~ubuntu-branches/ubuntu/saucy/curl/saucy-201307251546

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

                                  Changelog

Version 7.25.0 (22 Mar 2012)

Daniel Stenberg (22 Mar 2012)
- RELEASE-NOTES: synced with b8b2cf612b2

Yang Tse (22 Mar 2012)
- tests #1400 #1401: add missing keywords

- http_proxy.h: fix builds with proxy or http disabled

- parsedate.c: fix a numeric overflow

Daniel Stenberg (22 Mar 2012)
- [Andrei Cipu brought this change]

  cookies: strip the numerical ipv6 host properly
  
  The commit e650dbde86d4 that stripped off [brackets] from ipv6-only host
  headers for the sake of cookie parsing wrongly incremented the host
  pointer which would cause a bad free() call later on.

Yang Tse (22 Mar 2012)
- test #598: add to Makefile.am

- test #598: OOM handling fixes

- fix several compiler warnings

Daniel Stenberg (22 Mar 2012)
- CONNECT: fix multi interface regression
  
  The refactoring of HTTP CONNECT handling in commit 41b0237834232 that
  made it protocol independent broke it for the multi interface. This fix
  now introduce a better state handling and moved some logic to the
  http_proxy.c source file.
  
  Reported by: Yang Tse
  Bug: http://curl.haxx.se/mail/lib-2012-03/0162.html

- SWS: refuse to serve CONNECT unless running as proxy

Yang Tse (21 Mar 2012)
- curl-functions.m4: update detection logic of getaddrinfo() thread-safeness
  
  Take in account that POSIX standard Issue 7 drops h_errno support. Now, we also
  consider getaddrinfo() to be thread-safe when (_POSIX_C_SOURCE >= 200809L) or
  (_XOPEN_SOURCE >= 700) independently of whether h_errno exists or not.

- fix several compiler warnings

- tests 140X: fix --libcurl generated source file reading mode for MSYS builds

- tool_easysrc.c: fix --libcurl option output file text translation mode
  
  Use fopen() with "w" mode instead of "wt" to fix cygwin builds.

- build: remove tool_cb_skt.[ch] references

Daniel Stenberg (18 Mar 2012)
- RELEASE-NOTES: synced with ad77420ac761b
  
  3 more bugs, 1 more contributor

- lwip: basic checks and macros for compatiblity

Yang Tse (17 Mar 2012)
- tool_setopt.c: more OOM handling fixes

Daniel Stenberg (16 Mar 2012)
- cmake: list_spaces_append_once fails with spaces in filename
  
  Windows standard libraries are located in C:/Program Files/Microsoft
  SDKs/[...]. They are already included in the default MSVC
  LIBPATH. Hence, find_library(WSOCK32_LIBRARY wsock32) and
  find_library(WS2_32_LIBRARY ws2_32) are not needed. They return the full
  path to the libraries including spaces. Of course,
  list_spaces_append_once will mangle the result and the build fails.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3494968

Yang Tse (16 Mar 2012)
- http_proxy.c: fix OOM handling

- tool_setopt.c: fix OOM handling

- fix several compiler warnings

- fix some compiler warnings

Daniel Stenberg (13 Mar 2012)
- [Maxim Prohorov brought this change]

  resolve with c-ares: don't resolve IPv6 when not working
  
  If the Curl_ipv6works() function says no, there is no reason to try AAAA
  names even if libcurl was built with IPv6 support enabled.
  
  Bug: http://curl.haxx.se/mail/lib-2012-03/0045.html

unknown (10 Mar 2012)
- [Steve Holme brought this change]

  smtp.c: Changed the curl error code for EHLO and HELO responses
  
  Changed the returned curl error codes for EHLO and HELO responses from
  CURLE_LOGIN_DENIED to CURLE_REMOTE_ACCESS_DENIED as a negative response
  from these commands represents no service as opposed to a login error.

Daniel Stenberg (10 Mar 2012)
- RELEASE-NOTES: synced with e650dbde86
  
  New: 12 bugs, 3 changes, 6 contributors and updated counters at the top

- [Andrei Cipu brought this change]

  Curl_http: strip off [brackets] from ipv6-only host headers
  
  Since the host name is passed in to the cookie engine it will not work
  correctly if the brackets are left in the name.
  
  Bug:http://curl.haxx.se/mail/lib-2012-03/0036.html

- [Armel Asselin brought this change]

  CURLSSH_OPT_AUTH: documented it has no effect

- [John Joseph Bachir brought this change]

  mk-ca-bundle.pl: use LWP::UserAgent with proper https verify behavior.
  
  An alternative would be:
  
  1. specify HTTPS_CA_DIR and/or HTTPS_CA_FILE
  2. ensure that Net::SSL is being used, and IO::Socket::SSL is NOT being
     used
  
  This question and answer explain:
  http://stackoverflow.com/questions/74358/

- [John Joseph Bachir brought this change]

  access the CA source file using HTTPS

- includes: remove inclusion of unused file http_proxy.h

- CONNECT: made generically not per-protocol
  
  Curl_protocol_connect() now does the tunneling through the HTTP proxy if
  requested instead of letting each protocol specific connection function
  do it.

- ssh_connect: tunnel through HTTP proxy if requested

- LWIP: don't consider HAVE_ERRNO_H to be winsock
  
  The check for Winsock definition was a bit too broad
  
  Bug: http://curl.haxx.se/mail/lib-2012-03/0046.html

- [Dave Reisner brought this change]

  curl-config: only provide libraries with --libs
  
  In line with the manpage, curl-config --libs should only provide the necessary
  library flags for the linker in order to compile software with libcurl. Also
  with this change, we match what the pkg-config file provides.

- CONTRIB: Please don't send pull requests

- libcurl docs: version corrections
  
  Correct some inconsistencies in which version some things were added.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3494091
  Reported by: "curlybugs"

- CONNECT: fix ipv6 address in the Request-Line
  
  Commit 466150bc64d fixed the Host: header with CONNECT, but I then
  forgot the preceeding request-line. Now this too uses [brackets]
  properly if a ipv6 numerical address was given.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3493129
  Reported by: "Blacat"

- [Steve Holme brought this change]

  SMTP: Added support for returning SMTP response codes
  
  Set the conn->data->info.httpcode variable in smtp_statemach_act() to
  allow Curl_getinfo() to return the SMTP response code via the
  CURLINFO_RESPONSE_CODE action.

- curl.1: updated --libcurl
  
  With Colin Hogben's recent work, --libcurl now also works with -F and
  more. Remove the previous caveat.

- test: --libcurl fixes
  
  The line endings broke when I saved the three recent patches (my fault,
  not Colin's) to 'git am' them.
  
  Adjusted the stripping of the test program for comparing to also exclude
  the SSH key file name as that will differ and use a local path name.

- [Colin Hogben brought this change]

  Add helper script convsrctest.pl to manipulate --libcurl tests.
  
  The intention is to take the output of curl's --libcurl option,
  as exercised in test 14xx, and generate a corresponding test15xx
  in which the generated code is compiled and run.  This will verify
  that the generated code behaves equivalently to the original
  invocation of the curl command.
  
  The script is not yet integrated into the configure / makefile
  machinery.

- [Colin Hogben brought this change]

  Add tests for curl's --libcurl output.
  
  These tests check the output of the --libcurl option of curl,
  including the improved option handling added in a related patch.

- [Colin Hogben brought this change]

  Generate lists and use symbols in --libcurl code output.
  
  This patch improves the output of curl's --libcurl option by
  generating code which builds curl_httppost and curl_slist lists, and
  uses symbolic names for enum and flag values.  Variants of the
  my_setopt macro in tool_setopt.h are added in order to pass extra type
  information to the code-generation step in tool_setopt.c.
  
  If curl is configured with --disable-libcurl-option then the macros
  call curl_easy_setopt directly.

- [Steve Holme brought this change]

  smtp.c: Fixed an issue with writing postdata
  
  Fixed a problem in smtp_done() when writing out the postdata as
  Curl_write() would periodically return zero bytes written.

- CURLOPT_MAIL_AUTH: added in 7.25.0
  
  Brought in commit 0cf0ab6f300

- pop3 test server: send terminating ".CRLF" only
  
  With commit 035ef06bda7 applied, the test pop3 server needs to send
  ".\r\n" as the body terminating sequence and there needs to be a final
  CRLF in the actual body in the test data file.

- [Steve Holme brought this change]

  pop3.c: Fixed drop of final CRLF in EOB checking
  
  Curl_pop3_write() would drop the final CRLF of a message as it was
  considered part of the EOB as opposed to part of the message. Whilst
  the EOB sequence needs to be searched for by the function only the
  final 3 characters should be removed as per RFC-1939 section 3.
  
  Reported by: Rich Gray
  Bug: http://curl.haxx.se/mail/lib-2012-02/0051.html

- [Steve Holme brought this change]

  smtp.c: Fixed an issue with the EOB checking
  
  Curl_smtp_escape_eob() would leave off final CRLFs from emails ending
  in multiple blank lines additionally leaving the smtpc->eob variable
  with the character count in, which would cause problems for additional
  emails when sent through multiple calls to curl_easy_perform() after a
  CURLOPT_CONNECT_ONLY.

- CURLE_FTP_PRET_FAILED: listed twice
  
  Make sure it is mentioned once and with the correct description

- --mail-auth documented

- [Steve Holme brought this change]

  SMTP: Code policing and tidy up

- [Steve Holme brought this change]

  curl: Added support for --mail-auth
  
  Added an extra command-line argument to support the optional AUTH
  parameter in SMTPs MAIL FROM command.

Kamil Dudka (16 Feb 2012)
- docs: mention that NTLM works with NSS, too

Daniel Stenberg (15 Feb 2012)
- [Steve Holme brought this change]

  DOCS: Added information for CURLOPT_MAIL_AUTH.
  
  Added information relating to the new CURLOPT_MAIL_AUTH parameter and
  reworked CURLOPT_MAIL_FROM and CURLOPT_MAIL_RCPT to be a clearer.
  
  Fixed inconsistencies of "vocalisation of the abbreviation" versus
  "vocalisation of the first word" for all abbreviations.
  
  Corrected a typo in CURLOPT_NOPROXY.

- [Steve Holme brought this change]

  smtp.c: Fixed use of angled brackets in AUTH parameter.
  
  Fixed the use of angled brackets "<>" in the optional AUTH parameter as
  per RFC-2554 section 5. The address should not include them but an
  empty address should be replaced by them.

- [Steve Holme brought this change]

  smtp_mail: Added support to MAIL FROM for the optional AUTH parameter
  
  Added a new CURLOPT_MAIL_AUTH option that allows the calling program to
  set the optional AUTH parameter in the MAIL FROM command.
  
  When this option is specified and an authentication mechanism is used
  to communicate with the mail server then the AUTH parameter will be
  included in the MAIL FROM command. This is particularly useful when the
  calling program is acting as a relay in a trusted environment and
  performing server to server communication, as it allows the relaying
  server to specify the address of the mailbox that was used to
  authenticate and send the original email.

- [toddouska brought this change]

  cyassl: update to CyaSSL 2.0.x API
  
  Modify configure.ac to test for new CyaSSL Init function and remove
  default install path to system.  Change to CyaSSL OpenSSL header and
  proper Init in code as well.
  
  Note that this no longer detects or works with CyaSSL before v2

- LIBCURL_VERSION_NUM: 0x071900
  
  I accidentally left the lowest bits 01 before

- [Steve Holme brought this change]

  SMTP: Fixed error when using CURLOPT_CONNECT_ONLY
  
  Fixed incorrect behavior in smtp_done() which would cause the end of
  block data to be sent to the SMTP server if libcurl was operating in
  connect only mode. This would cause the server to return an error as
  data would not be expected which in turn caused libcurl to return
  CURLE_RECV_ERROR.

- s/7.24.1/7.25.0
  
  We will go straight to 7.25.0 due to the new additions

- curlver.h: bumped to 7.25.0
  
  and updated the end year in the generic copyright string

- RELEASE-NOTES: synced with 2b26eb985
  
  9 bug fixes, 4 changes and numerous contributors
  
  Bumped release version and option counters

- [Colin Hogben brought this change]

  configure: add option disable --libcurl output

- [Alessandro Ghedini brought this change]

  curl tool: allow negative numbers as option values
  
  Fix the str2num() function to not check if the input string starts with a
  digit, since strtol() supports numbers prepended with '-' (and '+') too.
  This makes the --max-redirs option work as documented.

- parse_proxy: simply memory handling
  
  ... by making sure that the string is always freed after the invoke as
  parse_proxy will always copy the data and this way there's a single
  free() instead of multiple ones.

- parse_proxy: bail out on zero-length proxy names!
  
  The proxy parser function strips off trailing slashes off the proxy name
  which could lead to a mistaken zero length proxy name which would be
  treated as no proxy at all by subsequent functions!
  
  This is now detected and an error is returned. Verified by the new test
  1329.
  
  Reported by: Chandrakant Bagul
  Bug: http://curl.haxx.se/mail/lib-2012-02/0000.html

Kamil Dudka (9 Feb 2012)
- nss: add support for the CURLSSLOPT_ALLOW_BEAST option
  
  ... and fix some typos from the 62d15f1 commit.

Daniel Stenberg (9 Feb 2012)
- [Rob Ward brought this change]

  configure: don't modify LD_LIBRARY_PATH for cross compiles

- --ssl-allow-beast added
  
  This new option tells curl to not work around a security flaw in the
  SSL3 and TLS1.0 protocols. It uses the new libcurl option
  CURLOPT_SSL_OPTIONS with the CURLSSLOPT_ALLOW_BEAST bit set.

- CURLOPT_SSL_OPTIONS: added
  
  Allow an appliction to set libcurl specific SSL options. The first and
  only options supported right now is CURLSSLOPT_ALLOW_BEAST.
  
  It will make libcurl to disable any work-arounds the underlying SSL
  library may have to address a known security flaw in the SSL3 and TLS1.0
  protocol versions.
  
  This is a reaction to us unconditionally removing that behavior after
  this security advisory:
  
  http://curl.haxx.se/docs/adv_20120124B.html
  
  ... it did however cause a lot of programs to fail because of old
  servers not liking this work-around. Now programs can opt to decrease
  the security in order to interoperate with old servers better.

- [Dave Reisner brought this change]

  curl: use new library-side TCP_KEEPALIVE options
  
  Use the new library CURLOPT_TCP_KEEPALIVE rather than disabling this via
  the sockopt callback. If --keepalive-time is used, apply the value to
  CURLOPT_TCP_KEEPIDLE and CURLOPT_TCP_KEEPINTVL.

- [Dave Reisner brought this change]

  add library support for tuning TCP_KEEPALIVE
  
  This adds three new options to control the behavior of TCP keepalives:
  
  - CURLOPT_TCP_KEEPALIVE: enable/disable probes
  - CURLOPT_TCP_KEEPIDLE: idle time before sending first probe
  - CURLOPT_TCP_KEEPINTVL: delay between successive probes
  
  While not all operating systems support the TCP_KEEPIDLE and
  TCP_KEEPINTVL knobs, the library will still allow these options to be
  set by clients, silently ignoring the values.

- curl_easy_reset: reset the referer string
  
  When CURLOPT_REFERER has been used, curl_easy_reset() did not properly
  clear it.
  
  Verified with the new test 598
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3481551
  Reported by: Michael Day

Yang Tse (7 Feb 2012)
- curl tool: allow glob-loops to abort again upon critical errors
  
  This prevents clobbering of non recoverable error return codes while
  retaining intended functionality of commit 65103efe

Daniel Stenberg (6 Feb 2012)
- curl tool: don't abort glob-loop due to failures
  
  We want to continue to the next URL to try even on failures returned
  from libcurl. This makes -f with ranges still get subsequent URLs even
  if occasional ones return error. This was a regression as it used to
  work and broke in the 7.23.0 release.
  
  Added test case 1328 to verify the fix.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3481223
  Reported by: Juan Barreto

- CONNECT: send correct Host: with IPv6 numerical address
  
  When the target host was given as a IPv6 numerical address, it was not
  properly put within square brackets for the Host: header in the CONNECT
  request. The "normal" request did fine.
  
  Reported by: "zooloo"
  Bug: http://curl.haxx.se/bug/view.cgi?id=3482093

- [Martin Storsjo brought this change]

  Explicitly link to the nettle/gcrypt libraries
  
  When support for nettle was added in 64f328c787ab, I overlooked
  the fact that AC_CHECK_LIB doesn't add the tested lib to LIBS
  if the check succeeded, if a custom success code block was present.
  (The previous version of the check had an empty block for
  successful checks, adding the lib to LIBS implicitly.)
  
  Therefore, explicitly add either nettle or gcrypt to LIBS, after
  deciding which one to use. Even if they can be linked in
  transitively, it is safer to actually link explicitly to them.
  
  This fixes building with gnutls with linkers that don't allow
  linking transitively, such as for windows.

- [Pierre Ynard brought this change]

  more resilient connection times among IP addresses
  
  When connecting to a domain with multiple IP addresses, allow different,
  decreasing connection timeout values. This should guarantee some
  connections attempts with sufficiently long timeouts, while still
  providing fallback.

- [Pierre Ynard brought this change]

  remove write-only variable

Pierre Joye (26 Jan 2012)
- Merge branch 'master' of github.com:bagder/curl

- - fix IPV6 and IDN options

Yang Tse (25 Jan 2012)
- TODO-RELEASE: added item #308

Daniel Stenberg (25 Jan 2012)
- THANKS: imported contributors from 7.24.0 RELEASE-NOTES

Yang Tse (25 Jan 2012)
- test harness: update stunnel.pem Diffie-Hellman parameters from 512 to 1024 bit

- version: start working on 7.24.1-DEV

Dan Fandrich (24 Jan 2012)
- curl_easy_setopt.3: Fixed SEEKDATA & CLOSESOCKETDATA descriptions

Version 7.24.0 (24 Jan 2012)

Daniel Stenberg (24 Jan 2012)
- RELEASE-NOTES: synced with 70f71bb99f7ed9

Version 7.24.0 (24 Jan 2012)
  

Version 7.24.0 (24 Jan 2012)
  Synced and prepared for 7.24.0 release. Two security problems, one bug fix,

Version 7.24.0 (24 Jan 2012)
  two more contributors.

- gnutls: enforced use of SSLv3
  
  With advice from Nikos Mavrogiannopoulos, changed the priority string to
  add "actual priorities" and favour ARCFOUR. This makes libcurl work
  better when enforcing SSLv3 with GnuTLS. Both in the sense that the
  libmicrohttpd test is now working again but also that it mitigates a
  weakness in the older SSL/TLS protocols.
  
  Bug: http://curl.haxx.se/mail/lib-2012-01/0225.html
  Reported by: Christian Grothoff

- tests: test CRLF in URLs
  
  Related to the security vulnerability: CVE-2012-0036
  
  Bug: http://curl.haxx.se/docs/adv_20120124.html

- URL sanitize: reject URLs containing bad data
  
  Protocols (IMAP, POP3 and SMTP) that use the path part of a URL in a
  decoded manner now use the new Curl_urldecode() function to reject URLs
  with embedded control codes (anything that is or decodes to a byte value
  less than 32).
  
  URLs containing such codes could easily otherwise be used to do harm and
  allow users to do unintended actions with otherwise innocent tools and
  applications. Like for example using a URL like
  pop3://pop3.example.com/1%0d%0aDELE%201 when the app wants a URL to get
  a mail and instead this would delete one.
  
  This flaw is considered a security vulnerability: CVE-2012-0036
  
  Security advisory at: http://curl.haxx.se/docs/adv_20120124.html
  
  Reported by: Dan Fandrich

- OpenSSL: don't disable security work-around
  
  OpenSSL added a work-around for a SSL 3.0/TLS 1.0 CBC vulnerability
  (http://www.openssl.org/~bodo/tls-cbc.txt). In 0.9.6e they added a bit
  to SSL_OP_ALL that _disables_ that work-around despite the fact that
  SSL_OP_ALL is documented to do "rather harmless" workarounds.
  
  The libcurl code uses the SSL_OP_ALL define and thus logically always
  disables the OpenSSL fix.
  
  In order to keep the secure work-around workding, the
  SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS bit must not be set and this change
  makes sure of this.
  
  Reported by: product-security at Apple

- RELEASE-NOTES: synced with 6e2fd2c9ea
  
  3 more bugfixes, 3 more contributors

- CURLOPT_ACCEPTTIMEOUT_MS: spellfix

Dan Fandrich (20 Jan 2012)
- examples: updated README with two new example programs

Daniel Stenberg (20 Jan 2012)
- URL parse: user name with ipv6 numerical address
  
  Using a URL with embedded user name and password didn't work if the host
  was given as a numerical IPv6 string, like ftp://user:password@[::1]/
  
  Reported by: Brandon Wang
  Bug: http://curl.haxx.se/mail/archive-2012-01/0047.html

Yang Tse (20 Jan 2012)
- telnet.c: fix OOM triggered segfault

- testtrace.c: fix compiler warning

- OpenSSL: follow-up for commit a20daf90e3
  
  avoid checking preprocessor definition official value

Pierre Joye (19 Jan 2012)
- - s, use, enable, for options name, avoiding conflicts with the names used in the makefile

Daniel Stenberg (19 Jan 2012)
- curl.1: improve --stderr wording
  
  As is pointed out in this bug report, there can indeed be situation
  where --stderr has a point even when the "real" stderr can be
  redirected. Remove the superfluous and wrong comment.
  
  bug: http://curl.haxx.se/bug/view.cgi?id=3476020

- KNOWN_BUGS: can't receive zero bytes file properly
  
  http://curl.haxx.se/bug/view.cgi?id=3438362

Yang Tse (18 Jan 2012)
- ssl session caching: fix compiler warnings

Daniel Stenberg (18 Jan 2012)
- polarssl: show cipher suite name correctly with 1.1.0
  
  Apparently ssl_get_ciphersuite() is needed to get the name of the used
  cipher suite.

- polarssl: show error code correctly
  
  The value was turned negative when it shouldn't have been

- polarssl: havege_rand is not present in version 1.1.0
  
  ... it is now named havege_random!
  
  Reported by: Robert Schumann
  Bug: http://curl.haxx.se/mail/lib-2012-01/0178.html

- RELEASE-NOTES: synced with 5d70a61b94604
  
  5 more bug fixes, 1 more contributor

- [Colin Hogben brought this change]

  Add two tests for telnet: URLs
  
  Add simple telnet tests which (ab)use the http server.
  The second test checks for an input file handling bug.

- [Colin Hogben brought this change]

  Remove bogus optimisation of telnet upload.
  
  Remove wrongly implemented optimisation of telnet upload, apparently
  intended to allow the library to avoid manually polling for input.

- [Colin Hogben brought this change]

  Use correct file descriptor for telnet upload.
  
  Fix a bug where input was read from stdin even when a different FILE *
  had been configured via CURLOPT_READDATA

Yang Tse (18 Jan 2012)
- OpenLDAP: fix LDAP connection phase memory leak
  
  bug: http://curl.haxx.se/bug/view.cgi?id=3474308

- [Johannes Bauer brought this change]

  OpenSSL: fix PKCS#12 certificate parsing related memory leak
  
  Leak triggered when CURLOPT_SSLCERTTYPE and CURLOPT_SSLKEYTYPE set to P12
  and both CURLOPT_SSLCERT and CURLOPT_SSLKEY point to the same PKCS#12 file.

- OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option is no longer enabled
  
  SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option enabling allowed successfull
  interoperability with web server Netscape Enterprise Server 2.0.1 released
  back in 1996 more than 15 years ago.
  
  Due to CVE-2010-4180, option SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG has
  become ineffective as of OpenSSL 0.9.8q and 1.0.0c. In order to mitigate
  CVE-2010-4180 when using previous OpenSSL versions we no longer enable
  this option regardless of OpenSSL version and SSL_OP_ALL definition.

- tests: enable time tracing on tests 500, 573 and 585

- tests: testtrace.[ch] provides debug callback for libtest usage
  
  Allows tests from the libtest subdir to generate log traces
  similar to those of curl with --tracetime and --trace-ascii
  options but with output going to stderr.

- sws.c: fix proxy mode secondary connection monitoring condition

- add LF termination to infof() trace string

- sws.c: improve proxy mode torture testing support - followup to 18c6c8a5

Daniel Stenberg (16 Jan 2012)
- url2file: new simple example
  
  Just showing how to download the contents of a given URL into a local
  file.
  
  Based on a suggestion and example code by Georg Potthast

- imap.c: a dead simple imap example
  
  Just to show that IMAP is used just like other protocols

Yang Tse (16 Jan 2012)
- sws.c: improve proxy mode torture testing support - followup to c731fc58

- sws.c: improve proxy mode torture testing support - followup to d4bf87dc

- Curl_proxyCONNECT() trace known bug #39

Daniel Stenberg (14 Jan 2012)
- test: verify HTTP response code 308
  
  This newly speced HTTP status code already works as intended in the new
  spec:
  http://greenbytes.de/tech/webdav/draft-reschke-http-status-308-02.html
  
  Test 1325 is added to verify that the method is kept after the redirect

Yang Tse (13 Jan 2012)
- http_negotiate_sspi.c: fix compiler warning

- ssh.c: fix compiler warning

- sws.c: improve proxy mode torture testing support

Daniel Stenberg (12 Jan 2012)
- RELEASE-NOTES: synced with 9f20379fe4
  
  5 bug fixes, 3 more contributors

- hostip: avoid getaddrinfo when c-ares is used
  
  Some functions using getaddrinfo and gethostbyname were still
  mistakingly being used/linked even if c-ares was selected as resolver
  backend.
  
  Reported by: Arthur Murray
  Bug: http://curl.haxx.se/mail/lib-2012-01/0160.html

Yang Tse (9 Jan 2012)
- sws.c: replace sleep() usage with wait_ms()

Daniel Stenberg (9 Jan 2012)
- [gsengun brought this change]

  FTP: CURLE_PARTIAL_FILE should not cause control connection to be closed
  
  Test 161 updated accordingly

Yang Tse (8 Jan 2012)
- sws.c: some compiler warning fixes

- lib/setup.h: portable symbolic names for Winsock shutdown() mode flags

- sws.c: 812fa73057 follow-up

- sws.c: some IPv6 proxy mode peparatory adjustments

Daniel Stenberg (5 Jan 2012)
- curl.h: provide backwards compatible symbols
  
  In commit c834213ad52 we re-used some obsolete error codes, and here are
  two defines that makes sure existing source codes that happen to use any
  of these deprecated ones will still compile.
  
  As usual, define CURL_NO_OLDIES to avoid getting these "precaution
  defines".

- win32-threaded-resolver: stop using a dummy socket
  
  Previously the code would create a dummy socket while resolving just to
  have curl_multi_fdset() return something but the non-win32 version
  doesn't do it this way and the creation and use of a socket that isn't
  made with the common create-socket callback can be confusing to apps
  using the multi_socket API etc.
  
  This change removes the dummy socket and thus will cause
  curl_multi_fdset() to return with maxfd == -1 more often.

- [Peter Sylvester brought this change]

  OpenSSL: remove reference to openssl internal struct
  
  With this change, curl compiles with the new OPENSSL_NO_SSL_INTERN
  cflag. This flag might become the default in some distant future.

Yang Tse (4 Jan 2012)
- test1320 test1321: avoid User-Agent comparison

- httpserver.pl: reorder sws command line options
  
  make 'pidfile' and 'logfile' options appear first on command line in order
  to ensure that processing of other options which write to logfile do this
  to intended file and not the default one.

- sws.c: fix proxy mode segfault

- tool_formparse.c: fix compiler warning: enumerated type mixed with another type

- krb5.c: fix compiler warning: variable set but not used

Daniel Stenberg (4 Jan 2012)
- KNOWN_BUGS: #77 CURLOPT_FORBID_REUSE kills NTLM

- [Steve Holme brought this change]

  Fixed use of CURLUSESSL_TRY for POP3 and IMAP based connections.
  
  Fixed a problem in POP3 and IMAP where a connection would fail when
  CURLUSESSL_TRY was specified for a server that didn't support
  SSL/TLS connections rather than continuing.

- [Steve Holme brought this change]

  Fixed incorrect error code being returned in STARTTLS
  
  The STARTTLS response code in SMTP, POP3 and IMAP would return
  CURLE_LOGIN_DENIED rather than CURLE_USE_SSL_FAILED when SSL/TLS
  was not available on the server.
  
  Reported by: Gokhan Sengun
  Bug: http://curl.haxx.se/mail/lib-2012-01/0018.html

- curl_easy_setopt: refer to the most recent URI RFC

- RELEASE-NOTES: synced with 2f4a487a68
  
  Two bugfixes, two more contributors

- tests: test IMAP, POP3 and SMTP over HTTP proxy tunnel

- test proxy supports CONNECT
  
  There's a new 'http-proxy' server for tests that runs on a separate port
  and lets clients do HTTP CONNECT to other ports on the same host to
  allow us to test HTTP "tunneling" properly.
  
  Test cases now have a <proxy> section in <verify> to check that the
  proxy protocol part matches correctly.
  
  Test case 80, 83, 95, 275, 503 and 1078 have been converted. Test 1316
  was added.

- curl_easy_strerror.3: minor synopsis edit of the look

Yang Tse (2 Jan 2012)
- hostip.c: fix potential write past the end of string buffer

- hostip.c: fix Curl_loadhostpairs() OOM handling

- runtests.pl: on test failure, don't show trace log files of other tests

Daniel Stenberg (1 Jan 2012)
- Curl_input_negotiate: use the correct buffer for input
  
  Unfortunately we have no test cases for this and I have no SSPI build or
  server to verify this with. The change seems simple enough though.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3466497
  Reported by: Patrice Guerin

- runtests: put trace outputs in log/trace[num] for all tests

- just a stupid typo

- SFTP dir: increase buffer size counter
  
  When the buffer gets realloced to hold the file name in the
  SSH_SFTP_READDIR_LINK state, the counter was not bumped accordingly.
  
  Reported by: Armel Asselin
  Patch by: Armel Asselin
  Bug: http://curl.haxx.se/mail/lib-2011-12/0249.html

- RELEASE-NOTES: synced with 81ebdd9e287
  
  6 more bugfixes, 3 more contributors

- create_hostcache_id: use the key lower cased
  
  ... to make sure the DNS cache is properly case insensitive

- changed case: use new host name for subsequent HTTP requests
  
  When a HTTP connection is re-used for a subsequent request without
  proxy, it would always re-use the Host: header of the first request. As
  host names are case insensitive it would make curl send another host
  name case that what the particular request used.
  
  Now it will instead always use the most recent host name to always use
  the desired casing.
  
  Added test case 1318 to verify.
  
  Bug: http://curl.haxx.se/mail/lib-2011-12/0314.html
  Reported by: Alex Vinnik

- CURLOPT_RESOLVE: avoid adding already present host names
  
  The load host names to DNS cache function was moved to hostip.c and it
  now makes sure to not add host names that already are present in the
  cache. It would previously lead to memory leaks when for example using
  the --resolve and multiple URLs on the command line.

Dan Fandrich (31 Dec 2011)
- runtests.pl: Use logmsg more consistently

Daniel Stenberg (30 Dec 2011)
- [Alessandro Ghedini brought this change]

  examples: update README, Makefile.inc and gitignore with pop3s examples

- [Alessandro Ghedini brought this change]

  examples: add a couple of simple pop3s examples
  
  These examples show how to fetch a single message (RETR command) and how to
  list all the messages in a given mailbox (LIST command), with authentication
  via SSL.
  
  They were both based on the https.c example.

Yang Tse (30 Dec 2011)
- removed execute file permission

- removed trailing whitespace

- ftpserver.pl: arbitrary application data splitting among TCP packets [II]
  
  Take in account that 'pingpong' server commands may arrive splitted among
  several sockfilt 'DATA' PDU's.

- ftpserver.pl: arbitrary application data splitting among TCP packets [I]
  
  Initial step in order to allow our pingpong server to better support arbitrary
  application data splitting among TCP packets. This first commit only addresses
  reasembly of data that sockfilter processes reads from soockets and pingpong
  server later reads from sockfilters stdout.

- testcurl.pl: 82c344a3 follow-up

- testcurl.pl: log ACLOCAL_FLAGS

- testcurl.pl: third party m4 warnings filtering adjustment
  
  Make testcurl.pl ignore messages pertaining to third party m4 files we don't
  care nor use on a file basis policy while retaining all other warnings.
  
  This closes temporary commit e71e226f

Kamil Dudka (25 Dec 2011)
- transfer: avoid unnecessary timeout event when waiting for 100-continue
  
  The commit 9dd85bc unintentionally changed the way we compute the time
  spent waiting for 100-continue.  In particular, when using a SSL client
  certificate, the time spent by SSL handshake was included and could
  cause the CURL_TIMEOUT_EXPECT_100 timeout to be mistakenly fired up.
  
  Bug: https://bugzilla.redhat.com/767490
  Reported by: Mamoru Tasaka

Yang Tse (25 Dec 2011)
- transfer.c: move a logging statement placement

- hash.c: fix OOM triggered segfault

Daniel Stenberg (24 Dec 2011)
- ftp_do_more: don't return success until all is done
  
  ftp_do_more() returns after accepting the server connect however it
  needs to fall through and set "*complete" to TRUE before exit from the
  function.
  
  Bug: http://curl.haxx.se/mail/lib-2011-12/0250.html
  Reported by: Gokhan Sengun

- Curl_do_more: fix typo logic
  
  In the recent do_more fix the new logic was mistakenly checking the
  pointer instead of what it points to.
  
  Reported by: Gokhan Sengun
  Bug: http://curl.haxx.se/mail/lib-2011-12/0250.html

- SFTP mkdir: use correct permission
  
  When sending quote command to a SFTP server and 'mkdir' was used, it
  would send fixed permissions and not use the CURLOPT_NEW_DIRECTORY_PERMS
  as it should.
  
  Reported by: Armel
  Patch by: Armel
  Bug: http://curl.haxx.se/mail/lib-2011-12/0249.html

Yang Tse (23 Dec 2011)
- buildconf: minor tweaks commit 430527a1 follow-up

Daniel Stenberg (23 Dec 2011)
- [Colin Hogben brought this change]

  Require a less ancient version of perl
  
  The INTERNALS document suggested that compatibility should be
  maintained with perl version 4, but this was untrue - scripts such as
  chksource.pl and runtests.pl use perl5-isms.

- resolve: don't leak pre-populated dns entries
  
  CURLOPT_RESOLVE populates the DNS cache with entries that are marked as
  eternally in use. Those entries need to be taken care of when the cache
  is killed off.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3463121
  Reported by: "tw84452852"

- new test: verify --resolve
  
  Test 1317 verifies --resolve (leaked memory)
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3463121
  Reported by: "tw84452852"

Yang Tse (23 Dec 2011)
- testcurl.pl: temporary change
  
  Allow autobuilds to run a couple of days without filtering out aclocal
  underquoted definition warnings.

Daniel Stenberg (21 Dec 2011)
- operate: removed a single trailing space

Dan Fandrich (21 Dec 2011)
- --retry: Retry transfers on timeout and DNS errors

Yang Tse (21 Dec 2011)
- buildconf: minor tweaks

- formdata.c: OOM handling fixes

Daniel Stenberg (21 Dec 2011)
- TODO: 1.7 Happy Eyeball dual stack connect

Dan Fandrich (20 Dec 2011)
- runtests.pl: Fixed perl warning when using the -l option

Daniel Stenberg (20 Dec 2011)
- RELEASE-NOTES: added two references

- Curl_socket_check: enlarge poll struct array to 3
  
  This function was introduced in commit 5527417afae0 and as pointed out
  by Gokhan Sengun, the array with poll structs must large enough to hold
  3 sockets since that is what the function can accept. It could be noted
  that he had this fixed in his patch as posted in
  http://curl.haxx.se/mail/lib-2011-12/0179.html
  
  Bug: http://curl.haxx.se/mail/lib-2011-12/0228.html
  Reported by: Gokhan Sengun

- RELEASE-NOTES: synced with 380bade777
  
  5 new bugfixes, 2 new changes and 4 new contributors

- TODO: remove active FTP from section 2.1
  
  It is no longer done blocking in the multi interface

- libcurl docs: add the new FTP accept option + errors

- timeleft_accept: ack global timeout, moved to ftp.c
  
  First off the timeout for accepting a server connect back must of course
  respect a global timeout. Then the timeleft function is only used by ftp
  code so it was moved to ftp.c and made static.

- libcurl-tutorial.3: curl doesn't sent pragma no-cache
  
  It did a long time ago

- libcurl-multi.3: active FTP is no longer blocking!

- FTP: move FTP-specific struct field to ftpc_conn
  
  "wait_data_conn" was added to the connectionbits in commit c834213ad5 for
  handling active FTP connections but as it is purely FTP specific and now
  only ever accessed by ftp.c I moved it into the FTP connection struct.

- non-blocking active FTP: cleanup multi state usage
  
  Backpedaled out the funny double-change of state in the multi state
  machine by adding a new argument to the do_more() function to signal
  completion. This way it can remain in the DO_MORE state properly until
  done. Long term, the entire DO_MORE logic should be moved into the FTP
  code and be hidden from the multi code as the logic is only used for
  FTP.

- [Gokhan Sengun brought this change]

  FTP: perform active connections non-blocking
  
  1- Two new error codes are introduced.
  
  CURLE_FTP_ACCEPT_FAILED to be set whenever ACCEPTing fails because of
  FTP server connected.
  
  CURLE_FTP_ACCEPT_TIMEOUT to be set whenever ACCEPTing timeouts.
  
  Neither of these errors are considered fatal and control connection
  remains OK because it could just be a firewall blocking server to
  connect to the client.
  
  2- One new setopt option was introduced.
  
  CURLOPT_ACCEPTTIMEOUT_MS
  
  It sets the maximum amount of time FTP client is going to wait for a
  server to connect. Internal default accept timeout is 60 seconds.

- sockets: new Curl_socket_check() can wait for 3 sockets
  
  This offers an alternative to the existing Curl_socket_ready() API which
  only checks one socket for read and one for write.

- [Cédric Deltheil brought this change]

  curl.h: add __ANDROID__ macro check
  
  When working with the Android Standalone Toolchain the compiler defines
  this macro:
  
    /path/to/arm-linux-androideabi-gcc -E -dM - < /dev/null \
    | grep -i android
    #define __ANDROID__ 1
  
  We really need to check both ANDROID and __ANDROID__ since I've observed
  that:
  
  * if you use Android.mk file(s) and the 'ndk-build' script (aka vanilla
  way), ANDROID is predefined (see -DANDROID extra C flag),
  
  * if you use the Android Standalone Toolchain, then __ANDROID__ is
  predefined as stated by the compiler

- lib500: verify timers relative each other
  
  As commit ce896875f8 fixed a timer that accidentally had been moved in
  code and then returned a bad timer, the lib500.c code (used in test 500
  and some others) now verifies 5 timers against each other to verify that
  they have the correct relative values. We cannot compare against
  absolute values as the timings will vary a lot.

- Curl_pgrsTime: store now in an auto variable
  
  It makes it easier to introduce debug outputs in this function, and
  everything in the function is using the value anyway so it might even be
  more efficient.

- timer: restore PRETRANSFER timing
  
  Regression introduced in 7.23.0 with commit 9dd85bce. The function in
  which the PRETRANSFER time stamp was recorded was moved in time causing
  it be stored very quickly after the start timestamp. On most systems
  shorter than 1 millisecond and thus it wouldn't even show with -w
  "%{time_pretransfer}" using the command line tool.
  
  Bug: http://curl.haxx.se/mail/archive-2011-12/0022.html
  Reported by: Toni Moreno

- [Bernhard Reutner-Fischer brought this change]

  libcurl.m4: Fix quoting arguments of AC_LANG_PROGRAM
  
  Parameters were underquoted, resulting in
  warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body
  
  Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>

- gitignore: ignore the symbol versioning file

- tutorial: remove CURLM_CALL_MULTI_PERFORM add sharing
  
  The CURLM_CALL_MULTI_PERFORM reference is an old leftover I had to
  remove.
  
  I also added some blurb to the previously blank "sharing" section.

- [Alessandro Ghedini brought this change]

  configure: add symbols versioning option
  
  Allow, at configure time, the production of versioned symbols. The
  symbols will look like "CURL_<FLAVOUR>_<VERSION> <SYMBOL>", where
  <FLAVOUR> represents the SSL flavour (e.g. OPENSSL, GNUTLS, NSS, ...),
  <VERSION> is the major SONAME version and <SYMBOL> is the actual symbol
  name. If no SSL library is enabled the symbols will be just
  "CURL_<VERSION> <SYMBOL>".

- [Sven Wegener brought this change]

  Use Curl_ssl_connect for non-blocking connect fallback
  
  This gets the appconnect time right for ssl backends, which don't
  support non-blocking connects.
  
  Signed-off-by: Sven Wegener <sven.wegener@stealer.net>

- RELEASE-NOTES: synced with af9bc1604c1
  
  One new feature, one bug fix. Introduced references in this file for
  mentioned issues after this discussion:
  http://curl.haxx.se/mail/lib-2011-12/0187.html
  
  The plan is to let the references get moved over to the changes.html
  file at release-time

- curl.1: minor white space cleanup

- [Alessandro Ghedini brought this change]

  docs: improve description of the --capath option
  
  Document the possibility of providing multiple values using the ":"
  separator, and the fact that the default value will be ignored if the
  option is used.

- [Steve Holme brought this change]

  DOCS: Added SMTP information to CURLOPT_INFILESIZE

- Curl_proxyCONNECT: use newlines in debug output

- curl -F: fix multiple file upload with custom type
  
  Test case 1315 was added to verify this functionality. When passing in
  multiple files to a single -F, the parser would get all confused if one
  of the specified files had a custom type= assigned.
  
  Reported by: Colin Hogben

- [Colin Hogben brought this change]

  New test for multiple file upload
  
  test 1315 checks correct behaviour when uploading multiple files.
  Buggy behaviour has been seen where only two attachments are sent.

Yang Tse (15 Dec 2011)
- configure: libtool 1.5 tweaks

Daniel Stenberg (15 Dec 2011)
- [Colin Hogben brought this change]

  Correct substitution var names
  
  Two variable names were wrong in the documentation.

- [Colin Hogben brought this change]

  Correct default upload mimetype in manual
  
  The default content-type for file uploads is application/octet-stream,
  not text/plain as stated in the MANUAL.

- [Alessandro Ghedini brought this change]

  docs: fix typo in curl_easy_setopt manpage

Yang Tse (13 Dec 2011)
- if2ip.[ch]: fix compilation with MinGW
  
  Avoid 'interface' literal that some MinGW versions define as a macro

- connect.c: fix compiler warning 'enumerated type is mixed with another type'

- if2ip.c: fix compiler warning 'unused parameter'

- pop3.c: fix compiler warning variable may be used uninitialized

- if2ip.c: fix compiler warning 'enumerated type is mixed with another type'

Daniel Stenberg (12 Dec 2011)
- [Jason Glasgow brought this change]

  CURLOPT_INTERFACE: avoid resolving interfaces names
  
  Do not try to resolve interfaces names via DNS by recognizing interface
  names in a few ways.  If the interface option argument has a prefix of
  "if!" then treat the argument as only an interface.  Similarly, if the
  interface argument is the name of an interface (even if it does not have
  an IP address assigned), treat it as an interface name.  Finally, if the
  interface argument is prefixed by "host!" treat it as a hostname that
  must be resolved by /etc/hosts or DNS.
  
  These changes allow a client using the multi interfaces to avoid
  blocking on name resolution if the interface loses its IP address or
  disappears.

- RELEASE-NOTES: synced with 1259ccf7474
  
  5 more bugfixes, 5 more contributors

- [Steve Holme brought this change]

  ConnectionExists: Fix reuse for TLS upgraded connections
  
  Fixed the connection reuse detection in ConnectionExists() when
  comparing a new connection that is non-SSL based against that of a SSL
  based connection that has become so by being upgraded via TLS.

- create_conn: don't switch to HTTP protocol if tunneling is enabled
  
  This is a regression since who knows when. When spotting that a HTTP
  proxy is used we must not uncondititionally enable the HTTP protocol
  since if we do tunneling through the proxy we're still using the target
  protocol.
  
  Reported by: Naveen Chandran

- FAQ: add --resolve details to question 3.19

- [Gokhan Sengun brought this change]

  Curl_closesocket: clear sock_accepted on close
  
  As a follow-up from commit d5b5f64bce3a8, clear the sock_accepted status
  when such a socket is closed to avoid a re-used connection to retain the
  state wrongly.
  
  Bug: http://curl.haxx.se/mail/lib-2011-12/0079.html

- static SSL windows builds: add more libs to the link
  
  Starting with some recent OpenSSL versions (1.0.0e was mentioned)
  linking with a static openssl requires a set of more libs to be linked
  on Windows.
  
  Thanks also to Steve Holme and Martin Storsjö for additional feedback.
  
  Bug: http://curl.haxx.se/mail/lib-2011-12/0063.html
  Reported by: Ward Willats

- [Gokhan Sengun brought this change]

  multi interface: fix block when CONNECT_ONLY option is used

Dan Fandrich (6 Dec 2011)
- Added some include files in a couple of example programs
  
  This improves portability of the examples.  This patch was
  submitted to the OpenBSD ports collection by naddy.

Daniel Stenberg (6 Dec 2011)
- MakefileBuild: fix the static build
  
  This is a left-over fix from commit b7e242de0e that Tom Wright
  suggested.
  
  Reported by: Ward Willats

- OpenSSL: check for the SSLv2 function in configure
  
  If no SSLv2 was detected in OpenSSL by configure, then we enforce the
  OPENSSL_NO_SSL2 define as it seems some people report it not being
  defined properly in the OpenSSL headers.

- CURLOPT_CONNECTTIMEOUT: default is 300 seconds
  
  If the option is set to 0, the default timeout will be used - which in
  modern libcurl versions equals 300 seconds (== 5 minutes).
  
  Bug: http://curl.haxx.se/mail/lib-2011-12/0051.html
  Reported by: Vladimir Grishchenko

- [Rob Ward brought this change]

  progress function example: include timed interval
  
  Adds a timer based off of CURLINFO_TOTAL_TIME that is used to perform
  certain actions after a minimum amount of time has passed using the
  progress function. As a consequence the curl handle is now also passed
  into the progress function. Progress example now also includes an
  example of how to retreive the TOTAL_TIME and print it out.

- RELEASE-NOTES: synced with 347f951c390
  
  8 more bugs, 5 more contributors

- SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5
  
  When a 32 digit hex key is given as a hostkey md5 checksum, the code
  would still run it against the knownhost check and not properly
  acknowledge that the md5 should then be the sole guide for.
  
  The verbose output now includes the evaluated MD5 hostkey checksum.
  
  Some related source code comments were also updated.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3451592
  Reported by: Reza Arbab

- Curl_resolver_is_resolved: differentiate between host/proxy errors
  
  As there are different return codes for host vs proxy errors, this function
  now properly returns the code properly depending on what was attempted to get
  resolved.
  
  Bug: http://curl.haxx.se/mail/archive-2011-12/0010.html
  Reported by: Jason Liu

- c-ares: return proxy failure for all proxy types
  
  When making a distinction which return code to return, the code previously
  only regarded HTTP proxies to be proxies and thus return host-related errors
  for failures on other proxy types than HTTP. Now all proxy types will be
  considered proxies...

- FTP: close callback fix
  
  Keep track of which sockets that are the result of accept() calls and
  refuse to call the closesocket callback for those sockets. Test case 596
  now verifies that the open socket callback is called the same number of
  times as the closed socket callback for active FTP connections.
  
  Bug: http://curl.haxx.se/mail/lib-2011-12/0018.html
  Reported by: Gokhan Sengun

- FTP: call opensocket callback properly
  
  When the new socket is created for an active connection, it is now done
  using the open socket callback.
  
  Test case 596 was modified to run fine, although it hides the fact that
  the close callback is still called too many times, as it also gets
  called for closing sockets that were created with accept().

- Curl_socket: internal replacement for socket()
  
  Moved out into a separate function to work as a "generic" socket()
  replacement.

- test: verify the opensocket callback for FTP
  
  test 595: for passive FTP
  test 596: for active FTP

- [Jason Glasgow brought this change]

  CURLOPT_DNS_SERVERS: set name servers if possible (fix)
  
  Ensure that CURLE_OK is returned if setting the name servers is successfull.

- multi interface: only use non-NULL function pointer!
  
  If the socket callback function pointer hasn't been set, we must not
  attempt to use it. Commit adc88ca20 made it more likely to occur.

- [Jason Glasgow brought this change]

  multi: handle timeouts on DNS servers by checking for new sockets
  
  If the first name server is not available, the multi interface does
  not invoke the socket_cb when the DNS request to the first name server
  timesout.  Ensure that the list of sockets are always updated after
  calling Curl_resolver_is_resolved.
  
  This bug can be reproduced if Curl is complied with --enable_ares and
  your code uses the multi socket interfaces and the
  CURLMOPT_SOCKETFUNCTION option.  To test try:
    iptables -I INPUT \
             -s $(sed -n -e '/name/{s/.* //p;q}' /etc/resolv.conf)/32 \
             -j REJECT
  and then run a program which uses the multi-interface.

- test 815: verify POP3 dot-first-on-line unescaping

- [Steve Holme brought this change]

  POP3: fixed escaped dot not being striped out
  
  Changed the eob detection to work across the whole of the buffer so that
  lines that begin with a dot (which the server will have escaped) are
  passed to the client application correctly.

Yang Tse (30 Nov 2011)
- buildconf: follow-up for commit 7e02f7fd

- buildconf: fix libtool 1.5.x warnings triggered with autoconf 2.6x or later
  
  Using libtool 1.5.x (x < 26) with autoconf 2.6x or later generates warnings
  due to some libtool variables not following naming convention for variables
  that will be cached.
  
  This is addressed renaming a couple of variables to make these follow expected
  naming convention.

Daniel Stenberg (30 Nov 2011)
- RELEASE-NOTES: synced with 1038d0aa1
  
  5 bugfixes and 1 new contributor

Yang Tse (29 Nov 2011)
- pop3.c: fix compiler warning

- configure: avoid usage of macro PKG_CHECK_MODULES
  
  libidn option adjusted in order to use pkg-config info when available
  in a similar way as we already do for other libraries.

Daniel Stenberg (29 Nov 2011)
- POP3: detect when LIST returns no mails
  
  By making sure the function can detect an "end of body" sequence
  immediately on the first line, test 811 is now enabled.

- ftpserver: output CRLF in logs
  
  Previously the log function would just filter out all CR and LF
  occurances from the log to make it more readable. This had the downside
  that it made it very hard to see CR LFs when they actually matters.
  
  Now, they're instead converted to "[CR]" and "[LR]" in the log to become
  apparent to readers.

- POP3: fix end of body detection
  
  Curl_pop3_write() now has a state machine that scans for the end of a
  POP3 body so that the CR LF '.' CR LF sequence can come in everything
  from one up to five subsequent packets.
  
  Test case 810 is modified to use SLOWDOWN which makes the server pause
  between each single byte and thus makes the POP3 body get sent to curl
  basically one byte at a time.

- test: added POP3 test with dot-prefixed line
  
  Test 815 is disabled for now since libcurl currently doesn't unescape
  such lines the way it should. See mail:
  
  http://curl.haxx.se/mail/lib-2011-11/0324.html

- configure: fix to make older pkg-config play well
  
  configure.ac:1349: error: possibly undefined macro: PKG_CONFIG_LIBDIR
  
  Obviously this is not a problem with pkg-config 0.26 but older versions
  seem to show this.
  
  Fix suggested by: Kamil Dudka
  Reported by: Guenter
  Bug: http://curl.haxx.se/mail/lib-2011-11/0298.html

- test 1211: FTP test to repeat bug #3429299
  
  "Active FTP hangs if server does not open data connection"
  
  The server first sends a 150 and then when libcurl waits for the data
  transfer, the server sends a 425.

- [Mark Brand brought this change]

  configure: add support for pkg-config detection of libidn

- FTP tests 1206 - 1209: don't expect QUIT
  
  The protocol parts for these tests do not include QUIT simply because
  the error is CURLE_OPERATION_TIMEDOUT (28) which is a generic timeout
  error without specificly saying for which connection it concerns, and
  for timeouts libcurl marks the control channel as "invalid". As this
  test case times out for the data connection it could still use the
  control channel.

Yang Tse (25 Nov 2011)
- CyaSSL 2.0+ library initialization adjustment

Daniel Stenberg (25 Nov 2011)
- [Jonas Schnelli brought this change]

  rectify comment

- SSLSESSION_SHARED: new macro to check if session is shared
  
  Added convenience macro to use to check if a handle is using a shared
  SSL session, and fixed so that Curl_ssl_close_all() doesn't lock when
  the session isn't shared.

Yang Tse (25 Nov 2011)
- telnet.c: fix MSVC compiler warning

- tvdiff_secs(): sub-zero time difference adjustment
  
  Skip a floating point addition operation when integral part of time difference
  is zero. This avoids potential floating point addition rounding problems while
  preserving decimal part value.

Daniel Stenberg (25 Nov 2011)
- telnet: fix macros to allow proper semicolon use
  
  Macros that look like function calls need to be made so that we can use
  semicolons properly for indentation and for reducing the risk for
  mistakes when using them.

- [Laurent Rabret brought this change]

  TELNET: improved treatment of options
  
  1) enables the Window Size option
  2) allows the server to enable the echo mode
  3) allows an app using libcurl to disable the default binary mode
  
  Signed-off-by: Laurent Rabret

- RELEASE-NOTES: synced with 2c905fd1f82

- [Jonas Schnelli brought this change]

  query-part: ignore the URI part for given protocols
  
  By setting PROTOPT_NOURLQUERY in the protocol handler struct, the
  protocol will get the "query part" of the URL cut off before the data is
  handled by the protocol-specific code. This makes libcurl adhere to
  RFC3986 section 2.2.
  
  Test 1220 is added to verify a file:// URL with query-part.

- symbols.pl: provide LIBCURL_HAS macro for apps
  
  Experience has shown that the symbols-in-versions file is very useful to
  applications that want to build with a wide range of libcurl versions.
  It is however easy to get it wrong and the source gets a bit messy with
  all the fixed numerical comparisions.
  
  The point of this script is to provide an easy-to-use macro for libcurl-
  using applications to do preprocessor checks for specific libcurl
  defines, and yet make the code clearly show what the macro is used for.

Yang Tse (24 Nov 2011)
- lib573.c: fix double data type variable comparison with zero

- getinfo.c: reset app connect time when clearing session-info time variables

- Fix unreleased regression when using windows gnutls versions older than 2.8

Daniel Stenberg (23 Nov 2011)
- [Mark Brand brought this change]

  gnutls: only translate winsock errors for old versions
  
  Bugfix: https handshake fails using gnutls 3 on windows
  http://sourceforge.net/tracker/index.php?func=detail&aid=3441084&group_id=976&atid=100976
  
  New gnutls versions have an error handler that knows about Winsock
  errors, which is why gnutls_transport_set_global_errno() was deprecated
  and then removed.
  
  This is a correction of commit f5bb370 (blame me) which meant to
  reimplement gnutls_transport_set_global_errno(), which is not necessary.

- protocol_connect: show verbose connect and set connect time
  
  Regression: commit b998d95b (shipped first in release 7.22.0) made the
  condition always equal false that should reset the TIMER_CONNECT timer
  and call the Curl_verboseconnect() function.
  
  Reported by: "Captain Basil"
  Bug: http://curl.haxx.se/mail/archive-2011-11/0035.html

- -J -O: use -O name if no Content-Disposition header comes!
  
  A regression between 7.22.0 and 7.23.0 -- downloading a file with the
  flags -O and -J results in the content being written to stdout if and
  only if there was no Content-Disposition header in the http response. If
  there is a C-D header with a filename attribute, the output is correctly
  written.
  
  Reported by: Dave Reisner
  Bug: http://curl.haxx.se/mail/archive-2011-11/0030.html

- [Martin Storsjo brought this change]

  Add support for using nettle instead of gcrypt as gnutls backend

- [Jonas Schnelli brought this change]

  test: SFTP quote commands with * prefix
  
  Related to the f64812ca63 commit

- CURLOPT_QUOTE: SFTP supports the '*'-prefix now

- [Jonas Schnelli brought this change]

  SFTP: support '*' prefix for quote operations
  
  prefixing a command with '*' means it is allowed to fail without
  aborting the chain actions

- getsessionid: don't ever return while locked
  
  Also, check for the session sharing bit instead of comparing pointers

- Curl_ssl_getsessionid: increase the value, not the pointer

- THANKS: one new contributor in 7.23.1

- [Alejandro Alvarez Ayllon brought this change]

  SSL session share: move the age counter to the share object
  
  Previously the age counter would be counted individually in each easy
  handle that shared SSL sessions!

- [Alejandro Alvarez Ayllon brought this change]

  libtest build: add the missing lib586

- [Jason Glasgow brought this change]

  CURLOPT_DNS_SERVERS: set name servers if possible

- RELEASE-NOTES: correct the release and contributor numbers

Version 7.23.1 (17 Nov 2011)

Daniel Stenberg (17 Nov 2011)
- FindWin32CACert: return OK even if CA cert isn't found

Version 7.23.1 (17 Nov 2011)
  

Version 7.23.1 (17 Nov 2011)
  Bug: http://curl.haxx.se/mail/lib-2011-11/0180.html

Version 7.23.1 (17 Nov 2011)
  Reported by: Mark Brand

Dan Fandrich (16 Nov 2011)
- curl has been built on many Android versions

Daniel Stenberg (15 Nov 2011)
- 7.24.0: start the work

- THANKS: added 18 new contributors from 7.23.0

Version 7.23.0 (14 Nov 2011)

Dan Fandrich (14 Nov 2011)
- curl_easy_setopt arguments should be of type long in the examples

Daniel Stenberg (12 Nov 2011)
- RELEASE-NOTES: synced with 10120e6a
  
  one more bug fix and contributor

- progress_cb: avoid buffer overflow
  
  The progress bar output function would blindly use the terminal width
  without bounds checking. When using a very wide terminal that caused a
  buffer overflow and segfault.
  
  We now limit the max bar with to 255 columns, and I simplified the code
  to avoid an extra snprintf and buffer.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3435710
  Reported by: Alexey Zakhlestin

Yang Tse (11 Nov 2011)
- Active mode FTP test cases with server not establishing data connection
  
  591 -> FTP multi PORT and 425 on upload
  592 -> FTP multi PORT and 421 on upload
  593 -> FTP multi PORT upload, no data conn and no transient neg. reply
  594 -> FTP multi PORT upload, no data conn and no positive prelim. reply
  
  1206 -> FTP PORT and 425 on download
  1207 -> FTP PORT and 421 on download
  1208 -> FTP PORT download, no data conn and no transient negative reply
  1209 -> FTP PORT download, no data conn and no positive preliminary reply

Guenter Knauf (8 Nov 2011)
- Fix to skip untrusted certs.

Daniel Stenberg (6 Nov 2011)
- RELEASE-NOTES: synced with e3166df1bb3
  
  4 new bugfixes, 2 more contributors

- ftp PORT: don't hang if bind() fails
  
  When the user requests PORT with a specific port or port range, the code
  could lock up in an endless loop. There's now an extra conditional that
  makes sure to special treat the error and try the local address only
  once so a second failure will abort the loop correctly.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3433968
  Reported by: Gokhan Sengun

- pingpong: change two comments wrongly referring "FTP"
  
  Just a sign of where the code originally was ripped out from. Now it is
  generic "pingpong".

- test 590: verify the bug fix in 4851dafcf1
  
  This test is created to verify Rene Bernhardt's patch which makes sure
  libcurl properly _not_ deals with Negotiate if not asked to even if the
  proxy says it can serve it.

- [Rene Bernhardt brought this change]

  HTTP auth: fix proxy Negotiate bug
  
  If a proxy offers several Authentication schemes where NTLM and
  Negotiate are offered by the proxy and you tell libcurl not to use the
  Negotiate scheme then the request never returns when the proxy answers
  with its HTTP 407 reply.
  
  It is reproducible by the following steps:
  
  - Use a proxy that offers NTLM and Negotiate ( CURLOPT_PROXY and
  CURLOPT_PROXYPORT )
  
  - Tell libcurl NOT to use Negotiate CURL_EASY_SETOPT(CURLOPT_PROXYAUTH,
  CURLAUTH_BASIC | CURLAUTH_DIGEST | CURLAUTH_NTLM )
  
  - Start the request
  
  The call to CURL_EASY_PERFORM never returns. If you switch on debug
  logging you can see that libcurl issues a new request As soon as it
  received the 407 reply. Instead it should return and set the response
  code to 407.
  
  Bug: http://curl.haxx.se/mail/lib-2011-10/0323.html

Yang Tse (4 Nov 2011)
- ssluse.c: fix calling of OpenSSL's ERR_remove_state(0)
  
  Move calling of ERR_remove_state(0) a.k.a ERR_remove_thread_state(NULL)
  from Curl_ossl_close_all() to Curl_ossl_cleanup().
  
  In this way ERR_remove_state(0) is now only called in libcurl by
  curl_global_cleanup(). Previously it would get called by functions
  curl_easy_cleanup(), curl_multi_cleanup and potentially each time a
  connection was removed from a connection cache leading to premature
  destruction of OpenSSL's thread local state hash.
  
  Multi-threaded apps using OpenSSL enabled libcurl should still call
  function ERR_remove_state(0) or ERR_remove_thread_state(NULL) at the
  very end end of threads that do not call curl_global_cleanup().

- tool_cb_wrt.c: disambiguate warning message

- tool_cfgable.c: pending check done

- url.c and file.c: fix OOM triggered segfault

Daniel Stenberg (3 Nov 2011)
- rename ftp_ssl: the struct field is used for many protocols
  
  Now called 'use_ssl' instead, which better matches the current CURLOPT
  name and since the option is used for all pingpong protocols (at least)
  it makes sense to not use 'ftp' in the name.

Yang Tse (2 Nov 2011)
- [Daniel Stenberg brought this change]

  gtls_connect_step1: remove use of deprecated functions
  
  Use gnutls_priority_set_direct() instead of gnutls_protocol_set_priority().
  
  Remove the gnutls_certificate_type_set_priority() use since x509 is the
  default certificate type anyway.
  
  Reported by: Vincent Torri

- url.c and transfer.c: nullify connection pointer when free()'ed

- FTP test server: NODATACONN commands follow-up
  
  Make NODATACONN425 and NODATACONN421 return a 150 positive preliminary reply
  before 425 or 421.
  
  New NODATACONN150 returns 150 without further positive nor negative reply
  
  Now NODATACONN doesn't reply anything at all.

- multi.c: OOM handling fix

- FTP test server: NODATACONN commands follow-up
  
  Make NODATACONN custom commands apply to both active and passive FTP,
  and ensure 425 and 421 are not returned unless data channel usage is
  attempted.

- tool_cb_see.h: fix compiler warning

- setup.h: fix compiler warning

- FTP test server: NODATACONN commands commit c761fcb0 follow-up
  
  Adjustments that make NODATACONN custom commands fully usable.

Daniel Stenberg (30 Oct 2011)
- [Dave Reisner brought this change]

  doc/curl.1: fix sentence with ending for -# option
  
  Try to be a little more descriptive about the effect of this flag,
  rather than parroting what was said in the paragraph just above.

Yang Tse (30 Oct 2011)
- FTP test server: fix server unresponsiveness
  
  Some torture tests left FTP test server in an unresponsive state, resulting
  in torture tests that actually completed following unexpected code paths.
  
  Changes in this commit solely address this issue and some adjustments for
  ftpserver.pl logging relative to data channel establishment and tear down.
  Pending NODATACONN relative adjustments reserved for a further commit.

- runtests.pl: running server checks - commit 4464583a follow-up
  
  Ensure verification takes place with no server commands file.
  Ignore verbose setting for running server precheck.
  Tweak unresponsive server message, to allow detection by haxx.se scripts.

- gtls.c: gnutls_transport_set_global_errno() deprecated in version 2.12.3

- runtests.pl: running server checks - commit 3676ec96 follow-up
  
  Fix called sub when checking TFTP server, and adjust message.

- runtests.pl: running server checks - commit 4464583a follow-up
  
  Extended server checks to others in addition to pingpong when torture testing.

- lib589.c: add CURLOPT_READDATA missing stuff

- ftpserver.pl: three new custom FTP server commands to disable data channel
  
  NODATACONN421: applies only to active FTP mode, instructs server to not
  establish data connection back to client and reply with FTP 421.
  
  NODATACONN425: applies only to active FTP mode, instructs server to not
  establish data connection back to client and reply with FTP 425.
  
  NODATACONN: applies to both active and passive FTP modes, instructs server
  to not establish nor accept a data channel and fool client into believing
  that the data channel connection is possible.
  
  Some polishing probably required.

- multi.c: OOM handling fix
  
  Fix curl_multi_cleanup() segfault when using weird cleanup sequence.

Daniel Stenberg (27 Oct 2011)
- multi: start ftp state machine when switching to DO_MORE
  
  This extends the fix from commit d7934b8bd491
  
  When the multi state is changed within the multi_runsingle from DOING to
  DO_MORE, we didn't immediately start the FTP state machine again. That
  then left the FTP state in FTP_STOP. When curl_multi_fdset() was
  subsequently called, the ftp_domore_getsock() function would return the
  wrong fd info.
  
  Reported by: Gokhan Sengun

- libcurl-multi.3: update the list of areas still blocking

Yang Tse (26 Oct 2011)
- test 589: active FTP upload using multi timeout and EPRT disabled server

- multi tests: OOM handling fixes - commit 629d2e34 follow-up

Patrick Monnerat (26 Oct 2011)
- - Prepare the ILE/RPG binding and OS400 documentation for the upcoming release

Daniel Stenberg (25 Oct 2011)
- RELEASE-NOTES: synced with 4464583a6ed
  
  5 more bug fixes, 4 additional contributors

Yang Tse (25 Oct 2011)
- runtests.pl: running server checks
  
  When running torture tests, verify before each test case that required
  pingpong servers which are supposed to be alive are actually responsive.
  If found not responsive then restart them.

Daniel Stenberg (24 Oct 2011)
- dist: add test 587
  
  I created test 587 in commit 840eff44f2b but forgot to add the file to
  the tarball. Added now.

- test 588: verify active FTP with multi interface without EPRT
  
  This is using the verbatim 525 test code but it disables EPRT in the
  server and this should work just as well anyway.

- FTP server: allow EPRT by default
  
  EPRT is now supported by default by the server. To disable it, use the
  generic REPLY instruction in the <servercmd> tag. Test 116 now has it
  disabled. All other existing active FTP port tests strip out the port
  commands from the logs already so the change of the server isn't that
  noticable.

Yang Tse (24 Oct 2011)
- ftp.c: some OOM handling fixes

- ftpserver.pl: ensure integral number usage for passive mode string

Daniel Stenberg (24 Oct 2011)
- large headers: have curl accept >16K headers
  
  As commit 5850cc4808ab clarifies, libcurl can deliver header lines that
  are longer than CURL_MAX_WRITE_SIZE, only body data is limited to that
  size. The curl tool has check (when built debug-enabled) that made the
  wrong checks and this new test 1205 verifies that larger headers work.

- curl_easy_setopt.3: headers can be CURL_MAX_HTTP_HEADER bytes
  
  Mention this maximum header size for the header callback cases

- Merge pull request #25 from trtom/master
  
  make sure the static build uses the static build option!

- curl_easy_setopt.3: fix typo
  
  shoot, Dan Fandrich already had this pointed out...

- [Steve Holme brought this change]

  curl_easy_setopt: Added pop3 to CURLOPT_URL.
  
  Added pop3 username and password example as well as an explanation of
  how path part of the URL is used under pop3.
  
  Additionally have corrected a couple of typos.

Yang Tse (22 Oct 2011)
- tool_operate.c: OOM handling fix
  
  Move curl_easy_perform source code geneartion out of curl_easy_perform's loop
  for proper OOM handling and source code geneartion.

Daniel Stenberg (21 Oct 2011)
- curl_multi_fdset: correct fdset with FTP PORT use
  
  After a PORT has been issued, and the multi handle would switch to the
  CURLM_STATE_DO_MORE state (which is unique for FTP), libcurl would
  return the wrong fdset to wait for when curl_multi_fdset() is
  called. The code would blindly assume that it was waiting for a connect
  of the second connection, while that isn't true immediately after the
  PORT command.
  
  Also, the function multi.c:domore_getsock() was highly FTP-centric and
  therefore ugly to keep in protocol-agnostic code. I solved this problem
  by introducing a new function pointer in the Curl_handler struct called
  domore_getsock() which is only called during the DOMORE state for
  protocols that set that pointer.
  
  The new ftp.c:ftp_domore_getsock() function now returns fdset info about
  the control connection's command/response handling while such a state is
  in use, and goes over to waiting for a writable second connection first
  once the commands are done.
  
  The original problem could be seen by running test 525 and checking the
  time stamps in the FTP server log. I can verify that this fix at least
  fixes this problem.
  
  Bug: http://curl.haxx.se/mail/lib-2011-10/0250.html
  Reported by: Gokhan Sengun

Dan Fandrich (21 Oct 2011)
- Added some missing test case XML tags and keywords

Yang Tse (21 Oct 2011)
- file.c: OOM handling fix
  
  file_disconnect() free's resources for multi API

- multi.c: fix segfault

- runtests.pl: fix printing of multivalued error codes

- multi tests: OOM handling fixes
  
  Additionally, improved error checking and logging.

Dan Fandrich (20 Oct 2011)
- Fixed compilation when HTTP or cookies are disabled

Daniel Stenberg (20 Oct 2011)
- KNOWN_BUGS: #74 fixed
  
  Multiple auths in the same WWW-Authenticate header
  
  Fixed in commit 7d81e3f7193b8c

- Curl_http_input_auth: handle multiple auths in WWW-Authenticate
  
  The fix is pretty much the one Nick Zitzmann provided, just edited to do
  the right indent levels and with test case 1204 added to verify the fix.
  
  Bug: http://curl.haxx.se/mail/lib-2011-10/0190.html
  Reported by: Nick Zitzmann

- Curl_smtp_escape_eob: first byte is index 0...
  
  Fix a bug with with commit 2621dd42a4d that happened due to my last
  second pre-commit cleanup of the change without proper testing
  afterwards!

- CURLM_CALL_MULTI_PERFORM: remove mention
  
  This return code has not been used since 7.20.0 so we can stop
  mentioning it for current libcurl.

Dan Fandrich (19 Oct 2011)
- Silenced a compiler warning about an unused variable

Daniel Stenberg (20 Oct 2011)
- [Tim Harder brought this change]

  gtls: only call gnutls_transport_set_lowat with <gnutls-2.12.0
  
  The default lowat level for gnutls-2.12* is set to zero to avoid
  unnecessary system calls and the gnutls_transport_set_lowat function has
  been totally removed in >=gnutls-3 which causes build failures.
  
  Therefore, the function shouldn't be used except for versions that
  require it, <gnutls-2.12.0.

- Curl_smtp_escape_eob: fix EOB escaping
  
  As the EOB string can come byte by byte over a series of writes we must
  match byte-wise.
  
  Bug: http://curl.haxx.se/mail/lib-2011-10/0172.html

- RELEASE-NOTES: synced with ecbb08cea3cd6

- singleipconnect: unstick the ipv6-connection boolean
  
  Previously the bit was set before the connection was found working so if
  it would first fail to an ipv6 address and then connect fine to a IPv4
  address the variable would still be TRUE.
  
  Reported by: Thomas L. Shinnick
  Bug: http://curl.haxx.se/bug/view.cgi?id=3421912

Kamil Dudka (17 Oct 2011)
- nss: avoid a SIGSEGV with immature version of NSS
  
  Bug: https://bugzilla.redhat.com/733685

- nss: big cleanup in nss_load_cert() and cert_stuff()

- nss: refactor fmt_nickname() -> dup_nickname()
  
  Do not use artificial nicknames for certificates from files.

- nss: select client certificates by DER
  
  ... instead of nicknames, which are not unique.

Daniel Stenberg (17 Oct 2011)
- --epsv: fix typo
  
  Reported by: Thomas L. Shinnick

- --show-error: position indepdenent
  
  Previously we required that -S/--show-error was used _after_
  -s/--silent. This was slightly confusing since we strive to make
  arguments as position independent as possible.
  
  Now, you can use them in any order and the result should still be the
  same.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3424286
  Reported by: Andreas Olsson

- curl_multi_fdset: clarify the max_fd == -1 case
  
  Elaborate what max_fd == -1 means
  
  Remove the reference to CURLM_CALL_MULTI_PERFORM as modern libcurl
  versions don't ever return that.

- formdata: ack read callback abort
  
  When doing a multipart formpost with a read callback, and that callback
  returns CURL_READFUNC_ABORT, that return code must be properly
  propagated back and handled accordingly. Previously it would be handled
  as a zero byte read which would cause a hang!
  
  Added test case 587 to verify. It uses the lib554.c source code with a
  small ifdef.
  
  Reported by: Anton Bychkov
  Bug: http://curl.haxx.se/mail/lib-2011-10/0097.html

- TODO: have form functions use CURL handle argument

- [Dave Reisner brought this change]

  typecheck: allow NULL to unset CURLOPT_ERRORBUFFER
  
  There might be situations where a user would want to unset this option.
  Avoid forcing him/her to cast the NULL argument to (char *) in order to
  get past the compile time typecheck.

- singleipconnect: don't clobber errno
  
  Save the errno value immediately after a connect() failure so that it
  won't get reset to something else before we read it.
  
  Bug: http://curl.haxx.se/mail/lib-2011-10/0066.html
  Reported by: Frank Van Uffelen and Fabian Hiernaux

- [Michal Marek brought this change]

  docs: --xattr

Yang Tse (14 Oct 2011)
- file.c: fix compiler warning

- url.c: fix endless loop upon transport connection timeout
  
  Jerry Wu detected and provided detailed info about this issue.

- sws.c: HTTP and GOPHER test server-side connection closing adjustment
  
  When, for a given test, server is instructed to close connection after
  server reply we now wait a very small amount of time (50ms) before doing
  so. This is done to allow client to, at least partially, read server
  reply before getting an ECONNRESET.
  
  The above is required to make test cases 1070, 1200, 1201 and 1202 pass
  with Cygwin 1.5.X on W2K.
  
  GOPHER test server closes connection after _every_ server-reply, as such,
  at some point it could require a bigger time or using shutdown() before
  a server-side initiated disconnection.

- curl_gethostname.c: fix signed/unsigned comparison and avoid a double copy
  
  both introduced in 42be24af

- curl_ntlm_msgs.c: fix variable shadowing declaration introduced in 185ed340

- [Marcin Adamski brought this change]

  tftp.c: TFTP timeout and unexpected block adjustments
  
  Set ACK timeout to 5 seconds.
  
  If we are waiting for block X and receive block Y that is the expected one, we
  should send ACK and increase X (which is already implemented). Otherwise drop
  the packet and don't increase retry counter.

- multi.c: OOM handling fixes
  
  Prevent modification of easy handle being added with curl_multi_add_handle()
  unless this function actually suceeds.
  
  Run Curl_posttransfer() to allow restoring of SIGPIPE handler when
  Curl_connect() fails early in multi_runsingle().

- url.c: make line shorter than 80 chars

- OOM handling/cleanup slight adjustments

- OOM handling/cleanup slight adjustments

- lib540.c: OOM handling fixes making test 540 pass torture testing

Dan Fandrich (8 Oct 2011)
- RELEASE-NOTES: Fixed a couple of typos

Yang Tse (8 Oct 2011)
- telnet.c: fix compiler warning

- libcurl: some OOM handling fixes

- multi.c: OOM handling fixes making torture tests 560 580 581 pass

- test harness: non-stunnel https server integration overhaul

- curl tool: reviewed code moved to tool_*.[ch] files

- buildconf: warn about autoconf 2.67 and 2.68 generating bad/unusable scripts

- curl tool: fix compiler warning

- curl tool: OOM handling fixes

- curl tool: reviewed code moved to tool_*.[ch] files

- curl tool: OOM handling fixes

- curl tool: OOM handling fixes

- curl tool: OOM handling fixes

- curl tool: header inclusion adjustment

- curl tool: symbol check adjustment

- curl tool: header inclusion adjustment

- curl tool: code moved to tool_*.[ch] files

Daniel Stenberg (4 Oct 2011)
- curl_share_cleanup: avoid compiler warning
  
  Move the variable declaration to within the #ifdef

- struct Curl_share: provide sslsession unconditionally
  
  It makes much nicer and less convuluted code everywhere if this struct
  member is always present even when libcurl is built without SSL support.
  
  This reverts parts of commit 15e3e451702396e

- ftp: improved the failed PORT host name resolved error message

- codepolicing

- sspi build fix
  
  define away Curl_ntlm_sspi_cleanup() when no windows SSPI build

- [Steve Holme brought this change]

  smtp: Added support for NTLM authentication
  
  Modified smtp_endofresp() to detect NTLM from the server specified list
  of supported authentication mechanisms.
  
  Modified smtp_authenticate() to start the sending of the NTLM data.
  
  Added smtp_auth_ntlm_type1_message() which creates a NTLM type-1
  message. This function is used by authenticate() to start the sending
  of data and by smtp_state_auth_ntlm_resp() when the AUTH command
  doesn't contain the type-1 message as part of the initial response.
  This lack of initial response can happen if an OOM error occurs or the
  type-1 message is longer than 504 characters. As the main AUTH command
  is limited to 512 character the data has to be transmitted in two
  parts; one containing the AUTH NTLM and the second containing the
  type-1 message.
  
  Added smtp_state_auth_ntlm_type2msg_resp() which handles the incoming
  type-2 message and sends an outgoing type-3 message. This type-2
  message is sent by the server in response to our type-1 message.
  
  Modified smtp_state_auth_resp() to handle the response to: the AUTH
  NTLM without the initial response and the type-2 response.
  
  Modified smtp_disconnect() to cleanup the NTLM SSPI stack.

- [Steve Holme brought this change]

  Curl_ntlm_create_typeX_message: Added the outlen parameter
  
  Added the output message length as a parameter to both
  Curl_ntlm_create_type1_message() and Curl_ntlm_create_type3_message()
  for use by future functions that require it.
  
  Updated curl_ntlm.c to cater for the extra parameter on these two
  functions.

- [Steve Holme brought this change]

  smtp: General tidy up ready for adding NTLM support
  
  Changed the name of variable l, in several functions, which represents
  the length of strings being sent to the server, to len which is more
  meaningful and consistent with other code in smtp.c and elsewhere.
  
  Reworked smtp_authenticate() to be simpler and easier to follow.
  Variables and now initialised in their definitions and if no username
  and password are specified the function sets the state to SMTP_STOP and
  returns immediately, rather than being part of a huge if statement.

Yang Tse (3 Oct 2011)
- curl tool: reviewed code moved to tool_*.[ch] files

Daniel Stenberg (3 Oct 2011)
- [Steve Holme brought this change]

  smtp_mail: fixed another memory leak
  
  ... introduced in 7f304ab84f560c

- [Dominique Leuenberger brought this change]

  m4: Use x in order to avoid variable 'x' set but not used [-Werror=unused-but-set-variable]
  
  This error could be caused by configure scripts being run with -Werror
  -Wall, which would lead to libcurl being detected as unusable.

- share: don't use SSL unless enabled
  
  Don't even declare the struct members for disabled features
  
  Introducing the CURLSHE_NOT_BUILT_IN return code for the share interface
  when trying to set a sharing option that has been disabled (or not
  enabled) in the library.

- multi: progress function abort must close connection
  
  When the progress function returns to cancel the request, we must mark
  the connection to get closed and it must do to the DONE state.
  
  do_init() must be called as early as possible so that state variables
  for new connections are reset early. We could otherwise see that the old
  values were still there when a connection was to be disconnected very
  early and it would make it behave wrongly.
  
  Bug: http://curl.haxx.se/mail/lib-2011-10/0006.html
  Reported by: Vladimir Grishchenko

- tutorial: clarify the handle sharing when treaded
  
  Previously there was wording that made people uncertain of the exact
  rules.
  
  Feedback by: Julien Royer and Georg Lippitsch
  URL: http://curl.haxx.se/mail/lib-2011-09/0357.html

- multi_runsingle: change state on callback abort
  
  Reported by: Marcin Adamski
  Bug: http://curl.haxx.se/mail/lib-2011-09/0329.html

Yang Tse (30 Sep 2011)
- curl tool: fix some more OOM handling

- Fix SSL disabled builds broken with 'SSL session sharing' commit 5793bc37

Daniel Stenberg (29 Sep 2011)
- smtp_mail: fix memory leak
  
  ... introduced in 7f304ab84f560c

- [Steve Holme brought this change]

  smtp_mail: Added support to MAIL FROM for the optional SIZE parameter
  
  The size of the email can now be set via CURLOPT_INFILESIZE. This
  allows the email to be rejected by the server, if supported, and the
  maximum size has been configured on the server.

- curlverh.h: next release will be 7.23.0

- RELEASE-NOTES: synced with 5898a6a09b211fc7e2
  
  Bumped next release version to become 7.23.0 for the changes

Dan Fandrich (28 Sep 2011)
- curl_easy_setopt: Added scp and sftp to the URL section

Daniel Stenberg (28 Sep 2011)
- [Steve Holme brought this change]

  curl_easy_setopt: A brief tidy up
  
  Slight rewording of the CURLOPT_URL SMTP sub-section.
  
  Corrected the incorrect use of hyphens on the three uses of
  "zero-terminated" with "zero terminated" to match the rest of the
  document.
  
  Corrected the use of an out of place hyphen in CURLOPT_NOPROXY section.

- configure openssl version check: handle lack of L suffix
  
  It seems some versions of the OpenSSL version defines don't come with L
  appended to the number, so let's deal with that nicely.

- [Alejandro Alvarez brought this change]

  SSL session sharing support added
  
  With locking, plus test, plus documentation

Yang Tse (28 Sep 2011)
- curl tool: adjust header callback single call write limit warning
  
  Maximum amount of data a header callback is supposed to get in
  a single call from libcurl is limited by the lowest value of
  CURL_MAX_WRITE_SIZE and CURL_MAX_HTTP_HEADER.

Daniel Stenberg (28 Sep 2011)
- multi docs: extended the multi_socket API description

- tests/README: extended and reformatted

Yang Tse (27 Sep 2011)
- [Albert Chin brought this change]

  configure - m4: make CURL_CHECK_DEF ignore leading whitespace on symbol def
  
  When using Sun C compiler the preprocessor somehow inserts an extra space
  in front of replaced symbol, breaking CURL_CHECK_DEF macro. To workaround
  this, macro CURL_CHECK_DEF now ignores all leading whitespace in front of
  symbol substitution result.

Guenter Knauf (27 Sep 2011)
- Added SPNEGO to NetWare build.

Yang Tse (26 Sep 2011)
- curl tool: fix a compiler warning

- curl tool: fix some OOM handling - f4853db5 follow-up

- curl tool: fix some OOM handling

- remove short-lived CURL_WRITEFUNC_OUT_OF_MEMORY

Guenter Knauf (26 Sep 2011)
- Added unsigned char* to _curl_is_debug_cb.

Daniel Stenberg (26 Sep 2011)
- [Steve Holme brought this change]

  smtp_connect: use defined buffer length for hostname

- [Steve Holme brought this change]

  Curl_ntlm_create_type3_message: Tidied up the use of Curl_gethostname.
  
  Removed the code that striped off the domain name when Curl_gethostname
  returned the fully qualified domain name as the function has been
  updated to return the un-qualified host name.
  
  Replaced the use of HOSTNAME_MAX as the size of the buffer in the call
  to Curl_gethostname with sizeof(host) as this is safer should the buffer
  size ever be changed.

- [Steve Holme brought this change]

  HOSTNAME_MAX: Moved to curl_gethostname.h
  
  Moved HOSTNAME_MAX #define into curl_gethostname.h rather than being
  locally defined in curl_gethostname.c, curl_ntlm_msgs.c and smtp.c.

- RELEASE-NOTES: synced with d2a47021c0a6

Yang Tse (25 Sep 2011)
- Q&D fix header inclusion order

- allow write callbacks to indicate OOM to libcurl
  
  Allow (*curl_write_callback) write callbacks to return
  CURL_WRITEFUNC_OUT_OF_MEMORY to properly indicate libcurl of OOM conditions
  inside the callback itself.

Guenter Knauf (25 Sep 2011)
- Changed some main makefile targets.

Daniel Stenberg (25 Sep 2011)
- curl_multi_fdset: avoid FD_SET out of bounds
  
  If a socket is larger than FD_SETSIZE, avoid using FD_SET() on the
  platforms where this is possible.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3413274
  Reported by: Tim Starling

Guenter Knauf (25 Sep 2011)
- Fixed MinGW examples makefile.

- NetWare makefile tweaks to select different builds.

Daniel Stenberg (25 Sep 2011)
- POST: always set postfieldsize
  
  When we use binary posts and regular ones intermixed on a single command
  line, we cannot do strlen() etc on the data to figure out the length
  (when inserting '&' and more). We must therefore keep track of the post
  data length. Then we also end up setting the libcurl option with the
  known size, so that we don't risk that libcurl will do strlen() on the
  data.
  
  This has the minor side-effect that --libcurl source codes now always
  will use CURLOPT_POSTFIELDSIZE but I don't consider that terribly
  damaging.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3413181
  Reported by: Taneli Vähäkangas

Yang Tse (24 Sep 2011)
- curl tool: fix a compiler warning

- curl tool: reviewed code moved to tool_*.[ch] files

Guenter Knauf (24 Sep 2011)
- Added header to be included by dist script.
  
  Probably the wrong place, but I dont know better.

Yang Tse (24 Sep 2011)
- curl tool: fix some OOM handling issues

Daniel Stenberg (24 Sep 2011)
- http header: allow Content-Length to be replaced
  
  In some cases Content-Length: couldn't be replaced by an application
  
  Also, indented some code properly

Guenter Knauf (23 Sep 2011)
- MinGW64 has this prototype already.

- Fixed scanf format for WORD = unsigned short.

- Added Win32-only samples.

- Added a workaround for printing size_t.

Daniel Stenberg (22 Sep 2011)
- Curl_pgrsStartNow: keep HEADERS_OUT set
  
  To avoid that the progress meter headers get output between each
  transfer, make sure the bits gets kept when (re-)inited.
  
  Reported by: Christopher Stone

Yang Tse (22 Sep 2011)
- curl tool: fix some OOM handling issues

- curl tool: reviewed code moved to tool_*.[ch] files
  
  my_setopt and my_setopt_str no longer ignores curl_easy_setopt result.
  
  Fixed some OOM handling issues.

Guenter Knauf (22 Sep 2011)
- Added NetWare examples makefile.

Yang Tse (22 Sep 2011)
- NTLM_WB: fix disabling of NTLM_WB when NTLM is disabled

Daniel Stenberg (21 Sep 2011)
- test 814: smtp without --mail-from
  
  Verifies the fix from commit 322f3d5af7093

- [Gisle Vanem brought this change]

  smtp: without a MAIL_FROM, send blank MAIL FROM
  
  I think curl should ignore this case and smtp.c should test for this.
  Since RFC-2821 seems to allow a "null reverse-path". Ref.  "MAIL
  FROM:<>" in section 3.7, page 25.

- [Dave Reisner brought this change]

  lib/http: add missing whitespace in verbose output
  
  Example:
  * upload completely sent off: 35out of 35 bytes
  
  Should be:
  * upload completely sent off: 35 out of 35 bytes

Guenter Knauf (21 Sep 2011)
- Another MinGW example makefile tweak.

- Fixed sample to compile for Windows platform.

Yang Tse (21 Sep 2011)
- curl tool: make my_setopt ignore curl_easy_setopt result again.
  
  Related code not ready yet for this kind of checks.

Guenter Knauf (21 Sep 2011)
- Changed suffix rules to pattern rules.
  
  Suffix rules cannot have any prerequisites of their own.

- Added dependency so that curlbuild.h is created.

- Some more MinGW build tweaks.
  
  Added envvars to specify OpenSSL include, libpath and lib.
  Added rule to create curlbuild.h from curlbuild.h.dist.

Yang Tse (21 Sep 2011)
- curl tool: reviewed code moved to tool_*.[ch] files
  
  my_setopt and my_setopt_str no longer ignores curl_easy_setopt result.
  
  Fixed some OOM handling issues.

- curl tool: reviewed code moved to tool_*.[ch] files
  
  Overhauled FindWin32CACert()

Guenter Knauf (20 Sep 2011)
- A bunch of MinGW build tweaks.
  
  All paths to dependencies now quoted; synced examples makefile.

- Changed Windows 64bit OS define to x86_64.
  
  Also added check for __x86_64__ define since MinGW64 seems to define
  the _M_X64 macro through a header not available for config-win32.h.

- Also skip certs masked as CKT_NSS_TRUST_UNKNOWN.
  
  Fix posted by Tomas Hoger <thoger redhat com>.

- Added _WIN32_WINNT define for IPv6 builds.

Daniel Stenberg (20 Sep 2011)
- Curl_follow: handle redirects to "//hostname/path"

Yang Tse (19 Sep 2011)
- curl tool: truly fix compiler warning

- curl tool: fix compiler warning

- curl tool: reviewed code moved to tool_*.[ch] files

Daniel Stenberg (18 Sep 2011)
- CURLOPT_URL docs: no need to mention function names

- [Steve Holme brought this change]

  CURLOPT_URL: Expanded URL description
  
  Expanded the section about CURLOPT_URL to include the format of the URL
  and detailed information and examples relating to specific protocols.

- [Steve Holme brought this change]

  Curl_gethostname: return un-qualified machine name
  
  Fixed Curl_gethostname() so that it always returns the un-qualified
  machine name rather than being dependent on the socket provider.
  
  Note: The return of getenv("CURL_GETHOSTNAME") is also parsed in case
  the developer / test harness provided a fully qualified domain name as
  it's value as well.

Yang Tse (18 Sep 2011)
- curl tool: create tool_myfunc.[ch] which later on will hold my_* functions
  
  Additionally function my_useragent() now provides default User-Agent string

- curl tool: reorder free_config_fields() field handling
  
  Reorder handling of fields to match same order as the one given by current
  definition order of 'Configurable' struct fields. Fields currently not handled
  marked for further inspection.

Guenter Knauf (17 Sep 2011)
- Fixed MinGW WinIDN lib dependency.

Yang Tse (17 Sep 2011)
- tool_convert.c: fix no newline at end of file

- curl tool: add new files to Symbian's .mmp project file

- curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch]
  
  Reviewing fields being free'd in free_config_fields() still pending

- src/setup.h: add conditional include of assert.h

- curl tool: move so called 'multi_files' stuff into tool_mfiles.[ch]
  
  Additionally some code reorganization and direct OOM handling fixes,
  just another step towards fixing curl tool issues uncovered 2011-09-15

- curl tool: move convert_* functions into tool_convert.[ch]
  
  Additionally fix data type of result vars for iconv() calls

- main.c: convert GetStr() into a macro to ease leak debugging

- main.c: de-obfuscate a couple for-loop exit conditions

- curl tool: fix a bunch of double free's uncovered 2011-09-15
  
  Re-enabling MemoryTracking capability on 'src' subdirectory files and torture
  tests have uncovered many issues which were going unnoticed in curl tool. So
  here we go fixing some of them. Others still remain and should be addressed
  ASAP, given that curl tool is used in our test harness also for test server
  start verification purposes. There are even non-socket file descriptor leaks.

- Make Curl_safefree() macro assign NULL to given pointer when free'd

- curl MSVC project files: adjust resource compiler include path

- src/Makefile.vc6: adjust resource compiler include path

- curl tool: re-enable MemoryTracking capability on 'src' subdirectory files.
  
  Use same preprocessor logic for curl tool MemoryTracking activation in source
  files located in 'src' subdirectory as the one used for libcurl sources.

- ftp.c: add a couple of failure messages

Dan Fandrich (13 Sep 2011)
- [warp kawada brought this change]

  Curl_add_custom_headers: support headers with no data
  
  A custom HTTP header ending in a semicolon instead of a colon
  will be treated as a header to be added without any data
  portion.

Daniel Stenberg (13 Sep 2011)
- progressfunc: a simple CURLOPT_PROGRESSFUNCTION example

- 7.22.1: start working

- THANKS: 16 new contributors from 7.22.0

Version 7.22.0 (13 Sep 2011)

Daniel Stenberg (13 Sep 2011)
- RELEASE-NOTES: ready for 7.22.0

- codestyle: minor whitespace fix

- [Jeff Pohlmeyer brought this change]

  polarssl: build with PolarSSL-1.0.0
  
  With this fix, it should work for PolarSSL-1.0.0 (and SVN-1091 trunk)
  and retain compatibility with earlier versions. (Tested with 0.14.1)
  
  PolarSSL still doesn't play nicely with curl's CA bundle (we discussed
  this before) but I was at least able to retrieve the
  https://www.gmail.com/ login page using a modified ca-certificates.crt
  file with all 3 versions of PolarSSL.

- BUGS: spellfixed, slightly reformatted for web looks
  
  Reported by: Jeff Pohlmeyer

Dan Fandrich (12 Sep 2011)
- Document NTLM winbind options (and caveats)

Daniel Stenberg (12 Sep 2011)
- BUGS: renumbered to look better in the web version

- BUGS: revamped bug report documentation

Yang Tse (12 Sep 2011)
- Mention that BSD-style lwIP TCP/IP stack support on Windows is experimental.

- ftp.c: fix socket leak torture tests detected 2011-08-30
  
  Also fix inappropriate error handling when sending ftp EPRT or PORT commands.

Daniel Stenberg (11 Sep 2011)
- TODO: remove 4 entries, add one new
  
  Zero-copy and "Avoid having to remove/readd handles" are not really
  features we think are worthwhile to add. Removed.
  
  SRP features have been added already, removed.
  
  11.9 IPv6 addresses with globbing added

- spell-checked comments

- TODO-RELEASE: postpone the remainders
  
  There's three pending bug fixes but there's no time left so let's
  try to get them fixed for next release...

Guenter Knauf (11 Sep 2011)
- Updated makefiles to latest libssh2.

Yang Tse (10 Sep 2011)
- urlglob.c: fix OOM handling

- ftp.c: fix ftp active connects which got broken with commit fdf157abdf

- runtests.pl: replace TAB with spaces

- test harness: revert needless commit 0a5bbb2ac1
  
  https, ftps and ssh servers allowed start up time back to previous values

- ssh.c: revert needless commit 7b7c45879e

Daniel Stenberg (9 Sep 2011)
- RELEASE-NOTES: synced with 303c90074d4c
  
  Five more bugfixes, one more contributor

- tcpnodelay: rename variable
  
  Renamed the variable from 'proto' to 'level' simply because it is not
  protocol you set but level and that is the name of the argument used in
  man pages and the POSIX documentation of the setsockopt function.

Guenter Knauf (8 Sep 2011)
- Avoid ftruncate() static define with MinGW64.

Yang Tse (8 Sep 2011)
- libssh2: use calloc as alloc function for libssh2 versions older than 1.3
  
  This workarounds old libssh2 versions not properly initializing
  some ssh session variables, which would trigger memory debuggers
  warnings on memory being used without having been initialized.

Daniel Stenberg (8 Sep 2011)
- [Adriano Meirelles brought this change]

  Curl_speedcheck: don't mistakenly clear Curl_expire()
  
  The current version of speedcheck.c may disable timeout by setting zero
  to Curl_expire. Which is fine using the curl_multi_perform, because it
  recheck all timeout internals, but when using custom event poller (like
  hiperfifo.c) it may keep stalle connection forever.

Yang Tse (8 Sep 2011)
- lib582.c: fix segfault triggered when torture testing test case 582

Daniel Stenberg (7 Sep 2011)
- ftp_state_use_port: minor code indent fix

- checksrc: detect "}else" uses as well

- getinmemory.c: use better argument names for write callback

Yang Tse (7 Sep 2011)
- ssh.c: fix memory leaks triggered upon OOM or other failures

- test case 583: ensure that test failures don't go unnoticed - follow-up

- test suite: libtest header inclusion cleanup - follow-up
  
  Adjust tests/libtest/Makefile.inc and remove a couple of unused headers from
  tests/libtest/lib583.c

- test case 583: ensure that test failures don't go unnoticed

- test suite: libtest header inclusion cleanup
  
  Added missing memoryTracking to test cases 560 and 583. If this triggers
  leak detection on these, it only means that previously it was going unnoticed.

- fix bool variables checking and assignment

- pingpong.c: avoid a memmove call in function Curl_pp_vsendf

- fix bool variables checking and assignment

- test suite: use test case specific netrc file names

Guenter Knauf (4 Sep 2011)
- Fixed final message output.

Daniel Stenberg (4 Sep 2011)
- TODO-RELEASE: deleteing five issues due to no response
  
  No feedback and no updates, removing these issues

Yang Tse (4 Sep 2011)
- setup_once.h cleanup and sync

Guenter Knauf (4 Sep 2011)
- Fix to skip untrusted certs.

- Added SPNEGO to MinGW makefiles.

Yang Tse (4 Sep 2011)
- NTLM WB: fix file descriptor leak upon OOM condition

- revert changes not intended to be pushed with commit 6b75d2c2

- fix a bunch of MSVC compiler warnings

Guenter Knauf (3 Sep 2011)
- Updated dependecies versions.

- Some MinGW makefile tweaks for MinGW64.

- Changed MinGW to use own winidn prototypes.

Dan Fandrich (2 Sep 2011)
- Fix NTLM winbind support to pass the torture tests
  
  Calling sclose() both in the child and the parent fools the
  socket leak detector into thinking it's been closed twice.
  Calling close() in the child instead overcomes this problem. It's
  not as portable as the sclose() macro, but this code is highly
  POSIX-specific, anyway.

Yang Tse (2 Sep 2011)
- MemoryTracking: fix logging of free() calls done where Curl_safefree is called
  
  Just internal stuff...
  
  Curl_safefree is now a macro defined in memdebug.h instead of a function
  prototyped in url.h and implemented in url.c, so inclusion of url.h is no
  longer required in order to simply use Curl_safefree.
  
  Provide definition of macro WHILE_FALSE in setup_once.h in order to allow
  other macros such as DEBUGF and DEBUGASSERT, and code using it, to compile
  without 'conditional expression is constant' warnings.
  
  The WHILE_FALSE stuff fixes 150+ MSVC compiler warnings.

- transfer.c: fix parentheses/braces placement for vi/emacs delimiter matching

- transfer.c: fix loadhostpairs() OOM handling

- test harness: https, ftps and ssh servers allowed start up time increased 33%

- hostip.c: return immediately from Curl_resolv_timeout() upon expired timeout.
  
  Ensure existing logic in Curl_resolv_timeout() is not subverted upon getting a
  negative timeout from resolve_server(). The timeout in resolve_server() could
  be checked to avoid calling Curl_resolv_timeout() with an expired timeout, but
  fixing this in this way allows existing logic in resolve_server() to be kept
  unchanged.

- ftp.c: fix some leaks torture tests detected 2011-08-30 - follow-up
  
  follow-up for commit d20408e8

- test harness: fix detection of test harness client knownhosts file
  
  Regenerate curl's tests client knownhosts file also when, somehow,
  this file is empty.

- test harness: fix detection of test harness host and client key files
  
  Regenerate curl's tests host and client key files also when, somehow,
  any of these files are empty.

- ssh.c: fix realloc() OOM handling

- ftp.c: fix some leaks torture tests detected 2011-08-30 - follow-up
  
  follow-up for commit c06de200

- fix some leaks torture tests detected 2011-08-30

- fix some leaks torture tests detected 2011-08-30

Daniel Stenberg (29 Aug 2011)
- RELEASE-NOTES: synced with 3445fa2e3f

Kamil Dudka (29 Aug 2011)
- tests: break busy loops in tests 502, 555, and 573

Yang Tse (29 Aug 2011)
- pingpong.c: fix Curl_pp_vsendf() arbitrary restrictions on command length
  
  This removes command length restrictions on calling functions.

- NTLM: header inclusion cleanup follow-up

- NTLM: header inclusion cleanup

- NTLM: END of refactoring/splitting/moving
  
  First:
  
  File curl_ntlm.h renamed curl_ntlm_msgs.h
  File curl_ntlm.c renamed curl_ntlm_msgs.c
  
  Afterwards:
  
  File http_ntlm.c renamed curl_ntlm.c
  File http_ntlm.h renamed curl_ntlm.h

- NTLM: move NTLM core specifics into curl_ntlm_core.[ch]

- NTLM_WB: move NTLM_WB specifics into curl_ntlm_wb.[ch]

- NTLM_WB: final congruency naming adjustments
  
  Configure script option --enable-wb-ntlm-auth renamed to --enable-ntlm-wb
  Configure script option --disable-wb-ntlm-auth renamed to --disable-ntlm-wb
  
  Preprocessor symbol WINBIND_NTLM_AUTH_ENABLED renamed to NTLM_WB_ENABLED
  Preprocessor symbol WINBIND_NTLM_AUTH_FILE renamed to NTLM_WB_FILE
  
  Test harness env var CURL_NTLM_AUTH renamed to CURL_NTLM_WB_FILE
  
  Static function wb_ntlm_close renamed to ntlm_wb_cleanup
  Static function wb_ntlm_initiate renamed to ntlm_wb_init
  Static function wb_ntlm_response renamed to ntlm_wb_response

- NTLM single-sign on adjustments (XI)
  
  Feature string literal NTLM_SSO renamed to NTLM_WB.
  Preprocessor symbol USE_NTLM_SSO renamed to WINBIND_NTLM_AUTH_ENABLED.
  curl's 'long' option 'ntlm-sso' renamed to 'ntlm-wb'.
  Fix some comments to make clear that this is actually a NTLM delegation.

Daniel Stenberg (26 Aug 2011)
- --cookie-jar: activates the cookie engine

- Curl_read_plain: indent code

Yang Tse (26 Aug 2011)
- NTLM single-sign on adjustments (X)
  
  Functions renamed:
  
  Curl_output_ntlm_sso -> Curl_output_ntlm_wb
  sso_ntlm_close -> wb_ntlm_close
  sso_ntlm_response -> wb_ntlm_response
  sso_ntlm_initiate -> wb_ntlm_initiate
  
  Preprocessor symbols renamed:
  
  CURLAUTH_NTLM_SSO -> CURLAUTH_NTLM_WB
  CURL_VERSION_NTLM_SSO -> CURL_VERSION_NTLM_WB

Daniel Stenberg (25 Aug 2011)
- TODO: progress callback without doubles

Yang Tse (25 Aug 2011)
- [Steve Holme brought this change]

  http NTLM: refactoring followup
  
  Output of Curl_ntlm_create_type1_message() and Curl_ntlm_create_type3_message()
  functions is now already base64 encoded.

Kamil Dudka (24 Aug 2011)
- docs: the next release is going to be 7.22.0

Yang Tse (24 Aug 2011)
- include limits.h for INT_MAX

- add missing semicolons

Daniel Stenberg (24 Aug 2011)
- add missing semicolons

- safefree use: fix compiler warning
  
  include the prototype header

Yang Tse (24 Aug 2011)
- [Steve Holme brought this change]

  SMTP authentication: fix ordering of preferred authentication method
  
  Fixed the order of the preferred SMTP authentication method to:
  AUTH CRAM-MD5, AUTH LOGIN then AUTH PLAIN.
  
  AUTH PLAIN should be the last as it slightly more insecure than AUTH LOGIN
  as the username and password are sent together - there is no handshaking
  between the client and server like there is with AUTH LOGIN.

- base64: fix Curl_base64_encode and Curl_base64_decode interfaces
  
  Previous interfaces for these libcurl internal functions did not allow to tell
  apart a legitimate zero size result from an error condition. These functions
  now return a CURLcode indicating function success or otherwise specific error.
  Output size is returned using a pointer argument.
  
  All usage of these two functions, and others closely related, has been adapted
  to the new interfaces. Relative error and OOM handling adapted or added where
  missing. Unit test 1302 also adapted.

Daniel Stenberg (23 Aug 2011)
- resolve.c: new example showing off CURLOPT_RESOLVE

- externalsocket.c: new example

Yang Tse (22 Aug 2011)
- [Steve Holme brought this change]

  http NTLM: remaining bits from 0001-Moved-ntlm-[...]-curl_ntlm-mod_3.patch
  
  * Added function comments:
      - Curl_ntlm_decode_type2_message
      - Curl_ntlm_create_type1_message
      - Curl_ntlm_create_type3_message
  
  * Modification of ntlm processing state to NTLMSTATE_TYPE2 is now done
    only when Curl_ntlm_decode_type2_message() has fully succeeded.

- runtests.pl: option -gw for single test windowed debugging (where possible)

- zlib: ensure user provided memory functions are used by zlib, when given
  
  As a bonus, this lets our MemoryTracking subsystem track zlib operations.
  And also fixes a shortcut some zlib 1.2.x versions took using malloc()
  instead of calloc(), which would trigger memory debuggers warnings on
  memory being used without having been initialized.

Daniel Stenberg (21 Aug 2011)
- main: fix segfault
  
  Follow-up to commit 5eb2396cd as that wasn't complete.
  
  At times HEADERFUNCTION+HEADERDATA was set only to have only HEADERDATA
  set in the subsequent loop which could cause a NULL to get sent as
  userdata to 'header_callback' which wasn't made to handle that.
  
  Now HEADERFUNCTION is explicitly set to NULL if it isn't set to the
  callback.

Yang Tse (21 Aug 2011)
- MemoryTracking: adjust initialization calling - followup
  
  Fix macro definition

- MemoryTracking: adjust initialization calling
  
  Calling of curl_memdebug() was still done with a pending free()

Daniel Stenberg (19 Aug 2011)
- tcpconnect: follow-up commit after b998d95b
  
  As I modified conn->bits.tcpconnect to become an array that holds one
  bool for each potential connection all uses of that struct field must
  index it correctly.

Yang Tse (19 Aug 2011)
- ssh.c: add PATH_MAX definition for WIN32

Daniel Stenberg (19 Aug 2011)
- connect: set TIMER_CONNECT
  
  When connecting, make sure TIMER_CONNECT is set.

- test573: fix the keywords

- FTP: fix proxy connect race condition
  
  When using the multi interface, a SOCKS proxy, and a connection that
  wouldn't immediately consider itself connected (which my Linux tests do
  by default), libcurl would be tricked into doing _two_ connects to the
  SOCKS proxy when it setup the data connection and then of course the
  second attempt would fail miserably and cause error.
  
  This problem is a regression that was introduced by commit
  4a42e5cdaa344755 that was introduced in the 7.21.7 release.
  
  Bug: http://curl.haxx.se/mail/lib-2011-08/0199.html
  Reported by: Fabian Keil

- Curl_SOCKS4: minor code compression

Yang Tse (18 Aug 2011)
- zlib: enforce full initialization of our data space z_stream structs

Daniel Stenberg (17 Aug 2011)
- VC makefiles: fixed variable name mistake

Yang Tse (17 Aug 2011)
- MemoryTracking: adjust curl_domalloc() and curl_dofree() memory filling
  
  Until 2011-08-17 libcurl's Memory Tracking feature also performed
  automatic malloc and free filling operations using 0xA5 and 0x13
  values. Our own preinitialization of dynamically allocated memory
  might be useful when not using third party memory debuggers, but
  on the other hand this would fool memory debuggers into thinking
  that all dynamically allocated memory is properly initialized.
  
  As a default setting, libcurl's Memory Tracking feature no longer
  performs preinitialization of dynamically allocated memory on its
  own. If you know what you are doing, and really want to retain old
  behavior, you can achieve this compiling with preprocessor symbols
  CURL_MT_MALLOC_FILL and CURL_MT_FREE_FILL defined with appropriate
  values.

- MemoryTracking: make curl_docalloc() call calloc() avoiding our zero fill

Daniel Stenberg (15 Aug 2011)
- MSVC makefiles: provide SSH build targets
  
  "release-ssl-ssh2-zlib" and "debug-ssl-ssh2-zlib" are two new makefile
  targets that build libcurl with MSVC and link with libssh2
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3388920
  Reported by: "kdekker"

- test572: fixed
  
  Two problems were fixed:
  
  GET_PARAMETER responses that have no body must be 204 response or
  properly set length to 0.
  
  One of the <data> sections had the wrong content-length for its
  GET_PARAMETER response.
  
  Enabled test 572 again.

- Curl_pgrsStartNow: clear all flags but HIDE
  
  As bug 3385258 pointed out but I missed up the fix for. This is another
  take at a fix.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3392101
  Reported by: Wu Yongzheng

Yang Tse (15 Aug 2011)
- unittests: disable unit tests for some autobuild configurations
  
  IRIX 6.5.24 gcc 3.3 autobuilds fail unittests library compilation due to a
  problem related with OpenSSL headers and library versions not matching.
  
  All AIX autobuilds fails unit tests linking against unittests library due to
  unittests library being built with no symbols or members. Libtool ?

Kamil Dudka (15 Aug 2011)
- nss: start with no database if the selected database is broken
  
  Bug: https://bugzilla.redhat.com/728562

Yang Tse (15 Aug 2011)
- http NTLM: reinstate "nssg.h" "curl_sspi.h" header inclusions

- tests: disable #572

Daniel Stenberg (14 Aug 2011)
- TODO-RELEASE: synced
  
  Added comments to some remaining issues

- telnet: allow programatic use on Windows
  
  Summary of the issue can be found at:
  http://curl.haxx.se/mail/lib-2010-04/0367.html
  
  That patch only updated the unix sockets code - the winsock code was not
  updated and no longer works the same was as the unix code. This change
  updates the windows code accordingly.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3163118

- TODO-RELEASE: fixed issue #291
  
  291 - bug 3383692 "GET PARAMETER request and body in response"

Yang Tse (14 Aug 2011)
- http NTLM: reinstate "memdebug.h" header inclusion
  
  Inclusion of header "memdebug.h" in http_ntlm.c got lost in commit 98fb0ef7.

Daniel Stenberg (14 Aug 2011)
- RTSP: GET_PARAMETER requests have a body
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3383692

- Curl_output_ntlm: remove unused variable

Yang Tse (14 Aug 2011)
- http NTLM: add curl_ntlm.c to Symbian's libcurl.mmp

- http NTLM: fix 8 compiler warnings
  
  Strict splitting of http_ntlm.[ch] may trigger 8 compiler warnings when
  building with some compilers and strict compiler warnings enabled, depending
  on other specific configuration options some could get triggered or not.
  
  Seven are related with 'unused function parameters' and another one with
  'var may be used before its value is set'.

- http NTLM: split http_ntlm.[ch] between http_ntlm.[ch] and curl_ntlm.[ch]
  
  For modularity purposes, huge chunks of NTLM existing code is transformed into
  functions to allow future internal code reuse.
  
  Resulting three new libcurl private functions:
  
   - Curl_ntlm_create_type1_message()
   - Curl_ntlm_create_type3_message()
   - Curl_ntlm_decode_type2_message()
  
  Changing static ntlm_sspi_cleanup() into non-static Curl_ntlm_sspi_cleanup()
  
  This 'refactoring' has been prepared by previous commits to allow that this
  specific one does not introduce any change to existing code. All existing
  goodness and badness previous to this commit should remain the same once it is
  applied, the only difference should be that existing code is moved into
  functions.
  
  Given the quite big portions of code being moved around, and the importance of
  change traceability, this commit has been done in such a way that it is
  possible to perform a three-way diff from initial http_ntlm.[ch] to resulting
  http_ntlm.[ch] and curl_ntlm.[ch] to actually verify that no functional change
  is introduced here.
  
  Notice that Steve Holme has provided several patches, but these included this
  refactoring along with 'extra' fixes. I really wanted this 'clean' refactoring
  done first, in order to allow discussion or committing of 'extra' fixes on a
  case by case basis, so, I had to bite the bullet ;-)
  
  Comments, line adjustments, compiler warning fixes, whatever, may follow
  afterwards.

- http_negotiate_sspi.c: fix compiler warning
  
  warning C4706: assignment within conditional expression

- http NTLM: change return type of Curl_input_ntlm() to CURLcode
  
  Remove CURLntlm enum, no longer required.

Daniel Stenberg (13 Aug 2011)
- RELEASE-NOTES: synced with a30ede868ab64
  
  Three more bugs fixed, three more contributors mentioned

- VC6 makefiles: added embedded documentation
  
  Just a note about the fact that all VC[6/8/9/10] makefiles are generated
  from the VC6 one as source.

- cmake: find winsock when building on windows
  
  When building on Windows, with CMake and mingw, curl fails to compile
  because the CMake build system is not properly looking for the Winsock
  libraries
  
  Patch by: Pau Garcia i Quiles
  Bug: http://curl.haxx.se/bug/view.cgi?id=3389231

- Curl_retry_request: check return code!
  
  Curl_readrewind() was called without checking its return code, which
  could lead to badness.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3349227

- ignore rtsp

Yang Tse (13 Aug 2011)
- http NTLM: update NTLM type-* message structure descriptions - followup

Daniel Stenberg (12 Aug 2011)
- docs: --delegation

- added --delegation
  
  Using this option with an argument being set to one of
  none/policy/always instructs libcurl how to deal with GSS
  credentials. Or rather how it tells the server that delegation is fine
  or not.

Yang Tse (12 Aug 2011)
- http NTLM: fix inclusion of curl_ntlm.h

- http NTLM: update NTLM message structure notes

- [Steve Holme brought this change]

  http NTLM: move portions of http_ntlm.h into new curl_ntlm.h

- http NTLM: more adjustments in preparation of code refactoring
  
  Use preprocessor symbol NTLM_BUFSIZE to define private NTLM buffer fixed size.
  
  Use a SessionHandle 'data' pointer variable to ease refactoring.
  
  Update NTLM type-* message structure descriptions.
  
  Fix some more spacing and typos (Steve Holme).

Daniel Stenberg (11 Aug 2011)
- curl_easy_cleanup: clarify the callback situation

Yang Tse (11 Aug 2011)
- http NTLM: fix compiler warning

- [Steve Holme brought this change]

  http NTLM: Tidied up more inconsistent spacing.
  
  Moved NTLMSSP_SIGNATURE, HOSTNAME_MAX, SHORTPAIR and LONGQUARTET definitions in ready for move to curl_ntlm.c.
  
  Used separate variables for Windows SSPI and native code to ease moving of code to curl_ntlm.c.
  
  Fixed typographical erros where SPPI should be SSPI.
  
  Fixed compilation warnings on 64-bit builds when calling Windows SSPI functions.

Daniel Stenberg (10 Aug 2011)
- rtsp.c: converted to C
  
  Trimmed the newlines to be LF-only. Converted the source to plain C, to
  use curl style indents, to compile warning-free with picky options and
  fixed the minor fprintf() bug on line 245. Added to makefile.

- [Jim Hollinger brought this change]

  rtsp.c: new example
  
  Code from
  http://code.google.com/p/rtsprequest/source/browse/trunk/rtsprequest.cpp

- TODO: remove curl_formpost in a future version
  
  15.8 remove 'curl_httppost' from public

Yang Tse (9 Aug 2011)
- http NTLM: Further tiding up to libcurl standards

- [Steve Holme brought this change]

  http NTLM: Tidied up http_ntlm prior to splitting the ntlm specific code

Daniel Stenberg (9 Aug 2011)
- TODO-RELEASE: issue #289 is fixed
  
  289 - bug 3349227 "secure attribute in cookie does not work with equals sign"

- cookie parser: handle 'secure='
  
  There are two keywords in cookie headers that don't follow the regular
  name=value style: secure and httponly. Still we must support that they
  are written like 'secure=' and then treat them as if they were written
  'secure'. Test case 31 was much extended by Rob Ward to test this.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3349227
  Reported by: "gnombat"

- curl.h: mark deprecated CURLOPT_ options on same line
  
  This is to aid easier machine parsing and to make sure nobody who reads
  these header lines can miss the info.

- RELEASE-NOTES: recounted and updated some numbers

- proxy protocol docs: rephrased and updated

- RELEASE-NOTES: synced with 45d883d88df7
  
  Mention 5 bugixes and 1 change more

- CURLFORM_BUFFER: insert filename as documented
  
  A regression where CURLFORM_BUFFER stopped to properly insert the file
  name part in the formpart. Bug introduced in commit f851f768578dc096.
  
  Added CURLFORM_BUFFER use to test 554 to verify this.
  
  Bug: http://curl.haxx.se/mail/lib-2011-07/0176.html
  Reported by: Henry Ludemann

Yang Tse (8 Aug 2011)
- curl-compilers.m4: serial number bump

- curl-compilers.m4: CURL_CONVERT_INCLUDE_TO_ISYSTEM adjustments:
  
  Add CURL_CHECK_COMPILER as a requirement.
  
  Ensure macro does nothing unless GNU_C or CLANG compiler is used.
  
  This should allow usage of this macro in unforeseen placements.

Daniel Stenberg (8 Aug 2011)
- SOCKS: fix the connect timeout
  
  The connect timeout logic when using SOCKS was done wrong
  
  Bug: http://curl.haxx.se/mail/lib-2011-07/0177.html
  Reported by: "Spoon Man"

- ftp_doing: bail out on error properly
  
  When a failure has been detected we must abort immdiately.
  
  Bug: http://curl.haxx.se/mail/lib-2011-07/0177.html
  Reported by: "Spoon Man"

- s/7.21.8/7.22.0

- version bump: next release is 7.22.0

- VERSIONS: clarify our versioning concept
  
  Drop the pre-release part from this text as we don't use that in
  practise since many years.
  
  Update the phrasing to reflect our more strict interpretation:
  http://curl.haxx.se/mail/lib-2011-08/0064.html

- [Cristian Rodríguez brought this change]

  OpenSSL: Use SSL_MODE_RELEASE_BUFFERS if available, reduces memory use
  
  See also :
  http://www.openssl.org/docs/ssl/SSL_CTX_set_mode.html
  http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html
  
  Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org>

- TODO-RELEASE: close issue #292
  
  Fixed:
  292 - bug 3385258 "Addendum to 3370895"
  
  Basically brushing up commit 27b8814017a19

- Curl_pgrsStartNow: clear all bits except HIDE
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3385258
  Reported by: Ben Winslow

- readwrite_data: improved C-E decoding error message

Yang Tse (7 Aug 2011)
- BSD-style lwIP TCP/IP stack support - followup
  
  lwIP library initialization.

- NTLM single-sign on adjustments (IX)
  
  Use swrite/sread instead of write/read to avoid SIGPIPE

- config-win32.h: comments adjustments

Daniel Stenberg (6 Aug 2011)
- TODO-RELEASE: committed issue #304
  
  304 - "Async-DNS-resolve-thread gets started even when a dotted IP is
        provided" by Christian H<E4>gele
        http://curl.haxx.se/mail/lib-2011-08/0009.html

- [Christian HÀgele brought this change]

  asyn-thread: check for dotted addresses before thread starts

- TODO-RELEASE: Add #307 two issues by "Spoon Man"

Yang Tse (5 Aug 2011)
- checksrc.pl: add quotes to var

- keep a single copy of config-win32.h in version control repository - followup
  
  Allow configure builds to generate src/config-win32.h
  
  Skip checksrc on src/config-win32.h contents already checked at lib/config-win32.h
  
  Allow multiple -W in checksrc.pl

- BSD-style lwIP TCP/IP stack support - docs/INSTALL blurb

- BSD-style lwIP TCP/IP stack support - followup

- git ignore src/config-win32.h

- keep a single copy of config-win32.h in version control repository.
  
  maketgz and buildconf.bat updated to reflect this.

Daniel Stenberg (5 Aug 2011)
- RELEASE-NOTES: synced with afe88d85f40e1

- test710: verify that --proxy socks5://hostname works

- create_conn: mark non-HTTP proxies accordingly
  
  A proxy could be marked 'httpproxy' wrongly before if set with an
  environment variable or with the CURLOPT_PROXY option with a socks*://
  prefix or similar.
  
  Added test 710 to verify
  
  Bug: http://curl.haxx.se/mail/lib-2011-07/0194.html

- test709: HTTP GET via SOCKS5 set in environment

- TODO-RELEASE: issue #293 is done
  
  Fixed:
  293 - from http://bugzilla.redhat.com/723075 "curl segfaults"

- segfault fixed
  
  When using both -J and a single -O with multiple URLs, a missing init
  could cause badness.
  
  Bug: http://curl.haxx.se/mail/lib-2011-07/0126.html and
       http://bugzilla.redhat.com/723075
  Reported by: Paul Howarth and Garrett Holmstrom

- test1313: test content-disposition with uneven quotes

- parse_filename: deal with escaped quotes

Yang Tse (4 Aug 2011)
- BSD-style lwIP TCP/IP stack support:
  
  Allow compilation of libcurl and curl using BSD-style lwIP on Win32.
  
  In order to compile libcurl and curl with this support it is necessary
  to edit files lib/config-win32.h and src/config-win32.h and uncomment
  a line to make definition of preprocessor symbol USE_LWIPSOCK visible.
  
  Afterwards you can compile as usual.
  
  In order to use compiled library with BSD-style lwIP TCP/IP stack in
  your program it is mandatory that you include lwIP header file <lwip/opt.h>
  before including <curl/curl.h> or <curl/multi.h>
  
  Compilation has been verified with lwIP 1.4.0 and contrib-1.4.0 from:
  
  http://download.savannah.gnu.org/releases/lwip/lwip-1.4.0.zip
  http://download.savannah.gnu.org/releases/lwip/contrib-1.4.0.zip
  
  Have fun!

- curl.h: untangle a preprocessor block, removing duplicate sys/types.h inclusion

Daniel Stenberg (4 Aug 2011)
- TODO-RELEASE: issue #290 fixed
  
  Closed this entry:
  290 - bug 3375603 "curl has problem with remote names containing ';'"

- -J: support ';' in quoted file names
  
  Content-disposition headers can provide file names with semicolons which
  previously would be cut off at that point.
  
  Added test case 1311 and 1312 to verify -J.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3375603
  Reported by: Peter Hjalmarsson

- getpart.pm: when no part match, return blank when section ends

- runtests.pl: support option=no-include

- TODO-RELESE: #306 - SSL Sessions shared

- TODO-RELEASE: updated with current issues

Kamil Dudka (3 Aug 2011)
- curl_gssapi: add a missing include of sendf.h
  
  ... to avoid build failure when GSS_C_DELEG_POLICY_FLAG is not defined.
  
  Reported by: Paul Howarth

- curl_gssapi: refine the handling of CURLOPT_GSSAPI_DELEGATION
  
  Suggested by Richard Silverman.

- [Adam Tkac brought this change]

  Add new CURLOPT_GSSAPI_DELEGATION option.
  
  Curl_gss_init_sec_context got new parameter - SessionHandle.
  
  Signed-off-by: Adam Tkac <atkac@redhat.com>

Yang Tse (31 Jul 2011)
- configure: add check for <sys/wait.h>

- NTLM single-sign on adjustments (VIII)
  
  Use preprocessor symbols WINBIND_NTLM_AUTH_ENABLED and WINBIND_NTLM_AUTH_FILE
  for Samba's winbind daemon ntlm_auth helper code implementation and filename.
  
  Retain preprocessor symbol USE_NTLM_SSO for NTLM single-sign-on feature
  availability implementation independent.
  
  For test harness, prefix NTLM_AUTH environment vars with CURL_
  
  Refactor and rename configure option --with-ntlm-auth to --enable-wb-ntlm-auth[=FILE]

Dan Fandrich (29 Jul 2011)
- Renumbered test2005 to test1310
  
  The 20xx range is for multiple sequential tests.

Yang Tse (29 Jul 2011)
- curl-functions.m4 serial # bump

- Revert "configure: additional flag checks for fcntl() socket() and socketpair()"
  
  This reverts commit bc6e6a465ad0b9f9757c4385698fe5f255dd125b.

- configure: additional flag checks for fcntl() socket() and socketpair()

- NTLM single-sign on adjustments (VII)
  
  Initialize variables when connectdata object is created.

- socketpair() usage tracking to allow fd leak detection

- fix compiler warning

Dan Fandrich (28 Jul 2011)
- Avoid a "shadows global declaration" warning on old MIT Kerberos
  
  Defining NCOMPAT eliminates the backwards-compatibility macros
  that are the source of the problem and which we don't need,
  anyway.

Yang Tse (28 Jul 2011)
- NTLM single-sign on adjustments (VI)
  
  Fix compiler warning

Dan Fandrich (28 Jul 2011)
- Give the NTLM SSO helper a moment to cleanly shut down if needed

- Removed an extraneous \n that violated the SSO daemon protocol
  
  This caused fake_ntlm to abort due to an invalid command
  causing sporadic test 2005 failures.

Yang Tse (28 Jul 2011)
- NTLM single-sign on adjustments (V)
  
  Enhance test harness fake_ntlm logging upon invalid input.

Dan Fandrich (27 Jul 2011)
- Fixed a couple of memory leaks in NTLM SSO support

Yang Tse (27 Jul 2011)
- NTLM single-sign on adjustments (IV)
  
  Fix compiler warning

- NTLM single-sign on adjustments (III)
  
  Provide some error tracing and fix execl() calling.

- NTLM single-sign on adjustments (II)
  
  Ensure test harness fake_ntlm main function can properly handle arguments.

- NTLM single-sign on adjustments (I)
  
  Use fake_ntlm absolute filename in NTLM_AUTH environment variable for test
  2005 definition.

Dan Fandrich (26 Jul 2011)
- Fixed test 2005 to work in out-of-tree builds
  
  Also, set the test number in the test data file so fake_ntlm can
  be reused in future tests.

Yang Tse (26 Jul 2011)
- fix compiler warning

- fix compiler warning

- stdio.h, stdlib.h, string.h, stdarg.h and ctype.h inclusion done in setup_once.h

- WIN32 io.h and fcntl.h inclusion done in setup_once.h

- time.h and sys/time.h inclusion conditionally done in setup_once.h

- errno.h inclusion conditionally done in setup_once.h - followup

- errno.h inclusion conditionally done in setup_once.h

Daniel Stenberg (22 Jul 2011)
- [Ben Winslow brought this change]

  progress: reset flags at transfer start
  
  When an easy handle is used to download an URI which has no
  Content-Length header (or equivalent) after downloading an URI which
  does, the value from the previous transfer is reused and returned by
  CURLINFO_CONTENT_LENGTH_DOWNLOAD. This is because the progress flags
  (used to determine whether such a header was received) are not reset
  between transfers.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3370895

- RELEASE-NOTES: HTTP error handling on request body send

- http error response: stop sending when error is received
  
  When libcurl has said to the server that there's a POST or PUT coming
  (with a content-length and all) it has to either deliver that amount of
  data or it needs to close the connection before trying a second request.
  
  Adds test case 1129, 1130 and 1131
  
  The bug report is about when used with 100-continue, but the change is
  more generic.
  
  Bug: http://curl.haxx.se/mail/lib-2011-06/0191.html
  Reported by: Steven Parkes

- [Michael Mueller brought this change]

  sso_ntlm_initiate: unassigned variable
  
  Bug: http://curl.haxx.se/mail/lib-2011-07/0109.html

- test2005: require a debug build

- runtests: add 'debug' as a feature a test can require

- configure: avoid "test -e"
  
  "test -e" is POSIX but clearly was not supported by the SunOS sh
  version, -f is supported and should be a decent equivalent
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3371574

- symbols-in-versions: add NTLM_SSO symbols

- gitignore: ignore fake_ntlm

- [Mandy Wu brought this change]

  test2005: verify ntlm single-signon

- [Mandy Wu brought this change]

  NTLM single-sign on supported
  
  With the use of the 'ntlm_auth' tool from the Samba project

- sws: don't enable pipelining for requests with content-length
  
  Log texts also modified and some white space edits

Patrick Monnerat (14 Jul 2011)
- Fix OS400 scripts to make it compilable again.
  Upgrade ILE/RPG binding to 7.21.7.
  Update OS400 documentation accordingly.

Daniel Stenberg (14 Jul 2011)
- runtests: ignore the 'all_proxy' environment variable as well
  
  We should probably also make sure that [protocol]_proxy for all possible
  protocols libcurl supports are unset.

Julien Chaffraix (13 Jul 2011)
- curl_gssapi: Guard files with HAVE_GSSAPI.
  
  Bug: http://curl.haxx.se/mail/lib-2011-07/0074.html
  Reported and fix suggested by: Ben Greear

Daniel Stenberg (13 Jul 2011)
- gssapi: rename our files to avoid conflicts
  
  gssapi.h is used as a header name by Heimdal-style GSSAPI so it would
  conflict with a private header using that name, and while renaming the
  header I figured we should name the .c file accordingly as well.
  
  Bug: http://curl.haxx.se/mail/lib-2011-07/0071.html
  Reported by: Ben Greear

- silence picky compilers: mark unused parameters
  
  Modern gcc versions (4.6.X) get more picky by default and have started
  to warn for unused parameters, but luckily gcc also allows us to mark
  them as unused so that we can avoid the warnings.

Julien Chaffraix (12 Jul 2011)
- gssapi.c: Simplified the function.
  
  Removed the parameters that were common to all our invocation.

- Added Curl_gss_init_sec_context.
  
  This function wraps our calls to gss_init_sec_context so that we
  have a unified way to talk to GSSAPI.

- http_negociate: Be consistent in gss_init_sec_context attributes.
  
  This change makes this callsite match the rest of the code.

Daniel Stenberg (4 Jul 2011)
- code style: space between close paren and open brace

- checksrc: detect open brace without space
  
  We use "if(condition) {" with a space between the close paren and the
  open brace.

- polarssl.h: remove CVS leftover

- help output: more gnu like output
  
  First, the -J/--remote-header-name was wrongly sorted in the --help
  output as pointed out in bug report #3349271.
  
  Then, I changed the format of the texts to follow the man page better in
  that it now uses "-A, --long" intead of "-A/--long". I also made all
  additional arguments get written as in "-A, --long FILENAME" instead of
  the previous "<filename>" style.
  
  Reported by: Herve Amblard
  Bug: http://curl.haxx.se/bug/view.cgi?id=3349271

- sws: allow multiple commands in <servercmd>

- Curl_http_readwrite_headers: minor indent fix

- gitignore: config.cache

- docs: FTP quotes support '*' prefix to ignore errors
  
  By default libcurl stops processing quote commands on failures.

- THANKS: new contributors from 7.21.7

- get_gss_name: proxy auth without proxy set equals error
  
  Previously it would access a NULL pointer and die.
  
  Bug: http://curl.haxx.se/mail/lib-2011-06/0170.html
  Reported by: Christian Hagele

- examples: cleanup curl includes
  
  Only <curl/curl.h> is needed typically and curl/types.h has been removed

- libtests: stop checking for CURLM_CALL_MULTI_PERFORM
  
  CURLM_CALL_MULTI_PERFORM stopped being a valid return code from
  curl_multi_perform back in 7.20.0. All the libcurl tests are ajusted to
  this and no longer check for this return code. Makes them simpler.

Dan Fandrich (24 Jun 2011)
- Fixed test 1300 to pass the memory torture test

Tom Wright (24 Jun 2011)
- looks like this should be static, not dll

Dan Fandrich (23 Jun 2011)
- Display notes from setup file in testcurl.pl
  
  Autobuild submitters can use this to add some text to their
  setup files to describe issues they've found with the build
  or tests. This could include laying blame on test failures on
  network issues or dependent libraries, explaining away compiler
  warnings or providing any additional information that could be
  useful to people reviewing and investigating problems with the
  publicly available autobuild logs.  Note that persistent test
  failures that are not issues with curl itself should normally be
  fixed by excluding them from the test run instead.
  
  This is an entirely optional field that is not entered by the
  user the first time a new build is created.

- Added a leap second test to test517

Daniel Stenberg (23 Jun 2011)
- runtests.pl: warn if a test is explicitly disabled
  
  Just to make sure a user is aware of it.

- bump release: start working towards 7.21.8

- parsedate: detect more invalid dates better

Version 7.21.7 (23 Jun 2011)

Daniel Stenberg (23 Jun 2011)
- curl_formfree: clarify which pointer to free

- RELEASE-NOTES: mention security issue 20110623
  
  libcurl inappropriate GSSAPI delegation. Full details at
  http://curl.haxx.se/docs/adv_20110623.html

- RELEASE-NOTES: synced with 9016958aa8989

- Curl_input_negotiate: do not delegate GSSAPI credentials
  
  This is a security flaw. See curl advisory 20110623 for details.
  
  Reported by: Richard Silverman

- [Josue Andrade Gomes brought this change]

  windows build: use correct MS CRT

- Merge pull request #23 from salty-horse/pop3_list_space
  
  [pop3] remove extra space in LIST command

Ori Avtalion (21 Jun 2011)
- [pop3] remove extra space in LIST command
  
  Some servers, e.g. mail.bezeqint.net:110, consider it a syntax error

Yang Tse (21 Jun 2011)
- http: fix compiler warning
  
  compiler warning: conditional expression is constant

- asyn-thread: fix compiler warning
  
  compiler warning: variable is initialized but not referenced

- cmake: remove spurious definition

Daniel Stenberg (21 Jun 2011)
- FAQ: more blurb on persistent connections

Yang Tse (21 Jun 2011)
- xc-translit.m4 fix quoting

Daniel Stenberg (20 Jun 2011)
- INSTALL: mention the GIT-INFO file

Dan Fandrich (20 Jun 2011)
- Added LOCAL_MODULE_TAGS to support Android gingerbread

Daniel Stenberg (19 Jun 2011)
- [Amr Shahin brought this change]

  unitteset: Curl_llist_move
  
  adding unit test for Curl_llist_move, documenting unit-tested functions
  in llist.c, changing unit-test to unittest, replacing assert calls with
  abort_unless calls

- CURLFORM_STREAM: acknowledge CURLFORM_FILENAME
  
  The CURLFORM_STREAM is documented to only insert a file name (and thus
  look like a file upload) in the part if CURLFORM_FILENAME is set, but in
  reality it always inserted a filename="" and if CURLFORM_FILENAME wasn't
  set, it would insert insert rubbish (or possibly crash).
  
  This is now fixed to work as documented, and test 554 has been extended
  to verify this.
  
  Reported by: Sascha Swiercy
  Bug: http://curl.haxx.se/mail/lib-2011-06/0070.html

Yang Tse (17 Jun 2011)
- configure: avoid direct usage of AS_TR_* macros

- xc-translit.m4 provides transliteration macros with well defined behavior.

Daniel Stenberg (14 Jun 2011)
- RELEASE-NOTES: add more contributors for this release

- RELEASE-NOTES: synced with 0aedccc18a33a778535

- curl_formget: fix FILE * leak
  
  Properly deal with the fact that the last fread() call most probably is
  a short read, and when using callbacks in fact all calls can be short
  reads. No longer consider a file read done until it returns a 0 from the
  read function.
  
  Reported by: Aaron Orenstein
  Bug: http://curl.haxx.se/mail/lib-2011-06/0048.html

- curl_formget: treat CURLFORM_STREAM better
  
  If a piece is set to use a callback to get the data, it should not be
  treated as data. It unfortunately also requires that curl_easy_perform()
  or similar has been used as otherwise the callback function hasn't been
  figured out and curl_formget won't know how to get the content.

- curl_formget.3: CURLFORM_STREAM has its drawbacks
  
  Due to a design flaw, the CURLFORM_STREAM option doesn't really work
  with curl_formget until after curl_easy_perform (or similar).

- FAQ: binding clarification
  
  We don't author the bindings, they are created outside the main project.

Dan Fandrich (11 Jun 2011)
- Added http as a dependency of test 1308

Daniel Stenberg (12 Jun 2011)
- test1309: added to the dist

- write: add return code checks when used
  
  These were just warnings in test code but it still makes it nicer to not
  generate them.

- long/int mess
  
  Typecast when converting to int from long to avoid some compiler warnings

Yang Tse (11 Jun 2011)
- configure: OpenSSL API detection cleanup

Dan Fandrich (11 Jun 2011)
- Fixed test 1309 to pass the torture test
  
  Removing dynamic allocations also simplifies the test.

Daniel Stenberg (10 Jun 2011)
- splay: add unit tests
  
  The test code that was #ifdef'ed in the code was converted into unit
  tests in test case 1309. I also removed the #if 0'ed code from splay.c

- unittest: mark all unit tested functions
  
  With "@unittest: [num]" in the header comment for each tested function.
  Shows we have a log way to go still...

- CURLOPT_WRITEHEADER: clarify the docs

- unit test formpost: added test case 1308
  
  This is a few first rather basic tests of curl_formadd() and
  curl_formget(). Should serve as building blocks to add more variations
  to the test.

Yang Tse (9 Jun 2011)
- configure: warn if OpenSSL headers and library versions don't match

- configure: get API info for a couple of OpenSSL functions (followup 2)

- configure: get API info for a couple of OpenSSL functions (followup 1)

- configure: fix recvfrom 5th arg type qualifier detection (followup)

- configure: fix recvfrom 5th arg type qualifier detection

Kamil Dudka (8 Jun 2011)
- disconnect: wipe out the keeps_speed time stamp
  
  When closing a connection, the speedchecker's timestamp is now deleted
  so that it cannot accidentally be used by a fresh connection on the same
  handle when examining the transfer speed.
  
  Bug: https://bugzilla.redhat.com/679709

Yang Tse (7 Jun 2011)
- urldata: use uniform inclusion style for OpenSSL headers

Daniel Stenberg (7 Jun 2011)
- HTTP time condition: force closure for 200 OK
  
  When a time condition isn't met, so that no body is delivered to the
  application even though a 2xx response is being read from the server, we
  must close the connection to avoid a re-use of the connection to be
  completely tricked.
  
  Added test 1128 to verify.

- RELEASE-NOTES: synced with b772f3a32146d7d

Yang Tse (6 Jun 2011)
- configure: get API info for a couple of OpenSSL functions

Daniel Stenberg (5 Jun 2011)
- wait_ms: takes an int argument
  
  Typecasts added since I changed more code to use long for timeouts

- Curl_socket_ready: make timeout a 'long'
  
  It was mostly typecasted to int all over the code so switching to long
  instead all over should be a net gain.

Yang Tse (4 Jun 2011)
- xlc: avoid preprocessor definition usage when linking

- unit tests: disable unit tests for a given cross-compilation configuration.
  
  cross-compilation of unit tests static library/programs fails when
  libcurl shared library is also built. This might be due to a libtool or
  automake issue. In this case we disable unit tests.

Daniel Stenberg (3 Jun 2011)
- cookie_output: made private

- digest_cleanup_one: made private

- privatise: make private functions static

- Curl_fileinfo_dup: removed, not used

- parsedate: turn private and static
  
  I removed the prefix as well accordingly.

Dan Fandrich (2 Jun 2011)
- curl hasn't sent a Pragma: header by default for a while

Yang Tse (2 Jun 2011)
- unit tests: attempt to fix linkage issue

- urlglob: fix zero size malloc

- Remove unnecessary typecast

- compiler warning: fix
  
  Fix compiler warning: cast increases required alignment

- unit tests: make unit tests building actually depend on --enable-debug option.

- OpenSSL enabled: require OPENSSL_VERSION_NUMBER definition before usage.

- unit tests: more build adjustments

Daniel Stenberg (1 Jun 2011)
- CURLOPT_WILDCARDMATCH: minor style edit
  
  Due to some flaw in roffit I removed some style changes to make the web
  page look better.

Yang Tse (1 Jun 2011)
- makefile: avoid preprocessor definition usage when linking

- warnless: icc 9.1 workaround

Daniel Stenberg (31 May 2011)
- testcurl.pl: allow configure args to use '='

Yang Tse (30 May 2011)
- Makefile.am: fix spurious CFLAGS duplication

Dan Fandrich (30 May 2011)
- Removed types.h from Android makefile

Daniel Stenberg (30 May 2011)
- configure.ac: skip /dev/urandom check when cross-compiling
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3307835

Yang Tse (29 May 2011)
- main: fix header inclusion order
  
  Currently, Windows cross-compiled autobuilds require inclusion of setup.h
  before curl.h to get definitions of CURL_STATICLIB and BUILDING_LIBCURL.

- main: fix header inclusion order

- distribution: Fix EXTRA_DIST letter case

Daniel Stenberg (27 May 2011)
- curl_easy_setopt.3: NOPROGRESS also affects the callback

Yang Tse (27 May 2011)
- warnless: header inclusion fix

- Make checksrc.pl work on more out-of-tree builds
  
  Source files given with relative paths do not have the
  -D directory specifier prepended.

- compiler warning: fix
  
  Fix compiler warning: conversion may lose significant bits

- socks: fix unaligned memory access

- compiler warning: fix
  
  Fix compiler warning: variable was set but never used
  
  Fix compiler warning: clobber ignored

- unit tests: build adjustment
  
  Also define UNITTESTS macro when building unit test sources.
  
  Fixing compiler warning: external definition with no prior declaration

Daniel Stenberg (25 May 2011)
- create_conn: only switch protocol handler if necessary
  
  When switching to HTTP because a HTTP proxy is being used, the existing
  handler is now checked if it already is "compatible". This allows the https
  handler remain while other non-http handlers will be redirected.
  
  Bug: http://curl.haxx.se/mail/lib-2011-05/0214.html
  Reported by: Jerome Robert

- setopt.3: remove leftover style change

- setopt.3: CURLOPT_WRITEFUNCTION had wrong function proto

Yang Tse (25 May 2011)
- compiler warning: fix followup
  
  Fix compiler warning: variable was set but never used
  
  Fix compiler warning: clobber ignored

- unit tests: README, adjust header inclusion order

- compiler warning: fix
  
  Fix compiler warning: variable was set but never used
  
  Fix compiler warning: clobber ignored

- compiler warning: fix
  
  Fix compiler warning: external definition with no prior declaration

- compiler warning: fix
  
  Fix compiler warning: external definition with no prior declaration

- compiler warning: fix
  
  Fix compiler warning: argument is incompatible with corresponding format
  string conversion

- build: inclusion guard
  
  Enclose header file in an inclusion guard

- compiler warning: fix
  
  Fix compiler warning: expression has no effect

- compiler warning: fix
  
  Fix compiler warning: `keycheck' might be used uninitialized in this function.
  Fix compiler warning: `keybit' might be used uninitialized in this function.

- compiler warning: fix
  
  Fix variable declaration placement

- compiler warning: fix
  
  Fix missing semicolon

- compiler warning: fix
  
  Fix compiler warning: expression has no effect
  
  Fix OOM handling

- compiler warning: fix
  
  Fix compiler warning: expression has no effect

- compiler warning: fix
  
  Fix compiler warning: unused variable 'data'

- compiler warning: fix
  
  Fix compiler warning: enumerated type mixed with another type

- compiler warning: fix
  
  Fix compiler warning: enumerated type mixed with another type

- compiler warning: fix
  
  Fix compiler warning: enumerated type mixed with another type

- compiler warning: fix
  
  Fix compiler warning: enumerated type mixed with another type

- compiler warning: fix
  
  Fix compiler warning: enumerated type mixed with another type

- compiler warning: fix
  
  Fix compiler warning: empty body in an if-statement

- unit tests: adjust header inclusion order
  
  Additionally, prevent multiple inclusions of curl_config.h

Daniel Stenberg (20 May 2011)
- Merge pull request #19 from pierrejoye/master
  
  winbuild: typo in docs

- [Ola Mork brought this change]

  cyassl: build without filesystem
  
  Get cyassl's NO_FILESYSTEM to work with libcurl. Otherwise I'd get linker
  errors for the missing "SSL_CTX_load_verify_locations" functions.

Pierre Joye (20 May 2011)
- - typo

Daniel Stenberg (19 May 2011)
- typo: close is in man page section 3

Yang Tse (19 May 2011)
- tests: verify OPEN/CLOSESOCKETFUNCTION
  
  Test 585: Fix opensocket return type, and avoid function name clash.

- version: linkage fix
  
  Fix linkage on c-ares enabled Windows static builds

Daniel Stenberg (18 May 2011)
- curl_easy_setopt.3: document CLOSESOCKET* options

- tests: verify OPEN/CLOSESOCKETFUNCTION
  
  Test 585 and 586 were added. Using a modified lib500.c

- symbols-in-versions: add CLOSESOCKET*

- CLOSESOCKETFUNCTION: use the callback
  
  Fix the return type of the callback to match close() and make use of it.

- CLOSESOCKETFUNCTION: added
  
  Introduced the initial setup to allow closesocket callbacks by making
  sure sclose() is only ever called from one place in the libcurl source
  and still run all test cases fine.

- GnuTLS handshake: fix timeout
  
  Commit cbf4961bf3e garbled the timeout handling while doing SSL
  handshaking (in an attempt at fixing another bug). This puts sanity
  back.
  
  Bug: http://curl.haxx.se/mail/lib-2011-05/0167.html
  Reported by: Ethan Glasser Camp

- checksrc: trailing whitespace detection fix

- [Marcel Roelofs brought this change]

  negotiate sspi: fix sequential requests

- tests: added HTTP If-Modified-Since tests
  
  Added test 1126 and 1127 to verify curl's behaviour when If-Modified-Since
  is used and a 200 is returned.
  
  The list of test cases in Makefile.am is now sorted numerically.

- include: cleanup
  
  Made the public headers checksrc compliant
  
  Removed types.h (it's been unused since April 2004)
  
  Made the root makefile do make in include by default as well, so that
  TAGS and the checksrc will work better.

Dan Fandrich (6 May 2011)
- Fixed compilation when RTSP is disabled

- Fixed LDAP after RTSP readwrite change

Daniel Stenberg (6 May 2011)
- RELEASE-NOTES: synced with 32001ac4149b206

- set_userpass: convert from protocol-specific to generic
  
  The protocol handler's flags field now can set that the protocol
  requires a password, so that the set_userpass function doesn't have to
  have the specific knowledge of which protocols that do.

- RTSP: cleanups
  
  Made several functions static
  
  Made one function defined to nothing when RTSP is disabled to avoid
  the #ifdefs in code.
  
  Removed explicit rtsp.h includes

- RTSP: convert protocol-specific checks to generic
  
  Add a 'readwrite' function to the protocol handler struct and use that
  for the extra readwrite functionality RTSP needs.

- SSL: check for SSL, not specific protocols
  
  Code cleanup to check less for protocols and more for the specific
  relevant feature. Like if SSL is required.

- http_perhapsrewind: remove HTTP check
  
  No need to check for HTTP as this is now a HTTP-specific function

- http_perhapsrewind:
  
  make it static, remove Curl_ prefix

- remove FILE protocol-specific checks
  
  Also, convert the BANPROXY flag into NONETWORK for the protocols
  (file:// only atm) that don't work over networks.

- curl.1: --socks* options no longer needed
  
  As we now can specify all the socks proxy types with the regular --proxy
  option using protocol prefix.

- socks proxy: allow socks5h:// prefix too
  
  Using 'socks5h' as proxy protocol will make it a
  CURLPROXY_SOCKS5_HOSTNAME proxy which is SOCKS5 and asking the proxy to
  resolve host names. I found no "standard" protocol name for this.

- curl.1: minor edit of --ftp-ssl*

- [Jari Aalto brought this change]

  curl.1: use GNU style and sort options
  
  Follow style of GNU layout (cp, mv ...) where options are separated with
  comma: -o, --option
  
  Order item alphabetically (by length also): -o, -O, --option
  
  Follow style of GNU layout by moving help related options to the end:
  --help, -M, --version

- Corrected comments
  
  closepolicy has been deprecated and unused for years

- ConnectionStore: remove unused return code

- indent correctly

- curl_easy_getinfo.3: clarify some timing info

- curl_easy_setopt.3: clarify the SSH KEYFILE options usage
  
  The internal defaults are important info

- docs: mention the protocol:// support in proxy strings

- --data-ascii: add mention
  
  As it is a separate option it should have a .IP title

- url encode docs: mention '-', '.', '_' and '~'
  
  Clarify that the '-', '.', '_' or '~' letters are also not escaped since
  they shouldn't according to RFC3986 section 2.3.
  
  This is how this function has behaved since sep 2010, commit
  5df13c31735fa0.

- SSH: set non-blocking earlier
  
  Introduce an INIT state for the SSH state machine and set libssh2
  non-blocking in that so that it is set properly before
  libssh2_session_startup() is called.
  
  Bug: http://curl.haxx.se/mail/archive-2011-05/0001.html

- curl_formfree.3: mention argument may be NULL
  
  As the code already checks for it we can just as well make it official!

- ConnectionExists: avoid NULL dereference
  
  When checking for connections that are bound to a particular device we
  must make sure we don't compare with a NULL pointer.

- resolver_error: remove bad semicolon

- RELEASE-NOTES: synced with c4bc1d473f324

- anyauthput.c: stdint.h must not be included unconditionally
  
  As it is already included by curlbuild.h if it exists on the platform it
  was included here superfluously anyway.
  
  Reported by: Dagobert Michelsen
  Bug: http://curl.haxx.se/bug/view.cgi?id=3294509

- gai_strerror: provide private implementation
  
  There are systems (like NetWare) without its own gai_strerror()
  function.

- treaded-resolver: better error messages
  
  Now use gai_strerror() to get proper error messages when getaddrinfo()
  has failed. Detect the function in configure.
  
  Code based on work and suggestions by Jeff Pohlmeyer and Guenter Knauf

- proxy: allow socks:// prefix in proxy string
  
  Inspired by a patch from OB.Conseil. Added test case 708 to verify.

- [Zmey Petroff brought this change]

  CMake: improve library search, implement install.
  
  Improved library search by check_function_exists_concat() macro:
  it does not revert the list of libraries any more.
  
  Improved OpenSSL library search: first find zlib, then search for
  openssl libraries that may depend on zlib.
  
  For Unix: openssl libraries can now be detected in nonstandard
  locations. Supply CMAKE_LIBRARY_PATH to CMake on command line.
  
  Added installation capability (very basic one yet).

- multi-socks: fix connect to proxy
  
  When connecting to a socks or similar proxy we do the proxy handshake at
  once when we know the TCP connect is completed and we only consider the
  "connection" complete after the proxy handshake. This fixes test 564
  which is now no longer considered disabled.
  
  Reported by: Dmitri Shubin
  Bug: http://curl.haxx.se/mail/lib-2011-04/0127.html

- cleanup: remove old unused debug code

Dan Fandrich (27 Apr 2011)
- Make checksrc.pl work on out-of-tree builds
  
  Source files given with absolute paths do not have the
  -D directory specifier prepended.

Daniel Stenberg (27 Apr 2011)
- make: add checksrc.pl to dist

- make: add 'checksrc' as target to check code style
  
  The make target checksrc now works in the root makefile and in both the
  src and lib directories.
  
  It is also run automatically on "all" if configure --enable-debug was
  used.

- checksrc: whitespace and code style cleanup
  
  Make everything adhere to the standards upheld by checksrc.pl and now
  run checksrc from the makefile on debug builds.

- checksrc: add -W to allow a file to be whitelisted
  
  Useful when a known file just doesn't comply and there's no intention to
  make it do so.

- whitespace cleanup: no space first in conditionals
  
  "if(a)" is our style, not "if( a )"

- lib/make: run checksrc.pl once for all files
  
  Since it now supports multiple files this will be faster and will show
  problems for more file than one at a time - more convenient.

- checksrc: scan many files, more checks
  
  It now scans multiple files and outputs an error+warning count summary
  at the end in case at least one was detected.
  
  -D can be used to specify in which dir the files are located
  
  The script now scans for conditions that starts with a space for
  if/while/for lines.

- Makefile: run checksrc if debug enabled
  
  And make the build fail if a warning or error was detected

- checksrc: exit error code if warnings or errors

- SSH: move knownhost logic to separate function

- source cleanup: unify look, style and indent levels
  
  By the use of a the new lib/checksrc.pl script that checks that our
  basic source style rules are followed.

Guenter Knauf (27 Apr 2011)
- Windows native IDN fixes.
  
  For now provide prototypes instead of including the
  non-standard normalisation.h which is only available in the
  "Internationalized Domain Names Mitigation APIs" download.

Dan Fandrich (25 Apr 2011)
- Fixed compiler warning in Windows SSPI case

- Fixed compilation when the synchronous resolver is used

- Added new resolver sources to Symbian and VC6 build files

Daniel Stenberg (25 Apr 2011)
- hostip: comment fixed to state current situation

- async resolvers: further cleanups
  
  asyn-ares.c and asyn-thread.c are two separate backends that implement
  the same (internal) async resolver API for libcurl to use. Backend is
  specified at build time.
  
  The internal resolver API is defined in asyn.h for asynch resolvers.

- asynch resolvers: cleanup
  
  Fixed indents, coding conventions and white space edits.
  
  Modified the c-ares completion callback function to again NOT read the
  conn data when the ares handle is being taken down as then it may have
  been freed already.

- [Vsevolod Novikov brought this change]

  asynch resolvers: unified
  
  Introducing an internal API for handling of different async resolver
  backends.

Guenter Knauf (24 Apr 2011)
- Enabled OpenWatcom native Windows IDN build.
  
  For now we directly import the Idn* symbols with the linker;
  an upcoming release of OWC will have these added to the import
  lib normaliz.lib, and prototypes are added to winnnls.h.

Daniel Stenberg (22 Apr 2011)
- NTLM: work with unicode
  
  Rewritten code from a patch brought by Matteo Rocco.

- bump version: work towards 7.21.7

- THANKS: contributors from 7.21.6

Version 7.21.6 (22 Apr 2011)

Daniel Stenberg (22 Apr 2011)
- RELEASE-NOTES: two more contributors

Dan Fandrich (21 Apr 2011)
- Fixed test 1023 when using daily snapshots

- Include unistd.h to declare close()

Julien Chaffraix (21 Apr 2011)
- [Fabian Keil brought this change]

  In lib/, change 'wanna' to 'want to'.
  
  Found with codespell.

- [Fabian Keil brought this change]

  Fix spelling errors in buildconf
  
  Found with codespell.

- [Fabian Keil brought this change]

  Fix spelling errors in src/
  
  Found with codespell.

- [Fabian Keil brought this change]

  Fix spelling errors in include/

- [Fabian Keil brought this change]

  Fix a couple of spelling errors in lib/
  
  Found with codespell.

- transfer.c: Fixed indentation in readwrite_data.

Dan Fandrich (20 Apr 2011)
- Fixed closing test tag

Daniel Stenberg (20 Apr 2011)
- RELEASE-NOTES: synced with 3242abd87a1262

- SFTP: close file before postquote
  
  Make sure that files are closed before the post quote commands run as if
  they operate on the just transferred file they could otherwise easily
  fail.
  
  Patch by: Rajesh Naganathan (edited)

Dan Fandrich (20 Apr 2011)
- Fixed test 1022 when using daily snapshots

Daniel Stenberg (20 Apr 2011)
- Curl_http_connect: detect HTTPS properly after CONNECT
  
  libcurl failed to check the correct struct for HTTPS after CONNECT was
  issued to the proxy, so it didn't do the TLS handshake and subsequently
  failed the connection. A regression released in 7.21.5 (introduced
  around commit 8831000bc07de).
  
  Bug: http://curl.haxx.se/mail/lib-2011-04/0134.html
  Reported by: Josue Andrade Gomes

- curl_easy_setopt.3: CURLOPT_PROXYTYPE clarification
  
  When set to a HTTP 1.0 proxy, that only affects the CONNECT request and
  not the regular HTTP request.

- [Gisle Vanem brought this change]

  CURL_DOES_CONVERSIONS: fixes
  
  Made it compile and work again after the code move.

- CURL_DOES_CONVERSIONS: cleanup
  
  Massively reduce #ifdefs all over (23 #ifdef lines less so far)
  Moved conversion-specific code to non-ascii.c

Guenter Knauf (19 Apr 2011)
- Improve MinGW static makefile builds.
  
  It is now possible to use any combination of features without
  having to 1st add makefile targets to the main makefile. The
  main makefile now passes the 'mingw32-feat1-feat2' as var CFG,
  and the ./[lib|src]/Makefile.m32 parses the CFG var to determine
  the features to be enabled.

- Enabled MinGW native Windows IDN build.

- Windows native IDN fixes.
  
  changed windows.h include to system header;
  changed obsolete 2nd check for str_w to str_utf8 in order to catch
  malloc() failure and avoid a free(NULL);
  changed calls to GetLastError() to void to kill unsused var compiler
  warnings;
  moved one call to GetLastError() into else case so that its only
  called when WideCharToMultiByte() really fails.

- Windows native IDN fixes.
  
  Provide prototype for curl_win32_idn_to_ascii();
  remove wrong 3rd parameter from curl_win32_idn_to_ascii() call.

Daniel Stenberg (19 Apr 2011)
- curl-config: fix version output
  
  do the s/VERSION/CURLVERSION replacement for the human redable output
  for --checkfor
  
  Reported by: Ryan Schmidt

- RELEASE-NOTES: synced with 5aae3c13e2

Guenter Knauf (19 Apr 2011)
- Updated default (recommended) dependency versions.

- Updated default (recommended) dependency versions.

Daniel Stenberg (18 Apr 2011)
- transfer-encoding: document the options
  
  The new libcurl and command line options are now described.

- transfer-encoding: added new option and cmdline
  
  Added CURLOPT_TRANSFER_ENCODING as the option to set to request Transfer
  Encoding in HTTP requests (if built zlib enabled). I also renamed
  CURLOPT_ENCODING to CURLOPT_ACCEPT_ENCODING (while keeping the old name
  around) to reduce the confusion when we have to encoding options for
  HTTP.
  
  --tr-encoding is now the new command line option for curl to request
  this, and thus I updated the test cases accordingly.

- CURLE_BAD_CONTENT_ENCODING: now used for transfer encoding too

- TE: do the Connection: header
  
  When TE: is inserted in the request, we must add a "Connection: TE" as
  well to be HTTP 1.1 compliant. If a custom Connection: header is passed
  in, we must use that and only append TE to it. Test case 1125 verifies
  TE: + custom Connection:.

- test1124: verify gzip AND chunked transfer-encoding

- TE: rename struct field content_encoding
  
  Since this struct member is used in the code to determine what and how
  to decode automatically and since it is now also used for compressed
  Transfer-Encodings, I renamed it to the more suitable 'auto_decoding'

- HTTP: add support for gzip and deflate Transfer-Encoding
  
  Transfer-Encoding differs from Content-Encoding in a few subtle ways,
  but primarily it concerns the transfer only and not the content so when
  discovered to be compressed we know we have to uncompress it. There will
  only arrive compressed transfers in a response after we have requested
  them with the appropriate TE: header.
  
  Test case 1122 and 1123 verify.

Patrick Monnerat (18 Apr 2011)
- OS400 pragma comment: replace (date) by (user, __DATE__) to include year.

- Augment RPG binding with "OLDIES" definitions.
  Fix OS400 LDAP wrappers: strings were non null-terminated.

Daniel Stenberg (18 Apr 2011)
- curl-config: fix --version
  
  curl-config --version didn't output the correct version string (bug
  introduced in commit 0355e33b5f7b234cf3), and unfortunately the test
  case 1022 that was supposed to check for this was broken.
  
  This change fixes the test to detect this problem and it fixes the
  output.
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3288727

- RELEASE-NOTES: updated contributor amount

- THANKS: 11 new contributors from 7.21.5

- 7.21.6: next planned release number

Version 7.21.5 (17 Apr 2011)

Daniel Stenberg (17 Apr 2011)
- base64.c: removed wrong comment

- INTERNALS: clean up
  
  Clarified the release procedure

- TODO-RELEASE: push the remaining ones to next release
  
  As we're closing in on the release, I give up on the remaining ones but
  I leave them in here for now to try to fix for next release.
  
  I removed the 281 issue about warnings from the statical analyzer scans,
  as they seem to be mostly false positives at this point.

- RELEASE-NOTES: synced with c246f63a71

- Curl_ssl_shutdown: restore send/recv pointers
  
  When going back from SSL, put the send/recv function pointers back to
  the plain versions.
  
  Bug: http://curl.haxx.se/mail/lib-2011-04/0070.html
  Reported by: Mehmet Bozkurt

Guenter Knauf (16 Apr 2011)
- Changed email per Gisle's request.

Daniel Stenberg (14 Apr 2011)
- curl.1: error code update
  
  Error 4 has got a meaning
  
  Error 48 has got a slightly different meaning now

- FAQ: c-ares does ipv6 pretty well now

- [Andrei Benea brought this change]

  Fix a buffer overflow in pubkey_show().

Guenter Knauf (14 Apr 2011)
- Replaced var manipulations with perlish hacks.

Dan Fandrich (12 Apr 2011)
- Updated minimum binary sizes

Daniel Stenberg (12 Apr 2011)
- configure: libssh2 link fix without pkg-config
  
  The script didn't properly add the -lssh2 link option when it enabled
  libssh2 linking where pkg-config isn't found.
  
  Reported by: Saqib Ali
  Bug: http://curl.haxx.se/mail/lib-2011-04/0054.html

- RELEASE-NOTES: synced with f01df197981

- checkconnection: don't call with NULL pointer
  
  When checking if an existing RTSP connection is alive or not, the
  checkconnection function might be called with a SessionHandle pointer
  being NULL and then referenced causing a crash. This happened only using
  the multi interface.
  
  Reported by: Tinus van den Berg
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3280739

- curl.1: spell out the -O target directory
  
  When using -O the file will be saved in the current directory, and this
  is now spelled out clearly.

- OpenSSL: no-sslv2 aware
  
  Allow openSSL without SSL2 to be used. This fix is inspired by the fix
  provided by Cristian Rodríguez.
  
  Reported by: Cristian Rodríguez

- curl_easy_setopt.3: CURLOPT_RESOLVE typo version
  
  Reported by: Hongli Lai

Kamil Dudka (8 Apr 2011)
- nss: allow to use multiple client certificates for a single host
  
  In case a client certificate is used, invalidate SSL session cache
  at the end of a session.  This forces NSS to ask for a new client
  certificate when connecting second time to the same host.
  
  Bug: https://bugzilla.redhat.com/689031

Daniel Stenberg (7 Apr 2011)
- mk-ca-bundle.pl: show full URL in output
  
  When I decided to search for a potential error with the cacert bundle it
  struck me I wanted to see the full source URL in the output...

Dan Fandrich (7 Apr 2011)
- Added mention of FTP proxies

Daniel Stenberg (7 Apr 2011)
- [Gisle Vanem brought this change]

  src/Makefile.b32: updates
  
  * Rename the object object directory from 'objs' to 'BCC_obj' to be in
   sync with my previous patch for lib/Makefile.b32.
  
  * Turn off these warnings to keep the build totally silent (with CBuilder-6
   that is).
    -w-inl    8026 Functions X are not expanded inline.
    -w-pia   8060 Possibly incorrect assignment
    -w-pin  8061 Initialization is only partially bracketed
   (same added in src/Makefile.b32)
  
  * $(MKDIR) and $(RMDIR) have been replaced with the shell-commands 'md'
   and 'rd'. When having MingW/Msys programs 'mkdir.exe' and 'rmdir.exe' in
  $PATH, this confuses Borland's make and the result (the cleaning etc.) would
   not be as expected.
  
  * Removed the preprocessing step; no need for PP_CMD and the .int files.
   curl.exe builds fine w/o and the makefile gets simpler.
  
  * Added a target for creating a compressed hugehelp.c if WITH_ZLIB is  defined.
  It assumes groff, gzip and perl is available if such an "advanced"  users
  requests it. Okay? BTW. My groff and Perl needs unix-slashes ('/').
   Other perls should handle both forms ('/' and '\').

- [Gisle Vanem brought this change]

  lib/Makefile.b32: updates
  
  * Rename the object object directory from 'objs' to 'BCC_obj'. I feel
   it should be named properly. Ref. Makefile.Watcom where it's called
   'WC_Win32.obj'.
  
  * Turn off these warnings to keep the build totally silent (with CBuilder-6
   that is).
    -w-inl    8026 Functions X are not expanded inline.
    -w-pia   8060 Possibly incorrect assignment
    -w-pin  8061 Initialization is only partially bracketed
  
  I'm sure the warnings could be fixed the "proper" way or with some added
  "#pragma" statements. But that just clutters the sources IMHO.
  
  * $(MKDIR) and $(RMDIR) have been replaced with the shell-commands 'md'
   and 'rd'. When having MingW/Msys programs 'mkdir.exe' and 'rmdir.exe' in
  $PATH, this confuses Borland's make and the result (the cleaning etc.) would
   not be as expected.
  
  * Added a ".path.int = $(OBJDIR)" to tell make where the $(PREPROCESSED)
   files are. Why we need the preprocess step in the fist place is beyond me
  (Yang?). But I'll leave that for now.

- [Gisle Vanem brought this change]

  examples/makefile.dj: update email

- TODO-RELEASE: deleted 4 issues
  
  These problems have gotten no interest/feedback from users:
  
  -275 - Introduce a way to avoid sending USER for FTP connections
  -288 - bug 3219997 curl rtmp request curl: (55) select/poll returned error
  
  This problem is rather an autoconf bug with little user interest and it
  can be worked around with an older autoconf:
  
  -278 - "Configure  $as_echo does not work"
  
  This problem is not fixed:
  
  -286 - bug 3214223 Pipelined HTTP requests with a zero-length body broken

- [Chris Smowton brought this change]

  HTTP pipelining: Fix handling of zero-length responses
  
  Also add test case 584 for the same
  
  Bug: http://curl.haxx.se/bug/view.cgi?id=3214223

- libcurl.pc: version number fix
  
  This hasn't show the version number correctly since the $VERSION change
  in the configure, and now it works again.

Dan Fandrich (5 Apr 2011)
- Changed some nonportable types

- Don't list NTLM in curl-config when HTTP is disabled
  
  Also, fixed Curl_proxyCONNECT() stub with HTTP disabled.