --enable-ares
-
-  Optionally, you can point out the c-ares install tree root with the the
-  --enable-ares option.
-
-3. make
-
-Build libcurl to use an installed c-ares
-========================================
-
-1. ./configure --enable-ares=/path/to/ares/install
-2. make
-
-c-ares on win32
-===============
-(description brought by Dominick Meglio)
-
-First I compiled c-ares. I changed the default C runtime library to be the
-single-threaded rather than the multi-threaded (this seems to be required to
-prevent linking errors later on). Then I simply build the areslib project (the
-other projects adig/ahost seem to fail under MSVC).
-
-Next was libcurl. I opened lib/config-win32.h and I added a:
- #define USE_ARES 1
-
-Next thing I did was I added the path for the ares includes to the include
-path, and the libares.lib to the libraries.
-
-Lastly, I also changed libcurl to be single-threaded rather than
-multi-threaded, again this was to prevent some duplicate symbol errors. I'm
-not sure why I needed to change everything to single-threaded, but when I
-didn't I got redefinition errors for several CRT functions (malloc, stricmp,
-etc.)
-
-I would have modified the MSVC++ project files, but I only have VC.NET and it
-uses a different format than VC6.0 so I didn't want to go and change
-everything and remove VC6.0 support from libcurl.
--- a/lib/README.curl_off_t
+++ b/lib/README.curl_off_t
@@ -1,68 +0,0 @@
-
-   curl_off_t explained
-   ====================
-
-curl_off_t is a data type provided by the external libcurl include headers. It
-is the type meant to be used for the curl_easy_setopt() options that end with
-LARGE. The type is 64bit large on most modern platforms.
-
-Transition from < 7.19.0 to >= 7.19.0
-------------------------------------
-
-Applications that used libcurl before 7.19.0 that are rebuilt with a libcurl
-that is 7.19.0 or later may or may not have to worry about anything of
-this. We have made a significant effort to make the transition really seamless
-and transparent.
-
-You have have to take notice if you are in one of the following situations:
-
-o Your app is using or will after the transition use a libcurl that is built
-  with LFS (large file support) disabled even though your system otherwise
-  supports it.
-
-o Your app is using or will after the transition use a libcurl that doesn't
-  support LFS at all, but your system and compiler support 64bit data types.
-
-In both these cases, the curl_off_t type will now (after the transition) be
-64bit where it previously was 32bit. This will cause a binary incompatibility
-that you MAY need to deal with.
-
-Benefits
--------
-
-This new way has several benefits:
-
-o Platforms without LFS support can still use libcurl to do >32 bit file
-  transfers and range operations etc as long as they have >32 bit data-types
-  supported.
-
-o Applications will no longer easily build with the curl_off_t size
-  mismatched, which has been a very frequent (and annoying) problem with
-  libcurl <= 7.18.2
-
-Historically
------------
-
-Previously, before 7.19.0, the curl_off_t type would be rather strongly
-connected to the size of the system off_t type, where currently curl_off_t is
-independent of that.
-
-The strong connection to off_t made it troublesome for application authors
-since when they did mistakes, they could get curl_off_t type of different
-sizes in the app vs libcurl, and that caused strange effects that were hard to
-track and detect by users of libcurl.
-
-SONAME
------
-
-We opted to not bump the soname for the library unconditionally, simply
-because soname bumping is causing a lot of grief and moaning all over the
-community so we try to keep that at minimum. Also, our selected design path
-should be 100% backwards compatible for the vast majority of all libcurl
-users.
-
-Enforce SONAME bump
-------------------
-
-If configure doesn't detect your case where a bump is necessary, re-run it
-with the --enable-soname-bump command line option!
--- a/lib/README.curlx
+++ b/lib/README.curlx
@@ -1,61 +0,0 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
-                     Source Code Functions Apps Might Use
-                     ====================================
-
-The libcurl source code offers a few functions by source only. They are not
-part of the official libcurl API, but the source files might be useful for
-others so apps can optionally compile/build with these sources to gain
-additional functions.
-
-We provide them through a single header file for easy access for apps:
-"curlx.h"
-
- curlx_strtoofft()
-
-   A macro that converts a string containing a number to a curl_off_t number.
-   This might use the curlx_strtoll() function which is provided as source
-   code in strtoofft.c. Note that the function is only provided if no
-   strtoll() (or equivalent) function exist on your platform. If curl_off_t
-   is only a 32 bit number on your platform, this macro uses strtol().
-
- curlx_tvnow()
-
-   returns a struct timeval for the current time.
-
- curlx_tvdiff()
-
-   returns the difference between two timeval structs, in number of
-   milliseconds.
-
- curlx_tvdiff_secs()
-
-   returns the same as curlx_tvdiff but with full usec resolution (as a
-   double)
-
-FUTURE
-======
-
- Several functions will be removed from the public curl_ name space in a
- future libcurl release. They will then only become available as curlx_
- functions instead. To make the transition easier, we already today provide
- these functions with the curlx_ prefix to allow sources to get built properly
- with the new function names. The functions this concerns are:
-
-      curlx_getenv
-      curlx_strequal
-      curlx_strnequal
-      curlx_mvsnprintf
-      curlx_msnprintf
-      curlx_maprintf
-      curlx_mvaprintf
-      curlx_msprintf
-      curlx_mprintf
-      curlx_mfprintf
-      curlx_mvsprintf
-      curlx_mvprintf
-      curlx_mvfprintf
--- a/lib/README.encoding
+++ b/lib/README.encoding
@@ -1,60 +0,0 @@
-
-                    Content Encoding Support for libcurl
-
-* About content encodings:
-
-HTTP/1.1 [RFC 2616] specifies that a client may request that a server encode
-its response. This is usually used to compress a response using one of a set
-of commonly available compression techniques. These schemes are `deflate' (the
-zlib algorithm), `gzip' and `compress' [sec 3.5, RFC 2616]. A client requests
-that the sever perform an encoding by including an Accept-Encoding header in
-the request document. The value of the header should be one of the recognized
-tokens `deflate', ... (there's a way to register new schemes/tokens, see sec
-3.5 of the spec). A server MAY honor the client's encoding request. When a
-response is encoded, the server includes a Content-Encoding header in the
-response. The value of the Content-Encoding header indicates which scheme was
-used to encode the data.
-
-A client may tell a server that it can understand several different encoding
-schemes. In this case the server may choose any one of those and use it to
-encode the response (indicating which one using the Content-Encoding header).
-It's also possible for a client to attach priorities to different schemes so
-that the server knows which it prefers. See sec 14.3 of RFC 2616 for more
-information on the Accept-Encoding header.
-
-* Current support for content encoding:
-
-Support for the 'deflate' and 'gzip' content encoding are supported by
-libcurl. Both regular and chunked transfers should work fine.  The library
-zlib is required for this feature. 'deflate' support was added by James
-Gallagher, and support for the 'gzip' encoding was added by Dan Fandrich.
-
-* The libcurl interface:
-
-To cause libcurl to request a content encoding use:
-
-    curl_easy_setopt(curl, CURLOPT_ACCEPT_ENCODING, <string>)
-
-where <string> is the intended value of the Accept-Encoding header.
-
-Currently, libcurl only understands how to process responses that use the
-"deflate" or "gzip" Content-Encoding, so the only values for
-CURLOPT_ACCEPT_ENCODING that will work (besides "identity," which does
-nothing) are "deflate" and "gzip" If a response is encoded using the
-"compress" or methods, libcurl will return an error indicating that the
-response could not be decoded.  If <string> is NULL no Accept-Encoding header
-is generated.  If <string> is a zero-length string, then an Accept-Encoding
-header containing all supported encodings will be generated.
-
-The CURLOPT_ACCEPT_ENCODING must be set to any non-NULL value for content to
-be automatically decoded.  If it is not set and the server still sends encoded
-content (despite not having been asked), the data is returned in its raw form
-and the Content-Encoding type is not checked.
-
-* The curl interface:
-
-Use the --compressed option with curl to cause it to ask servers to compress
-responses using any format supported by curl.
-
-James Gallagher <jgallagher@gso.uri.edu>
-Dan Fandrich <dan@coneharvesters.com>
--- a/lib/README.hostip
+++ b/lib/README.hostip
@@ -1,35 +0,0 @@
- hostip.c explained
- ==================
-
- The main COMPILE-TIME DEFINES to keep in mind when reading the host*.c
- source file are these:
-
- CURLRES_IPV6 - this host has getaddrinfo() and family, and thus we use
- that. The host may not be able to resolve IPv6, but we don't really have to
- take that into account. Hosts that aren't IPv6-enabled have CURLRES_IPV4
- defined.
-
- CURLRES_ARES - is defined if libcurl is built to use c-ares for asynchronous
- name resolves. This can be Windows or *nix.
-
- CURLRES_THREADED - is defined if libcurl is built to use threading for
- asynchronous name resolves. The name resolve will be done in a new thread,
- and the supported asynch API will be the same as for ares-builds. This is
- the default under (native) Windows.
-
- If any of the two previous are defined, CURLRES_ASYNCH is defined too. If
- libcurl is not built to use an asynchronous resolver, CURLRES_SYNCH is
- defined.
-
- The host*.c sources files are split up like this:
-
- hostip.c      - method-independent resolver functions and utility functions
- hostasyn.c    - functions for asynchronous name resolves
- hostsyn.c     - functions for synchronous name resolves
- asyn-ares.c   - functions for asynchronous name resolves using c-ares
- asyn-thread.c - functions for asynchronous name resolves using threads
- hostip4.c     - IPv4 specific functions
- hostip6.c     - IPv6 specific functions
-
- The hostip.h is the single united header file for all this. It defines the
- CURLRES_* defines based on the config*.h and curl_setup.h defines.
--- a/lib/README.http2
+++ b/lib/README.http2
@@ -1,87 +0,0 @@
-HTTP2 with libcurl
-
- Spec: http://tools.ietf.org/html/draft-ietf-httpbis-http2
-
- Document explaining it: http://daniel.haxx.se/http2/
-
- Build prerequisites
-  - nghttp2
-  - OpenSSL, NSS, GnutTLS or PolarSSL with a new enough version
-
- nghttp2 (https://github.com/tatsuhiro-t/nghttp2)
-
-  libcurl uses this 3rd party library for the low level protocol handling
-  parts. The reason for this is that HTTP/2 is much more complex at that layer
-  than HTTP/1.1 (which we implement on our own) and that nghttp2 is an already
-  existing and well functional library.
-
-  Right now, nghttp2 implements http2 draft-14
-
-  We require at least version 0.6.0
-
- Over an http:// URL
-
-  If CURLOPT_HTTP_VERSION is set to CURL_HTTP_VERSION_2_0, libcurl will
-  include an upgrade header in the initial request to the host to allow
-  upgrading to http2.
-
-  Possibly we can later introduce an option that will cause libcurl to fail if
-  not possible to upgrade. Possibly we introduce an option that makes libcurl
-  use http2 at once over http://
-
- Over an https:// URL
-
-  If CURLOPT_HTTP_VERSION is set to CURL_HTTP_VERSION_2_0, libcurl will use
-  ALPN (or NPN) to negotiate which protocol to continue with. Possibly
-  introduce an option that will cause libcurl to fail if not possible to use
-  http2.  Consider options to explicitly disable ALPN and/or NPN.
-
-  ALPN is the TLS extension that http2 is expected to use. The NPN extension
-  is for a similar purpose, was made prior to ALPN and is used for SPDY so
-  early http2 servers are implemented using NPN before ALPN support is
-  widespread.
-
-SSL libs
-
-  The challenge is the ALPN and NPN support and all our different SSL
-  backends. You may need a fairly updated SSL library version for it to
-  provide the necessary TLS features. Right now we support:
-
-    OpenSSL:  ALPN and NPN
-    NSS:      ALPN and NPN
-    GnuTLS:   ALPN
-    PolarSSL: ALPN
-
-HTTP Alternative Services
-
-  Alt-Svc is a suggested extension with a corresponding frame (ALTSVC) in
-  http2 that tells the client about an alternative "route" to the same content
-  for the same origin server that you get the response from. A browser or
-  long-living client can use that hint to create a new connection
-  asynchronously.  For libcurl, we may introduce a way to bring such clues to
-  the applicaton and/or let a subsequent request use the alternate route
-  automatically. Spec:
-  http://tools.ietf.org/html/draft-ietf-httpbis-alt-svc-05
-
-Applications
-
-  We hide http2's binary nature and convert received http2 traffic to headers
-  in HTTP 1.1 style. This allows applications to work unmodified.
-
-curl tool
-
-  curl offers the --http2 command line option to enable use of http2
-
-TODO:
-
-  - Implement multiplexing
-
-  - How to tell libcurl when using the multi interface that all or some of the
-    handles are allowed to re-use the same physical connection. Can we just
-    re-use existing pipelining logic?
-
-  - Provide API to set priorities / dependencies of individual streams
-
-  - Implement "prior-knowledge" HTTP/2 connecitons over clear text so that
-    curl can connect with HTTP/2 at once without 1.1+Upgrade.
-
--- a/Show More
+++ b/Show More