CHANGES [plain text]

_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|

Changelog

Version 7.30.0 (12 Apr 2013)

Daniel Stenberg (12 Apr 2013)
- RELEASE-NOTES: cleaned up for 7.30 (synced with 5c5e1a1cd20)

Most notable the security advisory:
http://curl.haxx.se/docs/adv_20130412.html

- test1218: another cookie tailmatch test

... and make 1216 also verify it with a file input

These tests verify commit 3604fde3d3c9b0d, the fix for the "cookie
domain tailmatch" vulnerability. See
http://curl.haxx.se/docs/adv_20130412.html

- [YAMADA Yasuharu brought this change]

cookie: fix tailmatching to prevent cross-domain leakage

Cookies set for 'example.com' could accidentaly also be sent by libcurl
to the 'bexample.com' (ie with a prefix to the first domain name).

This is a security vulnerabilty, CVE-2013-1944.

Bug: http://curl.haxx.se/docs/adv_20130412.html

Guenter Knauf (11 Apr 2013)
- Enabled MinGW sync resolver builds.

Yang Tse (10 Apr 2013)
- if2ip.c: fix compiler warning

Guenter Knauf (10 Apr 2013)
- Fixed lost OpenSSL output with "-t" - followup.

The previously applied patch didnt work on Windows; we cant rely
on shell commands like 'echo' since they act diffently on each
platform and each shell.
In order to keep this script platform-independent the code must
only use pure Perl.

Daniel Stenberg (9 Apr 2013)
- test1217: verify parsing 257 responses with "rubbish" before path

Test 1217 verifies commit e0fb2d86c9f78, and without that change this
test fails.

- [Bill Middlecamp brought this change]

FTP: handle "rubbish" in front of directory name in 257 responses

When doing PWD, there's a 257 response which apparently some servers
prefix with a comment before the path instead of after it as is
otherwise the norm.

Failing to parse this, several otherwise legitimate use cases break.

Bug: http://curl.haxx.se/mail/lib-2013-04/0113.html

Guenter Knauf (9 Apr 2013)
- Fixed ares-enabled builds with static makefiles.

- Fixed lost OpenSSL output with "-t".

The OpenSSL pipe wrote to the final CA bundle file, but the encoded PEM
output wrote to a temporary file. Consequently, the OpenSSL output was
lost when the temp file was renamed to the final file at script finish
(overwriting the final file written earlier by openssl).
Patch posted to the list by Richard Michael (rmichael edgeofthenet org).

Daniel Stenberg (9 Apr 2013)
- test1216: test tailmatching cookie domains

This test is an attempt to repeat the problem YAMADA Yasuharu reported
at http://curl.haxx.se/mail/lib-2013-04/0108.html

- RELEASe-NOTES: synced with 29fdb2700f797

added "tcpkeepalive on Mac OS X"

Nick Zitzmann (8 Apr 2013)
- darwinssl: disable insecure ciphers by default

I noticed that aria2's SecureTransport code disables insecure ciphers such
as NULL, anonymous, IDEA, and weak-key ciphers used by SSLv3 and later.
That's a good idea, and now we do the same thing in order to prevent curl
from accessing a "secure" site that only negotiates insecure ciphersuites.

Daniel Stenberg (8 Apr 2013)
- [Robert Wruck brought this change]

tcpkeepalive: Support CURLOPT_TCP_KEEPIDLE on OSX

MacOS X doesn't have TCP_KEEPIDLE/TCP_KEEPINTVL but only a single
TCP_KEEPALIVE (see
http://developer.apple.com/library/mac/#DOCUMENTATION/Darwin/Reference/ManPages/man4/tcp.4.html).
Here is a patch for CURLOPT_TCP_KEEPIDLE on OSX platforms.

- configure: remove CURL_CHECK_FUNC_RECVFROM

1 - We don't use the results from the test and we never did. recvfrom()
is only used by the TFTP code and it has not caused any problems.

2 - the CURL_CHECK_FUNC_RECVFROM function is extremely slow

Steve Holme (8 Apr 2013)
- RELEASE-NOTES: Corrected duplicate NTLM memory leaks

- RELEASE-NOTES: Removed trailing full stop

Daniel Stenberg (8 Apr 2013)
- [Fabian Keil brought this change]

proxy: make ConnectionExists() check credential of proxyconnections too

Previously it only compared credentials if the requested needle
connection wasn't using a proxy. This caused NTLM authentication
failures when using proxies as the authentication code wasn't send on
the connection where the challenge arrived.

Added test 1215 to verify: NTLM server authentication through a proxy
(This is a modified copy of test 67)

- RELEASE-NOTES: sync with 704a5dfca9

- TODO-RELEASE: cleaned up, not really maintained lately

Marc Hoersken (7 Apr 2013)
- if2ip.c: Fixed another warning: unused parameter 'remote_scope'

Daniel Stenberg (7 Apr 2013)
- [Marc Hoersken brought this change]

cookie.c: Made cookie sort function more deterministic

Since qsort implementations vary with regards to handling the order
of similiar elements, this change makes the internal sort function
more deterministic by comparing path length first, then domain length
and finally the cookie name. Spotted with testcase 62 on Windows.

Marc Hoersken (7 Apr 2013)
- curl_schannel.c: Follow up on memory leak fix ae4558d

- Revert "getpart.pm: Strip carriage returns to fix Windows support"

This reverts commit e51b23c925a2721cf7c29b2b376d3d8903cfb067.
As discussed on the mailinglist, this was not the correct approach.

- http_negotiate.c: Fixed passing argument from incompatible pointer type

- ftp.c: Added missing brackets around ABOR command logic

- sockfilt.c: Fixed detection of client-side connection close

WINSOCK only:
Since FD_CLOSE is only signaled once, it may trigger at the same
time as FD_READ. Data actually being available makes it impossible
to detect that the connection was closed by checking that recv returns
zero. Another recv attempt could block the connection if it was
not closed. This workaround abuses exceptfds in conjunction with
readfds to signal that the connection has actually closed.

- curl_schannel.c: Fixed memory leak if connection was not successful

- if2ip.c: Fixed warning: unused parameter 'remote_scope'

- runtests.pl: Fixed --verbose parameter passed to http_pipe.py

- sockfilt.c: Reduce CPU load while running under a Windows PIPE

- tftpd.c: Apply sread timeout to the whole data transfer session

- getpart.pm: Strip carriage returns to fix Windows support

Daniel Stenberg (6 Apr 2013)
- ftp tests: libcurl returns CURLE_FTP_ACCEPT_FAILED better now

Since commit 57aeabcc1a20f, it handles errors on the control connection
while waiting for the data connection better.

Test 591 and 592 are updated accordingly.

- FTP: wait on both connections during active STOR state

When doing PORT and upload (STOR), this function needs to extract the
file descriptor for both connections so that it will respond immediately
when the server eventually connects back.

This flaw caused active connections to become unnecessary slow but they
would still often work due to the normal polling on a timeout. The bug
also would not occur if the server connected back very fast, like when
testing on local networks.

Bug: http://curl.haxx.se/bug/view.cgi?id=1183
Reported by: Daniel Theron

Marc Hoersken (6 Apr 2013)
- tftpd.c: Follow up cleanup and restore of previous sockopt

Daniel Stenberg (6 Apr 2013)
- [Kim Vandry brought this change]

connect: treat an interface bindlocal() problem as a non-fatal error

I am using curl_easy_setopt(CURLOPT_INTERFACE, "if!something") to force
transfers to use a particular interface but the transfer fails with
CURLE_INTERFACE_FAILED, "Failed binding local connection end" if the
interface I specify has no IPv6 address. The cause is as follows:

The remote hostname resolves successfully and has an IPv6 address and an
IPv4 address.

cURL attempts to connect to the IPv6 address first.

bindlocal (in lib/connect.c) fails because Curl_if2ip cannot find an
IPv6 address on the interface.

This is a fatal error in singleipconnect()

This change will make cURL try the next IP address in the list.

Also included are two changes related to IPv6 address scope:

- Filter the choice of address in Curl_if2ip to only consider addresses
with the same scope ID as the connection address (mismatched scope for
local and remote address does not result in a working connection).

- bindlocal was ignoring the scope ID of addresses returned by
Curl_if2ip . Now it uses them.

Bug: http://curl.haxx.se/bug/view.cgi?id=1189

Marc Hoersken (6 Apr 2013)
- tftpd.c: Fixed sread timeout on Windows by setting it manually

- ftp.pm: Added tskill to support Windows XP Home

- runtests.pl: Modularization of MinGW/Msys compatibility functions

- ftp.pm: Made Perl testsuite able to handle Windows processes

- util.c: Revert workaround eeefcdf, 6eb56e7 and e3787e8

- ftp.pm: Made Perl testsuite able to kill Windows processes

- util.c: Follow up cleanup on eeefcdf

Daniel Stenberg (6 Apr 2013)
- cpp: use #ifdef __MINGW32__ to avoid compiler complaints

... instead of just #if

Marc Hoersken (6 Apr 2013)
- util.c: Made write_pidfile write the correct PID on MinGW/Msys

This workaround fixes an issue on MinGW/Msys regarding the Perl
testsuite scripts not being able to signal or control the server
processes. The MinGW Perl runtime only sees the Msys processes and
their corresponding PIDs, but sockfilt (and other servers) wrote the
Windows PID into their PID-files. Since this PID is useless to the
testsuite, the write_pidfile function was changed to search for the
Msys PID and write that into the PID-file.

Daniel Stenberg (5 Apr 2013)
- RELEASE-NOTES: synced with 5e722b2d09087

3 more bug fixes, 6 more contributors

Marc Hoersken (5 Apr 2013)
- sockfilt.c: Fixed handling of multiple fds being signaled

Kamil Dudka (5 Apr 2013)
- curl_global_init.3: improve description of CURL_GLOBAL_ALL

Reported by: Tomas Mlcoch

- examples/multi-single.c: fix the order of destructions

... so that it adheres to the API documentation.

Reported by: Tomas Mlcoch

Daniel Stenberg (5 Apr 2013)
- Curl_open: restore default MAXCONNECTS to 5

At some point recently we lost the default value for the easy handle's
connection cache, and this change puts it back to 5 - which is the
former default value and it is documented in the curl_easy_setopt.3 man
page.

Marc Hoersken (4 Apr 2013)
- sockfilt.c: Added wrapper functions to fix Windows console issues

The new read and write wrapper functions support reading from stdin
and writing to stdout/stderr on Windows by using the appropriate
Windows API functions and data types.

Yang Tse (4 Apr 2013)
- lib1509.c: fix compiler warnings

- easy.c: fix compiler warning

Daniel Stenberg (4 Apr 2013)
- --engine: spellfix the help message

Reported by: Fredrik Thulin

Yang Tse (4 Apr 2013)
- http_negotiate.c: follow-up for commit 3dcc1a9c

Linus Nielsen Feltzing (4 Apr 2013)
- easy: Fix the broken CURLOPT_MAXCONNECTS option

Copy the CURLOPT_MAXCONNECTS option to CURLMOPT_MAXCONNECTS in
curl_easy_perform().

Bug: http://curl.haxx.se/bug/view.cgi?id=1212
Reported-by: Steven Gu

Guenter Knauf (4 Apr 2013)
- Updated copyright date.

- Another small output fix for --help and --version.

Yang Tse (4 Apr 2013)
- http_negotiate.c: fix several SPNEGO memory handling issues

Guenter Knauf (4 Apr 2013)
- Added a cont to specify base64 line wrap.

- Fixed version output.

- Added support for --help and --version options.

- Added option to specify length of base64 output.

Based on a patch posted to the list by Richard Michael.

Daniel Stenberg (3 Apr 2013)
- curl_easy_setopt.3: CURLOPT_HTTPGET disables CURLOPT_UPLOAD

- [Yasuharu Yamada brought this change]

Curl_cookie_add: only increase numcookies for new cookies

Count up numcookies in Curl_cookie_add() only when cookie is new one

- SO_SNDBUF: don't set SNDBUF for win32 versions vista or later

The Microsoft knowledge-base article
http://support.microsoft.com/kb/823764 describes how to use SNDBUF to
overcome a performance shortcoming in winsock, but it doesn't apply to
Windows Vista and later versions. If the described SNDBUF magic is
applied when running on those more recent Windows versions, it seems to
instead have the reversed effect in many cases and thus make libcurl
perform less good on those systems.

This fix thus adds a run-time version-check that does the SNDBUF magic
conditionally depending if it is deemed necessary or not.

Bug: http://curl.haxx.se/bug/view.cgi?id=1188
Reported by: Andrew Kurushin
Tested by: Christian Hägele

Nick Zitzmann (1 Apr 2013)
- darwinssl: additional descriptive messages of SSL handshake errors

(This doesn't need to appear in the release notes.)

Guenter Knauf (1 Apr 2013)
- Added dns and connect time to output.

Daniel Stenberg (1 Apr 2013)
- RELEASE-NOTES: synced with 0614b902136

- code-policed

- tcpkeepalive: support TCP_KEEPIDLE/TCP_KEEPINTVL on win32

Patch by: Robert Wruck
Bug: http://curl.haxx.se/bug/view.cgi?id=1209

- BINDINGS: BBHTTP is a cocoa binding, Julia has a binding

- ftp_sendquote: use PPSENDF, not FTPSENDF

The last remaining code piece that still used FTPSENDF now uses PPSENDF.
In the problematic case, a PREQUOTE series was done on a re-used
connection when Curl_pp_init() hadn't been called so it had messed up
pointers. The init call is done properly from Curl_pp_sendf() so this
change fixes this particular crash.

Bug: http://curl.haxx.se/mail/lib-2013-03/0319.html
Reported by: Sam Deane

Steve Holme (27 Mar 2013)
- RELEASE-NOTES: Corrected typo

Daniel Stenberg (27 Mar 2013)
- [Clemens Gruber brought this change]

multi-uv.c: remove unused variable

- RELEASE-NOTES: add two references

- test1509: verify proxy header response headers count

Modified sws to support and use custom CONNECT responses instead of the
previously naive hard-coded version. Made the HTTP test server able to
extract test case number from the host name in a CONNECT request by
finding the number after the last dot. It makes 'machine.moo.123' use
test case 123.

Adapted a larger amount of tests to the new <connect> style.

Bug: http://curl.haxx.se/bug/view.cgi?id=1204
Reported by: Martin Jansen

- [Clemens Gruber brought this change]

Added libuv example multi-uv.c

Yang Tse (25 Mar 2013)
- NTLM: fix several NTLM code paths memory leaks

- WIN32 MemoryTracking: track wcsdup() _wcsdup() and _tcsdup() usage

As of 25-mar-2013 wcsdup() _wcsdup() and _tcsdup() are only used in
WIN32 specific code, so tracking of these has not been extended for
other build targets. Without this fix, memory tracking system on
WIN32 builds, when using these functions, would provide misleading
results.

In order to properly extend this support for all targets curl.h
would have to define curl_wcsdup_callback prototype and consequently
wchar_t should be visible before that in curl.h. IOW curl_wchar_t
defined in curlbuild.h and this pulling whatever system header is
required to get wchar_t definition.

Additionally a new curl_global_init_mem() function that also receives
user defined wcsdup() callback would be required.

- curl_ntlm_msgs.c: revert commit 463082bea4

reverts unreleased invalid memory leak fix

Daniel Stenberg (23 Mar 2013)
- RELEASE-NOTES: synced with bc6037ed3ec02

More changes, bugfixes and contributors!

- [Martin Jansen brought this change]

Curl_proxyCONNECT: count received headers

Proxy servers tend to add their own headers at the beginning of
responses. The size of these headers was not taken into account by
CURLINFO_HEADER_SIZE before this change.

Bug: http://curl.haxx.se/bug/view.cgi?id=1204

Steve Holme (21 Mar 2013)
- sasl: Corrected a few violations of the curl coding standards

Corrected some incorrectly positioned pointer variable declarations to
be "char *" rather than "char* ".

- multi.c: Corrected a couple of violations of the curl coding standards

Corrected some incorrectly positioned pointer variable declarations to
be "type *" rather than "type* ".

- imap-tests: Added CRLF to reply data to be compliant with RFC-822

Updated the reply data in tests: 800, 801, 802, 804 and 1321 to possess
the CRLF as per RFC-822.

- multi.c: Fix compilation warning

warning: an enumerated type is mixed with another type

- multi.c: fix compilation error

warning: conversion from enumeration type to different enumeration type

- lib1900.c: fix compilation warning

warning: declaration of 'time' shadows a global declaration

Yang Tse (20 Mar 2013)
- [John E. Malmberg brought this change]

build_vms.com: use existing curlbuild.h and parsing fix

This patch removes building curlbuild.h from the build_vms.com procedure
and uses the one in the daily or release tarball instead.

packages/vms/build_curlbuild_h.com is obsolete with this change.

Accessing the library module name "tool_main" needs different handling
when the optional extended parsing is enabled.

Tested on IA64/VMS 8.4 and VAX/VMS 7.3

Nick Zitzmann (19 Mar 2013)
- darwinssl: disable ECC ciphers under Mountain Lion by default

I found out that ECC doesn't work as of OS X 10.8.3, so those ciphers are
turned off until the next point release of OS X.

Steve Holme (18 Mar 2013)
- FEATURES: Small tidy up for constancy and grammar

Daniel Stenberg (18 Mar 2013)
- [Oliver Schindler brought this change]

Curl_proxyCONNECT: clear 'rewindaftersend' on success

After having done a POST over a CONNECT request, the 'rewindaftersend'
boolean could be holding the previous value which could lead to badness.

This should be tested for in a new test case!

Bug: https://groups.google.com/d/msg/msysgit/B31LNftR4BI/KhRTz0iuGmUJ

Steve Holme (18 Mar 2013)
- TODO: Reordered the protocol and security sections

Moved SMTP, POP3, IMAP and New Protocol sections to be listed after the
other protocols (FTP, HTTP and TELNET) and SASL to be after SSL and
GnuTLS as these are all security related.

Additionally fixed numbering of the SSL and GnuTLS sections as they
weren't consecutive.

Yang Tse (18 Mar 2013)
- tests: specify 'text' mode for some output files in verify section

Steve Holme (17 Mar 2013)
- imap: Fixed incorrect initial response generation for SASL AUTHENTICATE

Fixed incorrect initial response generation for the NTLM and LOGIN SASL
authentication mechanisms when the SASL-IR was detected.

Introduced in commit: 6da7dc026c14.

- FEATURES: Expanded the supported enhanced IMAP command list

- TODO: Corrected typo in TOC

- TODO: Added IMAP section and removed unused Other protocols section

- TODO: Added graceful base64 decoding failure to SMTP and POP3

- TODO: Corrected typo on section 10.2 heading

Yang Tse (16 Mar 2013)
- tests: 96, 558, 1330: strip build subdirectory dependent leading path

Steve Holme (15 Mar 2013)
- TODO: Added section 10.2 Initial response to POP3 to do list

- imap-tests: Corrected copy/paste error in test808 reply data

Yang Tse (15 Mar 2013)
- unit1330.c: fix date

- tests: add #96 #558 and #1330

These verfy that the 'memory tracking' subsystem is actually doing its
job when using curl tool (#96), a test in libtest (#558) and also a unit
test (#1330), in order to prevent regressions in this functionallity.

Steve Holme (15 Mar 2013)
- imap-tests: Added test808 for custom EXAMINE command

Daniel Stenberg (15 Mar 2013)
- HTTP proxy: insert slash in URL if missing

curl has been accepting URLs using slightly wrong syntax for a long
time, such as when completely missing as slash "http://example.org" or
missing a slash when a query part is given
"http://example.org?q=foobar".

curl would translate these into a legitimate HTTP request to servers,
although as was shown in bug #1206 it was not adjusted properly in the
cases where a HTTP proxy was used.

Test 1213 and 1214 were added to the test suite to verify this fix.

The test HTTP server was adjusted to allow us to specify test number in
the host name only without using any slashes in a given URL.

Bug: http://curl.haxx.se/bug/view.cgi?id=1206
Reported by: ScottJi

Steve Holme (14 Mar 2013)
- ftpserver.pl: Added EXAMINE_imap() for IMAP EXAMINE commands

Used hard coded data from RFC-3501 section 6.3.2.

Yang Tse (14 Mar 2013)
- curl_memory.h: introduce CURLX_NO_MEMORY_CALLBACKS usage possibility

This commit alone does not fix anything nor modifies existing
interfaces or behaviors, although it is a prerequisite for other
fixes.

- Makefile.vc6: add missing files

Linus Nielsen Feltzing (14 Mar 2013)
- pipelining: Remove dead code.

- Multiple pipelines and limiting the number of connections.

Introducing a number of options to the multi interface that
allows for multiple pipelines to the same host, in order to
optimize the balance between the penalty for opening new
connections and the potential pipelining latency.

Two new options for limiting the number of connections:

CURLMOPT_MAX_HOST_CONNECTIONS - Limits the number of running connections
to the same host. When adding a handle that exceeds this limit,
that handle will be put in a pending state until another handle is
finished, so we can reuse the connection.

CURLMOPT_MAX_TOTAL_CONNECTIONS - Limits the number of connections in total.
When adding a handle that exceeds this limit,
that handle will be put in a pending state until another handle is
finished. The free connection will then be reused, if possible, or
closed if the pending handle can't reuse it.

Several new options for pipelining:

CURLMOPT_MAX_PIPELINE_LENGTH - Limits the pipeling length. If a
pipeline is "full" when a connection is to be reused, a new connection
will be opened if the CURLMOPT_MAX_xxx_CONNECTIONS limits allow it.
If not, the handle will be put in a pending state until a connection is
ready (either free or a pipe got shorter).

CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE - A pipelined connection will not
be reused if it is currently processing a transfer with a content
length that is larger than this.

CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE - A pipelined connection will not
be reused if it is currently processing a chunk larger than this.

CURLMOPT_PIPELINING_SITE_BL - A blacklist of hosts that don't allow
pipelining.

CURLMOPT_PIPELINING_SERVER_BL - A blacklist of server types that don't allow
pipelining.

See the curl_multi_setopt() man page for details.

Yang Tse (13 Mar 2013)
- tool_main.c: remove redundant vms_show storage-class specifier

vms_show 'extern' storage-class specifier removed from tool_main.c due to...

- Advice from Tor Arntsen: http://curl.haxx.se/mail/lib-2013-03/0164.html

- HP OpenVMS docs stating that 'Extern is the default storage class for
variables declared outside a function.'
http://h71000.www7.hp.com/commercial/c/docs/dec_c_help_5.html
(Storage_Classes section)

- test509: libcurl initialization with memory callbacks and actual usage

Steve Holme (13 Mar 2013)
- pop3: Removed unnecessary transfer cancellation

Following commit e450f66a02d8 and the changes in the multi interface
being used internally, from 7.29.0, the transfer cancellation in
pop3_dophase_done() is no longer required.

Yang Tse (13 Mar 2013)
- Makefile.am: add VMS files not being included in tarball

- [Tom Grace brought this change]

build_vms.com: VMS build fixes

Added missing slash in cc_full_list.
Removed unwanted extra quotes inside symbol tool_main
for non-VAX architectures that triggered link failure.
Replaced curl_sys_inc with sys_inc.

- [Tom Grace brought this change]

tool_main.c: fix VMS global variable storage-class specifier

An extern submits a psect and a global reference to the linker to point
to it. Using "extern int vms_show = 0" also creates a globaldef.

The use of the extern by itself does declare a psect but does not declare
a globalsymbol. It does declare a globalref. But the linker needs one and
only one globaldef or there is an error.

Patrick Monnerat (12 Mar 2013)
- OS400: synchronize RPG binding

Steve Holme (12 Mar 2013)
- pop3: Fixed continuous wait when using --ftp-list

Don't initiate a transfer when using --ftp-list.

Kamil Dudka (12 Mar 2013)
- [Zdenek Pavlas brought this change]

curl_global_init: accept the CURL_GLOBAL_ACK_EINTR flag

The flag can be used in pycurl-based applications where using the multi
interface would not be acceptable because of the performance lost caused
by implementing the select() loop in python.

Bug: http://curl.haxx.se/bug/view.cgi?id=1168
Downstream Bug: https://bugzilla.redhat.com/919127

- easy: do not ignore poll() failures other than EINTR

Yang Tse (12 Mar 2013)
- curl.h: stricter CURL_EXTERN linkage decorations logic

No API change involved.

Info: http://curl.haxx.se/mail/lib-2013-02/0234.html

Daniel Stenberg (11 Mar 2013)
- THANKS: Latin-1'ified Jiri's name

Steve Holme (11 Mar 2013)
- test806: Added CRLF to reply data to be compliant with RFC-822

Daniel Stenberg (11 Mar 2013)
- test805: added crlf newlines to make data size match

since mails sent are supposed to have CRLF line endings I added them and
now the data size after (\Seen) matches again properly

- test: fix newline for the data check of 807

Yang Tse (11 Mar 2013)
- test801 to test807: fix protocol section line endings

Steve Holme (10 Mar 2013)
- Makefile.am: Corrected a couple of spurious tab characters

Corrected a couple of tab characters between test702 and test703, and
between test900 and test901 which should be spaces.

- [Jiri Hruska brought this change]

imap: Added test807 for custom request functionality (STORE)

- [Jiri Hruska brought this change]

imap: Added test806 for IMAP (folder) LIST command

- [Jiri Hruska brought this change]

imap: Added test805 for APPEND functionality

- [Jiri Hruska brought this change]

imap: Added test804 for skipping SELECT if in the same mailbox

- [Jiri Hruska brought this change]

imap: Added test802 and test803 for UIDVALIDITY verification

Added one test for a request with matching UIDVALIDITY and one which is
a mismatched request that will fail.

- [Jiri Hruska brought this change]

imap: Added test801 for UID and SECTION URL parameters

- [Jiri Hruska brought this change]

imap-tests: Accept quoted parameters in ftpserver.pl

Any IMAP parameter can come in escaped and in double quotes. Added a
simple function to unquote the command parameters and applied it to
the IMAP command handlers.

- [Jiri Hruska brought this change]

tests: Fix ftpserver.pl indentation

The whole of FETCH_imap() had one extra space of indentation, whilst
APPEND_imap() used indentation of 2 instead of 4 in places.

- Makefile.am: Corrected end of line filler character

The majority of lines, that specify a test file for inclusion, end with
a tab character before the slash whilst some end with a space. Corrected
those that end with a space to end with a tab character as well.

- email-tests: Updated the test data that corresponds to the test number

Finished segregating the email protocol tests, into their own protocol
based ranges, in preparation of adding more e-mail related tests to the
test suite.

- email-tests: Renamed the IMAP test to be 800

Continued segregating the email protocol tests, into their own protocol
based ranges, in preparation of adding more e-mail related tests to the
test suite.

- email-tests: Renamed the SMTP tests to be in the range 900-906

Continued segregating the email protocol tests, into their own protocol
based ranges, in preparation of adding more e-mail related tests to the
test suite.

- email-tests: Renamed the POP3 tests to be in the range 850-857

Started segregating the email protocol tests, into their own protocol
based ranges, in preparation of adding more e-mail related tests to the
test suite.

Daniel Stenberg (10 Mar 2013)
- hiperfifo: updated to use current libevent API

Patch by: Myk Taylor

Steve Holme (10 Mar 2013)
- imap: Reworked some function descriptions

- imap: Added some missing comments to imap_sendf()

- email: Removed hard returns from init functions

Daniel Stenberg (9 Mar 2013)
- curl_multi_wait: avoid second loop if nothing to do

... hopefully this will also make clang-analyzer stop warning on
potentional NULL dereferences (which were false positives anyway).

- multi_runsingle: avoid NULL dereference

When Curl_do() returns failure, the connection pointer could be NULL so
the code path following needs to that that into account.

Bug: http://curl.haxx.se/mail/lib-2013-03/0062.html
Reported by: Eric Hu

Steve Holme (9 Mar 2013)
- imap: Re-factored all perform based functions

Standardised the naming of all perform based functions to be in the form
imap_perform_something().

Daniel Stenberg (9 Mar 2013)
- [Cédric Deltheil brought this change]

examples/getinmemory.c: abort the transfer if not enough memory

No more use exit(3) but instead tell libcurl that no byte has been
written to let it return a `CURLE_WRITE_ERROR`. In addition, check
curl easy handle return code.

- RELEASE-NOTES: synced with ca3c0ed3a9c

8 more bugfixes, one change and a bunch of contributors

Yang Tse (9 Mar 2013)
- Makefile.am: empty AM_LDFLAGS definition for automake 1.7 compatibility

Steve Holme (9 Mar 2013)
- imap: Added description comments to all perform based functions

- imap: Removed the need for separate custom request functions

Moved the custom request processing into the LIST command as the logic
is the same.

- imap: Corrected typo in comment

Yang Tse (9 Mar 2013)
- Makefile.am: empty AM_LDFLAGS definition for automake 1.7 compatibility

Steve Holme (9 Mar 2013)
- imap: Moved imap_logout() to be grouped with the other perform functions

- email: Updated the function descriptions for the logout / quit functions

Updated the function description comments following commit 4838d196fdbf.

- email: Simplified the logout / quit functions

Moved the blocking state machine to the disconnect functions so that the
logout / quit functions are only responsible for sending the actual
command needed to logout or quit.

Additionally removed the hard return on failure.

- email: Tidied up the *_regular_transfer() functions

Added comments and simplified convoluted dophase_done comparison.

- email: Simplified nesting of if statements in *_doing() functions

Daniel Stenberg (8 Mar 2013)
- RELEASE-NOTES: mention that krb4 is up for consideration

Steve Holme (8 Mar 2013)
- imap: Fixed handling of untagged responses for the STORE custom command

Added an exception, for the STORE command, to the untagged response
processor in imap_endofresp() as servers will back respones containing
the FETCH keyword instead.

Yang Tse (8 Mar 2013)
- curlbuild.h.dist: enhance non-configure GCC ABI detection logic

GCC specific adjustments:

- check __ILP32__ before 32 and 64bit processor architectures in
order to detect ILP32 programming model on 64 bit processors
which, of course, also support LP64 programming model, when using
gcc 4.7 or newer.

- keep 32bit processor architecture checks in order to support gcc
versions older than 4.7 which don't define __ILP32__

- check __LP64__ for gcc 3.3 and newer, while keeping 64bit processor
architecture checks for older versions which don't define __LP64__

- curlbuild.h.dist: fix GCC build on ARM systems without configure script

Bug: http://curl.haxx.se/bug/view.cgi?id=1205
Reported by: technion

- [Gisle Vanem brought this change]

polarssl.c: fix header filename typo

- configure: use XC_LIBTOOL for portability across libtool versions

- xc-lt-iface.m4: provide XC_LIBTOOL macro

Steve Holme (7 Mar 2013)
- imap: Fixed SELECT not being performed for custom requests

- email: Minor code tidy up following recent changes

Removed unwanted braces and added variable initialisation.

- DOCS: Corrected the IMAP URL grammar of the UIDVALIDITY parameter

- FEATURES: Provided a little clarity in some IMAP features

- email: Optimised block_statemach() functions

Optimised the result test in each of the block_statemach() functions.

- DOCS: Added the list command to the IMAP URL section

Added examples of the list command and clarified existing example URLs
following recent changes.

- FEATURES: Updated for recent imap additions

Updated the imap features list, corrected a typo in the smtp features
and clarified a pop3 feature.

Daniel Stenberg (7 Mar 2013)
- version bump: the next release will be 7.30.0

- checksrc: ban unsafe functions

The list of unsafe functions currently consists of sprintf, vsprintf,
strcat, strncat and gets.

Subsequently, some existing code needed updating to avoid warnings on
this.

Steve Holme (7 Mar 2013)
- RELEASE-NOTES: Added missing imap fixes and additions

With all the recent imap changes it wasn't clear what new features and
fixes should be included in the release notes.

Nick Zitzmann (6 Mar 2013)
- RELEASE-NOTES: brought this up-to-date with the latest changes

Steve Holme (6 Mar 2013)
- [Jiri Hruska brought this change]

imap: Fixed test801 and test1321 to specify a message UID

Just a folder list would be retrieved if UID was not specified now.

- [Jiri Hruska brought this change]

imap: Fixed ftpserver.pl to allow verification even through LIST command

Commit 198012ee inadvertently broke LIST_imap().

- imap: Tidied up the APPEND and final APPEND response functions

Removed unnecessary state changes on failure and setting of result codes
on success.

- imap: Tidied up the final FETCH response function

Removed unnecessary state change on failure and setting of result code on
success.

- imap: Tidied up the LIST response function

Reworked comments as they referenced custom commands, removed
unnecessary state change on failure and setting of result code on
success.

- imap: Removed the custom request response function

Removed imap_state_custom_resp() as imap_state_list_resp() provides the
same functionality.

- [Jiri Hruska brought this change]

imap: Updated ftpserver.pl to be more compliant, added new commands

Enriched IMAP capabilities of ftpserver.pl in order to be able to
add tests for the new IMAP features.

* Added support for APPEND - Saves uploaded data to log/upload.$testno
* Added support for LIST - Returns the contents of <reply/> section in
the current test, like e.g FETCH.
* Added support for STORE - Returns hardcoded updated flags
* Changed handling of SELECT - Returns much more information in the
usual set of untagged responses; uses hardcoded data from an example
in the IMAP RFC
* Changed handling of FETCH - Fixed response format

- imap: Added check for empty UID in FETCH command

As the UID has to be specified by the user for the FETCH command to work
correctly, added a check to imap_fetch(), although strictly speaking it
is protected by the call from imap_perform().

Kamil Dudka (6 Mar 2013)
- nss: fix misplaced code enabling non-blocking socket mode

The option needs to be set on the SSL socket. Setting it on the model
takes no effect. Note that the non-blocking mode is still not enabled
for the handshake because the code is not yet ready for that.

Daniel Stenberg (6 Mar 2013)
- imap: fix compiler warning

imap.c:694:21: error: unused variable 'imapc' [-Werror=unused-variable]

Steve Holme (5 Mar 2013)
- imap: Added support for list command

- imap: Added list perform and response handler functions

- imap: Introduced IMAP_LIST state

- imap: Small tidy up of imap_select() to match imap_append()

Updated the style of imap_select() before adding the LIST command.

- imap: Moved mailbox check from the imap_do() function

In preparation for the addition of the LIST command, moved the mailbox
check from imap_do() to imap_select() and imap_append().

- curl_setup.h: Added S_IRDIR() macro for compilers that don't support it

Commit 26eaa8383001 introduces the use of S_ISDIR() yet some compilers,
such as MSVC don't support it, so we must define a substitute using
file flags and mask.

Daniel Stenberg (4 Mar 2013)
- AddFormData: prevent only directories from being posted

Commit f4cc54cb4746ae5a6d (shipped as part of the 7.29.0 release) was a
bug fix that introduced a regression in that while trying to avoid
allowing directory names, it also forbade "special" files like character
devices and more. like "/dev/null" as was used by Oliver who reported
this regression.

Reported by: Oliver Gondža
Bug: http://curl.haxx.se/mail/archive-2013-02/0040.html

Nick Zitzmann (3 Mar 2013)
- darwinssl: fix infinite loop if server disconnected abruptly

If the server hung up the connection without sending a closure alert,
then we'd keep probing the socket for data even though it's dead. Now
we're ready for this situation.

Bug: http://curl.haxx.se/mail/lib-2013-03/0014.html
Reported by: Aki Koskinen

Steve Holme (3 Mar 2013)
- imap: Added comments to imap_append()

- [Jiri Hruska brought this change]

imap: Added required mailbox check for FETCH and APPEND commands

- pingpong.c: Fix enumerated type mixed with another type

- smtp: Updated the coding style for state changes after a send operation

Some state changes would be performed after a failure test that
performed a hard return, whilst others would be performed within a test
for success. Updated the code, for consistency, so all instances are
performed within a success test.

- pop3: Updated the coding style for state changes after a send operation

- imap: Fixed typo in variable assignment

- [Jiri Hruska brought this change]

imap: Fixed custom request handling in imap_done()

Fixed imap_done() so that neither the FINAL states are not entered when
a custom command has been performed.

- [Jiri Hruska brought this change]

imap: Enabled custom requests in imap_select_resp()

Changed imap_select_resp() to invoke imap_custom() instead of
imap_fetch() after the mailbox has been selected if a custom
command has been set.

- [Jiri Hruska brought this change]

imap: Enabled custom requests in imap_perform()

Modified imap_perform() to start with the custom command instead of
SELECT when a custom command is to be performed and no mailbox has
been given.

- [Jiri Hruska brought this change]

imap: Added custom request perform and response handler functions

Added imap_custom(), which initiates the custom command processing,
and an associated response handler imap_state_custom_resp(), which
handles any responses by sending them to the client as body data.

All untagged responses with the same name as the first word of the
custom request string are accepted, with the exception of SELECT and
EXAMINE which have responses that cannot be easily identified. An
extra check has been provided for them so that any untagged responses
are accepted for them.

- pop3: Fixed unnecessary parent structure reference

Updated pop3 code following recent imap changes.

- [Jiri Hruska brought this change]

imap: Added custom request parsing

Added imap_parse_custom_request() for parsing the CURLOPT_CUSTOMREQUEST
parameter which URL decodes the value and separates the request from
any parameters - This makes it easier to filter untagged responses
by the request command.

- [Jiri Hruska brought this change]

imap: Introduced custom request parameters

Added custom request parameters to the per-request structure.

- [Jiri Hruska brought this change]

imap: Introduced IMAP_CUSTOM state

- imap: Minor code tidy up

Minor tidy up of code layout and comments following recent changes.

- imap: Simplified the imap_state_append_resp() function

Introduced the result code variable to simplify the state changes and
remove the hard returns.

- imap: Changed successful response logic in imap_state_append_resp()

For consistency changed the logic of the imap_state_append_resp()
function to test for an unsucessful continuation response rather than a
succesful one.

- imap: Standardised imapcode condition tests

For consistency changed two if(constant != imapcode) tests to be
if(imapcode != constant).

- imap: Moved imap_append() to be with the other perform functions

- [Jiri Hruska brought this change]

imap: Enabled APPEND support in imap_perform()

Added logic in imap_perform() to perform an APPEND rather than SELECT
and FETCH if an upload has been specified.

- [Jiri Hruska brought this change]

imap: Implemented APPEND final processing

The APPEND operation needs to be performed in several steps:
1) We send "<tag> APPEND <mailbox> <flags> {<size>}\r\n"
2) Server responds with continuation respose "+ ...\r\n"
3) We start the transfer and send <size> bytes of data
4) Only now we end the request command line by sending "\r\n"
5) Server responds with "<tag> OK ...\r\n"

This commit performs steps 4 and 5, in the DONE phase, as more
processing is required after the transfer.

- [Jiri Hruska brought this change]

imap: Added APPEND perform and response handler functions

Added imap_append() function to initiate upload and imap_append_resp()
to handle the continuation response and start the transfer.

- [Jiri Hruska brought this change]

imap: Introduced IMAP_APPEND and IMAP_APPEND_FINAL states

- [Jiri Hruska brought this change]

imap: Updated setting of transfer variables in imap_state_fetch_resp()

Add number of bytes retrieved from the PP cache to req.bytecount and set
req.maxdownload only when starting a proper download.

- [Jiri Hruska brought this change]

imap: Improved FETCH response parsing

Added safer parsing of the untagged FETCH response line and the size of
continuation data.

- imap: Fixed accidentally lossing the result code

Accidentally lost the result code in imap_state_capability() and
imap_state_login() with commit b06a78622609.

- imap: Another minor comment addition / tidy up

- imap: Updated the coding style for state changes after a send operation

- pop3 / smtp: Small comment tidy up

Small tidy up to keep some comments consistant across each of the email
protocols.

- [Jiri Hruska brought this change]

imap: FETCH response handler cleanup before further changes

Removed superfluous NULL assignment after Curl_safefree() and rewrote
some comments and logging messages.

- pop3: Small tidy up of function arguments

- imap: Small tidy up of function arguments

- smtp: Corrected debug message for POP3_AUTH_FINAL constant

Following commit ad3177da24b8 corrected the debug message in state()
from AUTH to AUTH_FINAL.

- pop3: Corrected debug message for POP3_AUTH_FINAL constant

Following commit afad1ce753a1 corrected the debug message in state()
from AUTH to AUTH_FINAL.

- imap: Corrected debug message for IMAP_AUTHENTICATE_FINAL constant

Following commit 13006f3de9ec corrected the debug message in state()
from AUTHENTICATE to AUTHENTICATE_FINAL.

- [Jiri Hruska brought this change]

imap: Fixed error code returned for invalid FETCH response

If the FETCH command does not result in an untagged response the the
UID is probably invalid. As such do not return CURLE_OK.

- [Jiri Hruska brought this change]

imap: Added processing of the final FETCH responses

Not processing the final FETCH responses was not optimal, not only
because the response code would be ignored but it would also leave data
unread on the socket which would prohibit connection reuse.

- [Jiri Hruska brought this change]

imap: Introduced FETCH_FINAL state for processing final fetch responses

A typical FETCH response can be broken down into four parts:

1) "* <uid> FETCH (<what> {<size>}\r\n", using continuation syntax
2) <size> bytes of the actual message
3) ")\r\n", finishing the untagged response
4) "<tag> OK ...", finishing the command

Part 1 is read in imap_fetch_resp(), part 2 is consumed in the PERFORM
phase by the transfer subsystem, parts 3 and 4 are currently ignored.

- imap: fix autobuild warning

Removed whitespace from imap_perform()

- imap: fix compiler warning

error: declaration of 'imap' shadows a previous local

- smtp: Re-factored the final SMTP_AUTH constant

Changed the final SMTP_AUTH constant to SMTP_AUTH_FINAL for consistency
with the response function.

- pop3: Re-factored the final POP3_AUTH constant

Changed the final POP3_AUTH constant to POP3_AUTH_FINAL for consistency
with the response function.

- imap: Re-factored final IMAP_AUTHENTICATE constant

Changed the final IMAP_AUTHENTICATE constant to IMAP_AUTHENTICATE_FINAL
for consistency with the response function.

- imap: Updated the coding style of imap_state_servergreet_resp()

Updated the coding style, in this function, to be consistant with other
response functions rather then performing a hard return on failure.

- imap: Reversed the logic of the (un)successful tagged SELECT response

Reversed the logic of the unsuccessful vs successful tagged SELECT
response in imap_state_select_resp() to be more logical to read.

- imap: Reversed the logic of the (un)successful tagged CAPABILITY response

Reversed the logic of the unsuccessful vs successful tagged CAPABILITY
response in imap_state_capability_resp() to be more logical to read.

- imap: Corrected char* references with char *

Corrected char* references made in commit: 709b3506cd9b.

- [Jiri Hruska brought this change]

imap: Added processing of more than one response when sent in same packet

Added a loop to imap_statemach_act() in which Curl_pp_readresp() is
called until the cache is drained. Without this multiple responses
received in a single packet could result in a hang or delay.

- [Jiri Hruska brought this change]

imap: Added skipping of SELECT command if already in the same mailbox

Added storage and checking of the last mailbox userd to prevent
unnecessary switching.

- [Jiri Hruska brought this change]

imap: Introduced the mailbox variable

Added the mailbox variable to the per-connection structure in
preparation for checking for an already selected mailbox.

- email: Slight reordering of connection based variables

Reordered the state and ssl_done variables in order to provide more
consistency between the email protocols as well as for for an upcoming
change.

- imap: Tidied up comments for connection based variables

- DOCS: Added the IMAP UIDVALIDITY property to the CURLOPT_URL section

- [Jiri Hruska brought this change]

imap: Added verification of UIDVALIDITY mailbox attribute

Added support for checking the UIDVALIDITY, and aborting the request, if
it has been specified in the URL and the server response is different.

- [Jiri Hruska brought this change]

imap: Added support for parsing the UIDVALIDITY property

Added support for parsing the UIDVALIDITY property from the SELECT
response and storing it in the per-connection structure.

- [Jiri Hruska brought this change]

imap: Introduced the mailbox_uidvalidity variable

Added the mailbox_uidvalidity variable to the per-connection structure
in preparation for checking the UIDVALIDITY mailbox attribute.

- imap: Corrected comment in imap_endofresp()

- imap: Corrected whitespace

- [Jiri Hruska brought this change]

imap: Added filtering of CAPABILITY and FETCH untagged responses

Only responses that contain "CAPABILITY" and "FETCH", respectively,
will be sent to their response handler.

- [Jiri Hruska brought this change]

imap: Added a helper function for upcoming untagged response filtering

RFC 3501 states that "the client MUST be prepared to accept any response
at all times" yet we assume anything received with "* " at the beginning
is the untagged response we want.

Introduced a helper function that checks whether the input looks like a
response to specified command, so that we may filter the ones we are
interested in according to the current state.

- [Jiri Hruska brought this change]

imap: Moved CAPABILITY response handling to imap_state_capability_resp()

Introduced similar handling to the FETCH responses, where even the
untagged data responses are handled by the response handler of the
individual state.

Linus Nielsen Feltzing (26 Feb 2013)
- Remove unused variable in smtp_state_data_resp()

Steve Holme (25 Feb 2013)
- email: Small tidy up following recent changes

- smtp: Removed bytecountp from the per-request structure

Removed this pointer to a downloaded bytes counter because it was set in
smtp_init() to point to the same variable the transfer functions keep
the count in (k->bytecount), effectively making the code in transfer.c
"*k->bytecountp = k->bytecount" a no-op.

- pop3: Removed bytecountp from the per-request structure

Removed this pointer to a downloaded bytes counter because it was set in
pop3_init() to point to the same variable the transfer functions keep
the count in (k->bytecount), effectively making the code in transfer.c
"*k->bytecountp = k->bytecount" a no-op.

- [Jiri Hruska brought this change]

imap: Removed bytecountp from the per-request structure

Removed this pointer to a downloaded bytes counter because it was set in
imap_init() to point to the same variable the transfer functions keep
the count in (k->bytecount), effectively making the code in transfer.c
"*k->bytecountp = k->bytecount" a no-op.

- [Jiri Hruska brought this change]

imap: Adjusted SELECT and FETCH function order

Moved imap_select() and imap_fetch() to be grouped with the other
perform functions.

- [Jiri Hruska brought this change]

imap: Adjusted SELECT and FETCH state order in imap_statemach_act()

Exchanged the position of these states in the switch statements to
match the state enum, execution and function order.

- imap: Minor tidy up of comments in imap_parse_url_path()

Tidy up of comments before next round of imap changes.

- imap: Fixed incorrect comparison for STARTTLS in imap_endofresp()

Corrected the comparison type in addition to commit 1dac29fa83a9.

- DOCS: Corrected IMAP URL examples according to RFC5092

URL examples that included the UID weren't technically correct although
would pass the curl parser.

Nick Zitzmann (24 Feb 2013)
- darwinssl: fix undefined $ssllib warning in runtests.pl

I also added --with-darwinssl to the list of SSL options in configure.

Steve Holme (24 Feb 2013)
- imap: Added check for new internal imap response code

- imap: Changed the order of the response types in imap_endofresp()

From a maintenance point of view the code reads better to view tagged
responses, then untagged followed by continuation responses.

Additionally, this matches the order of responses in POP3.

- [Jiri Hruska brought this change]

imap: Added stricter parsing of continuation responses

Enhanced the parsing to only allow continuation responses in some
states.

- imap: Simplified memcmp() in tagged response parsing

- [Jiri Hruska brought this change]

imap: Reworked the logic of untagged command responses

- imap: Corrected spacing of trailing brace

- [Jiri Hruska brought this change]

imap: Added stricter parsing of tagged command responses

Enhanced the parsing of tagged responses which must start with "OK",
"NO" or "BAD"

- [Jiri Hruska brought this change]

imap: Simplified command response test in imap_endofresp()

- [Jiri Hruska brought this change]

imap: Corrected comment in imap_endofresp()

- DOCS: Corrected layout of POP3 and IMAP URL examples

Corrected layout issues with the POP3 and IMAP URL examples introduced
in commit cb3ae6894fb2.

- DOCS: Updated CURLOPT_URL section following recent POP3 and IMAP changes

Updated the POP3 sub-section to refer to message ID rather than mailbox.

Added an IMAP sub-section with example URLs depicting the specification
of mailbox, uid and section.

- pop3: Refactored the mailbox variable as it didn't reflect it's purpose

Updated the mailbox variable to correctly reflect it's purpose. The
name mailbox was a leftover from when IMAP and POP3 support was
initially added to curl.

- FEATURES: Updated following recent IMAP changes

- [Jiri Hruska brought this change]

imap: Added the ability to FETCH a specific UID and SECTION

Updated the FETCH command to send the UID and SECTION parsed from the
URL. By default the BODY specifier doesn't include a section, BODY[] is
now sent whereas BODY[TEXT] was previously sent. In my opinion
retrieving just the message text is rarely useful when dealing with
emails, as the headers are required for example, so that functionality
is not retained. In can however be simulated by adding SECTION=TEXT to
the URL.

Also updated test801 and test1321 due to the BODY change.

- email: Additional tidy up of comments following recent changes

- smtp: Removed some FTP heritage leftovers

Removed user and passwd from the SMTP struct as these cannot be set on
a per-request basis and are leftover from legacy FTP code.

Changed some comments still using FTP terminology.

- smtp: Moved the per-request variables to the per-request data structure

Moved the rcpt variable from the per-connection struct smtp_conn to the
new per-request struct and fixed references accordingly.

- pop3: Introduced a custom SMTP structure for per-request data

Created a new SMTP structure and changed the type of the smtp proto
variable in connectdata from FTP* to SMTP*.

unknown (23 Feb 2013)
- [Steve Holme brought this change]

imap: Minor correction of comments for max line length

Daniel Stenberg (23 Feb 2013)
- strcasestr: remove check for this unused function

- pop3: fix compiler warning

error: declaration of 'pop3' shadows a previous local

Steve Holme (23 Feb 2013)
- [Jiri Hruska brought this change]

imap: Added URL parsing of new variables

Updated the imap_parse_url_path() function to parse uidvalidity, uid and
section parameters based on RFC-5092.

- [Jiri Hruska brought this change]

imap: Introduced imap_is_bchar() function

Added imap_is_bchar() for testing if a given character is a valid bchar
or not.

- [Jiri Hruska brought this change]

imap: Introduced new per-request veriables

Added uidvalidity, uid and section variables to the per-request IMAP
structure in preparation for upcoming URL parsing.

- pingpong: Renamed curl_ftptransfer to curl_pp_transfer

- pop3: Removed some FTP heritage leftovers

Removed user and passwd from the POP3 struct as these cannot be set on
a per-request basis and are leftover from legacy FTP code.

Changed some comments still using FTP terminology.

- pop3: Moved the per-request variables to the per-request data structure

Moved the mailbox and custom request variables from the per-connection
struct pop3_conn to the new per-request struct and fixed references
accordingly.

- pop3: Introduced a custom POP3 structure for per-request data

Created a new POP3 structure and changed the type of the pop3 proto
variable in connectdata from FTP* to POP*.

- [Jiri Hruska brought this change]

imap: Fixed escaping of mailbox names

Used imap_atom() to escape mailbox names in imap_select().

- pingpong: Moved curl_ftptransfer definition to pingpong.h

Moved the ftp transfer structure into pingpong.h so other protocols that
require it don't have to include ftp.h.

- urldata.h: Fixed comment for opt_no_body variable

Corrected comment for opt_no_body variable to CURLOPT_NOBODY.

- email: Minor tidy up following IMAP changes

- [Jiri Hruska brought this change]

imap: Removed more FTP leftovers

Changed some variables and comments still using FTP terminology.

- [Jiri Hruska brought this change]

imap: Removed some FTP heritage leftovers

Removed user and passwd from the IMAP struct as these cannot be set on
a per-request basis and are leftover from legacy FTP code.

- [Jiri Hruska brought this change]

imap: Introduced a custom IMAP structure for per-request data

Created a new IMAP structure and changed the type of the imap proto
variable in connectdata from FTP* to the new IMAP*.

Moved the mailbox variable from the per-connection struct imap_conn to
the new per-request struct and fixed references accordingly.

- pop3: Updated do phrase clean-up comment

Following commit 65644b833532 for the IMAP module updated the clean-up
comment in POP3.

- imap: Fixed memory leak when performing multiple selects

Moved the clean-up of the mailbox variable from imap_disconnect() to
imap_done() as this variable is allocated in the do phase, yet would
have only been freed only once if multiple selects where preformed
on a single connection.

Daniel Stenberg (22 Feb 2013)
- [Alexander Klauer brought this change]

Documentation: Typo in docs/CONTRIBUTE

Fixes a typo get → git in docs/CONTRIBUTE.

- [Alexander Klauer brought this change]

repository: ignore patch files generated by git

Ignores the patch files generated by the 'git format-patch' command.

- [Alexander Klauer brought this change]

libcurl documentation: clarifications and typos

* Elaborates on default values of some curl_easy_setopt() options.
* Reminds the user to cast variadic arguments to curl_easy_setopt() to
'void *' where curl internally interprets them as such.
* Clarifies the working of the CURLOPT_SEEKFUNCTION option for
curl_easy_setopt().
* Fixes typo 'forth' → 'fourth'.
* Elaborates on CURL_SOCKET_TIMEOUT.
* Adds some missing periods.
* Notes that the return value of curl_version() must not be passed to
free().

- [Alexander Klauer brought this change]

lib/url.c: Generic read/write data pointers

Always interprets the pointer passed with the CURLOPT_WRITEDATA or
CURLOPT_READDATA options of curl_easy_setopt() as a void pointer in
order to avoid problems in environments where FILE and void pointers
have non-trivial conversion.

- [Alexander Klauer brought this change]

libcurl documentation: updates HTML index

* Adds several links to documentation of library functions which were
missing.
* Marks documentation of deprecated library functions "(deprecated)".
* Removes spurious .html suffixes.

- ossl_seed: avoid recursive seeding!

Steve Holme (22 Feb 2013)
- [Jiri Hruska brought this change]

Fixed checking the socket if there is data waiting in the cache

Use Curl_pp_moredata() in Curl_pp_multi_statemach() to check if there is
more data to be received, rather than the socket state, as a task could
hang waiting for more data from the socket itself.

- imap.c: Fixed an incorrect variable reference

Fixed an incorrect variable reference which was introduced in commit
a1701eea289f as a result of a copy and paste from SMTP/POP3.

- [Jiri Hruska brought this change]

pingpong: Introduce Curl_pp_moredata()

A simple function to test whether the PP is not sending and there are
still more data in its receiver cache. This will be later utilized to:

1) Change Curl_pp_multi_statemach() and Curl_pp_easy_statemach() to
not test socket state and just call user's statemach_act() function
when there are more data to process, because otherwise the task would
just hang, waiting for more data from the socket.

2) Allow PP users to read multiple responses by looping as long as there
are more data available and current phase is not finished.
(Currently needed for correct processing of IMAP SELECT responses.)

Nick Zitzmann (19 Feb 2013)
- FEATURES: why yes, we do support metalink

I just noticed Metalink support wasn't listed as a feature of the tool.

- metalink: fix improbable crash parsing metalink filename

The this_url pointer wasn't being initialized, so if strdup() would return
null when copying the filename in a metalink file, then hilarity would
ensue during the cleanup phase. This change was brought to you by clang,
which noticed this and raised a warning.

Yang Tse (19 Feb 2013)
- smtp.c: fix enumerated type mixed with another type

- polarssl threadlock cleanup

Nick Zitzmann (18 Feb 2013)
- docs: schannel and darwinssl documentation improvements

Schannel and darwinssl use the certificates built into the
OS to do vert verification instead of bundles. darwinssl
is thread-safe. Corrected typos in the NSS docs.

Daniel Stenberg (18 Feb 2013)
- resolver_error: remove wrong error message output

The attempt to use gai_strerror() or alternative function didn't work as
the 'sock_error' field didn't contain the proper error code. But since
this hasn't been reported and thus isn't really a big deal I decided to
just scrap the whole attempt to output the detailed resolver error and
instead remain with just stating that the resolving of the name failed.

- [Kim Vandry brought this change]

Curl_resolver_is_resolved: show proper host name on failed resolve

- Curl_resolver_is_resolved: fix compiler warning

conversion to 'int' from 'long int' may alter its value

- compiler warning fix

follow-up to commit ed7174c6f66, rename 'wait' to 'block'

- compiler warning fix: declaration of 'wait' shadows a global declaration

It seems older gcc installations (at least) will cause warnings if we
name a variable 'wait'. Now changed to 'block' instead.

Reported by: Jiří Hruška
Bug: http://curl.haxx.se/mail/lib-2013-02/0247.html

Nick Zitzmann (17 Feb 2013)
- MacOSX-Framework: Make script work in Xcode 4.0 and later

Apple made a number of changes to Xcode 4. The SDKs were moved, the entire
Developer folder was moved, and PowerPC support was removed. The script
will now adapt to those changes and should be future-proofed against
additional changes in case Apple moves the Developer folder ever again.
Also, the minimum OS X version compiler option was removed, so that the
framework can be built against the latest SDK but still run in older cats.

Daniel Stenberg (17 Feb 2013)
- docs: refer to CURLOPT_ACCEPT_ENCODING instead of the old name

Steve Holme (16 Feb 2013)
- email: Tidied up result code variables

Tidied up result variables to be consistent in name, declaration order
and default values.

Nick Zitzmann (16 Feb 2013)
- ntlm_core: fix compiler warning when building with clang

Fixed a 64-to-32 compiler warning raised when building with
clang and the --with-darwinssl option.

Daniel Stenberg (16 Feb 2013)
- Guile-curl: a new libcurl binding

- polarsslthreadlock: #include the proper memory and debug includes

Pointed out by Steve Holme

Steve Holme (16 Feb 2013)
- email: Removed unnecessary forward declaration

Due to the reordering of functions in commit 586f5d361474 the forward
declaration to state_upgrade_tls() are no longer required.

- pop3.c: Added reference to RFC-5034

Daniel Stenberg (15 Feb 2013)
- [Willem Sparreboom brought this change]

PolarSSL: Change to cURL coding style

Repaired all curl/lib/checksrc.pl warnings in the previous four patches

- [Willem Sparreboom brought this change]

PolarSSL: WIN32 threading support for entropy

Added WIN32 threading support for PolarSSL entropy if
--enable-threaded-resolver config flag is set and process.h can be found.

- [Willem Sparreboom brought this change]

PolarSSL: pthread support for entropy

Added pthread support for polarssl entropy if --enable-threaded-resolver
config flag is set and pthread.h can be found.

- [Willem Sparreboom brought this change]

PolarSSL: changes to entropy/ctr_drbg/HAVEGE_RANDOM

Add non-threaded entropy and ctr_drbg and removed HAVEGE_RANDOM define

- [Willem Sparreboom brought this change]

PolarSSL: added human readable error strings

Print out human readable error strings for PolarSSL related errors

Steve Holme (15 Feb 2013)
- pop3: Removed unnecessary state changes on failure

- imap: Removed unnecessary state change on failure

Daniel Stenberg (15 Feb 2013)
- metalink_cleanup: yet another follow-up fix

- metalink_cleanup: define it without argument

Since the function takes no argument, the macro shouldn't take one as
some compilers will error out on that.

- rename "easy" statemachines: call them block instead

... since they're not used by the easy interface really, I wanted to
remove the association. Also, I unified the pingpong statemachine driver
into a single function with a 'wait' argument: Curl_pp_statemach.

Yang Tse (15 Feb 2013)
- [Gisle Vanem brought this change]

curl_setup_once.h: definition of HAVE_CLOSE_S defines sclose() to close_s()

- [Gisle Vanem brought this change]

config-dos.h: define HAVE_CLOSE_S for MSDOS/Watt-32

- [Gisle Vanem brought this change]

config-dos.h: define strerror() to strerror_s_() for High-C

- [Gisle Vanem brought this change]

config-dos.h: define HAVE_TERMIOS_H only for djgpp

Steve Holme (14 Feb 2013)
- smtp.c: Fixed a trailing whitespace

Remove tailing whitespace introduced in commit 7ed689d24a4e.

- pop3: Fixed blocking SSL connect when connecting via POP3S

A call to Curl_ssl_connect() was accidentally left in when the SSL/TLS
connection layer was reworked in 7.29. Not only would this cause the
connection to block but had the additional overhead of calling the
non-blocking connect a little bit later.

- smtp: Refactored the smtp_state_auth_resp() function

Renamed smtp_state_auth_resp() function to match the implementations in
IMAP and POP3.

Daniel Stenberg (14 Feb 2013)
- remove ifdefs

Clarify the code by reducing ifdefs

- strlcat: remove function

This function was only used twice, both in places where performance
isn't crucial (socks + if2ip). Removing the use of this function removes
the need to have our private version for systems without it == reduced
amount of code.

Also, in the SOCKS case it is clearly better to fail gracefully rather
than to truncate the results.

This work was triggered by a bug report on the strcal prototype in
strequal.h.

strlcat was added in commit db70cd28 in February 2001!

Bug: http://curl.haxx.se/bug/view.cgi?id=1192
Reported by: Jeremy Huddleston

- Curl_FormBoundary: made static

As Curl_FormBoundary() is no longer used outside of this file (since
commit ad7291c1a9d), it is now renamed to formboundary() and is made
static.

- ossl_seed: fix the last resort PRNG seeding

Instead of just abusing the pseudo-randomizer from Curl_FormBoundary(),
this now uses Curl_ossl_random() to get entropy.

Steve Holme (13 Feb 2013)
- email: Tidy up before additional IMAP work

Replaced two explicit comparisons of CURLE_OK with boolean alternatives.

General tidy up of comments.

- smtp: Removed duplicate pingpong structure initialisation

The smtp_connect() function was setting the member variables of the
pingpong structure twice, once before calling Curl_pp_init() and once
after!

Yang Tse (13 Feb 2013)
- move msvc IDE related files to 'vs' directory tree

Use 'vs' directory tree given that 'vc' intended one clashes
with an already existing build target in file Makefile.dist.

Daniel Stenberg (13 Feb 2013)
- install-sh: updated to support multiple source files as arguments

Version 7.29.0 uses Makefiles generated with a newer version of the
autotools than the previous 7.28.1. These Makefiles try to install
e.g. header files by calling install-sh with multiple source files as
arguments. The bundled install-sh is to old and does not support this.

The problem only occurs, if install-sh is actually being used, ie. the
platform install executable is to old or not usable. Example: Solaris
10.

The files install-sh and mkinstalldirs are now updated with the automake
1.11.3 versions. A better fix might be to completely remove them from
git and force the files to be added/created during buildconf.

Bug: http://curl.haxx.se/bug/view.cgi?id=1195
Reported by: Rainer Jung

Yang Tse (13 Feb 2013)
- move msvc IDE related files to 'vc' directory tree

- msvc IDE 'vc' directory tree preparation

Steve Holme (12 Feb 2013)
- imap: Corrected a whitespace issue from previous commit

Fixed a small whitespace issue that crept in there in commit
508cdf4da4d7.

- email: Another post optimisation of endofresp() tidy up

- sasl: Fixed null pointer reference when decoding empty digest challenge

Fixed a null pointer reference when an empty challenge is passed to the
Curl_sasl_create_digest_md5_message() function.

Bug: http://sourceforge.net/p/curl/bugs/1193/
Reported by: Saran Neti

- email: Post optimisation of endofresp() tidy up

Removed unnecessary end of line check and return.

Nick Zitzmann (12 Feb 2013)
- darwinssl: Fix send glitchiness with data > 32 or so KB

An ambiguity in the SSLWrite() documentation lead to a bad inference in the
code where we assumed SSLWrite() returned the amount of bytes written to
the socket, when that is not actually true; it returns the amount of data
that is buffered for writing to the socket if it returns errSSLWouldBlock.
Now darwinssl_send() returns CURLE_AGAIN if data is buffered but not written.

Reference URL: http://curl.haxx.se/mail/lib-2013-02/0145.html

Steve Holme (12 Feb 2013)
- pingpong.h: Fixed line length over 78 characters from b56c9eb48e3c

- pingpong: Optimised the endofresp() function

Reworked the pp->endofresp() function so that the conndata, line and
line length are passed down to it just as with Curl_client_write()
rather than each implementation of the function having to query
these values.

Additionally changed the int return type to bool as this is more
representative of the function's usage.

- email: Post STARTLS capability code tidy up (Part Three)

Corrected the order of the upgrade_tls() functions and moved the handler
upgrade and getsock() functions out from the middle of the state related
functions.

- email: Post STARTLS capability code tidy up (Part Two)

Corrected the order of the pop3_state_capa() / imap_state_capability()
and the pop3_state_capa_resp() / imap_state_capability_resp() functions
to match the execution order.

Daniel Stenberg (11 Feb 2013)
- [ulion brought this change]

SOCKS: fix socks proxy when noproxy matched

Test 1212 added to verify

Bug: http://curl.haxx.se/bug/view.cgi?id=1190

Steve Holme (11 Feb 2013)
- ntlm: Updated comments for the addition of SASL support to IMAP in v7.29

- RELEASE-NOTES: Updated following the recent imap/pop3/smtp changes

Linus Nielsen Feltzing (10 Feb 2013)
- Fix NULL pointer reference when closing an unused multi handle.

Steve Holme (10 Feb 2013)
- email: Post STARTLS capability code tidy up (Part One)

Corrected the order of the CAPA / CAPABILITY state machine constants to
match the execution order.

- imap: Fixed memory leak following commit f6010d9a0359

- smtp: Added support for the STARTTLS capability (Part Two)

Added honoring of the tls_supported flag when starting a TLS upgrade
rather than unconditionally attempting it. If the use_ssl flag is set
to CURLUSESSL_TRY and the server doesn't support TLS upgrades then the
connection will continue to authenticate. If this flag is set to
CURLUSESSL_ALL then the connection will complete with a failure as it
did previously.

- pop3: Added support for the STLS capability (Part Three)

- imap: Added support for the STARTTLS capability (Part Three)

Daniel Stenberg (10 Feb 2013)
- [Alessandro Ghedini brought this change]

htmltitle: fix suggested build command

Steve Holme (10 Feb 2013)
- pop3: Added support for the STLS capability (Part Two)

Added sending of initial CAPA command before STLS is sent. This allows
for the detection of the capability before trying to upgrade the
connection.

- imap: Added support for the STARTTLS capability (Part Two)

Added sending of initial CAPABILITY command before STARTTLS is sent.
This allows for the detection of the capability before trying to
upgrade the connection.

- smtp: Added support for the STLS capability (Part One)

Introduced detection of the STARTTLS capability, in order to add support
for TLS upgrades without unconditionally sending the STARTTLS command.

- pop3: Added support for the STLS capability (Part One)

Introduced detection of the STLS capability, in order to add support
for TLS upgrades without unconditionally sending the STLS command.

- imap: Added support for the STARTTLS capability (Part One)

Introduced detection of the STARTTLS capability, in order to add support
for TLS upgrades without unconditionally sending the STARTTLS command.

- RELEASE-NOTES: synced with 92f7606f29b704

- smtp: Fixed an issue when processing EHLO failure responses (Part 3)

Follow up fix to commit 62bd21746443 to cater for servers that don't
respond with a 250 in their EHLO responses. Additionally updated the
SMTP tests to respond with a 250 response code as per RFC5321.

- pop3: Fixed SASL authentication capability detection

Fixed the SASL capability detection to include the space character
before the authentication mechanism list. Otherwise a capability such
as SASLSOMETHING would be interpreted as enabling SASL and potentially
trying to identify SOMETHING as a mechanism.

- pop3: Fixed incorrect return value from pop3_endofresp()

Corrected an incorrect return value when -ERR is received from the
server - introduced in commit b5bb61ee697b (June 2012).

- smtp: Fixed an issue when processing EHLO failure responses (Part 2)

Follow up fix to commit 23d17190ee32 as EHLO capabilities can exist
within a positive response line.

- smtp: Fixed an issue with missing capabilities after the AUTH line

Follow up to commit 40f9bb787f05 to fix missing capabilities after an
AUTH line.

Nick Zitzmann (8 Feb 2013)
- darwinssl: Make certificate errors less techy

Previously if a problem was found with one of the server's certificates,
we'd log an OSStatus for the end user to look up. Now we explain what
was wrong with the site's certificate chain. Also un-did part of the
previous commit where the code wouldn't catch errSSLServerAuthCompleted
if built under Leopard.

Guenter Knauf (9 Feb 2013)
- Updated dependency libs.

Steve Holme (9 Feb 2013)
- imap: Corrected some comments

- smtp: Fixed an issue when processing EHLO failure responses

Fixed a small issue where smtp_endofresp() would look for capabilities
in the description part of a failure response. In theory a server
shouldn't respond with SIZE or AUTH in an EHLO command's failure
response but if it did then capabilities would be unnecessarily set
before eventually failing.

- pop3: Reworked pop3_endofresp() to simplify it little

Reworked pop3_endofresp() to simplify it and provide consistency between
imap and smtp.

- imap: Renamed state variables in imap_authenticate()

Renamed the authstate1 and authstate2 variables in imap_authenticate()
as the old name was a left over from when there was only one state
variable which was named due to a clash with the state() function.

Additionally this provides consistency with the smtp module.

- smtp: Reworked smtp_endofresp() to allow for extra capability detection

- smtp: Renamed smtp_state_auth_passwd_resp() function

Renamed the login password response function to better describe it's
purpose as well as for consistency with the imap and pop3 modules.

Daniel Stenberg (8 Feb 2013)
- [Gisle Vanem brought this change]

ntlm: fix memory leak

Running tests\libtest\libntlmconnect.exe reveals a 1 byte (!) leak in
./lib/curl_ntlm_msgs.c:

perl ..\memanalyze.pl c:memdebug.curl
Leak detected: memory still allocated: 1 bytes
At 9771e8, there's 1 bytes.
allocated by curl_ntlm_msgs.c:399

Snippet from curl_ntlm_msgs.c:
/* setup ntlm identity's domain and length */
dup_domain.tchar_ptr = malloc(sizeof(TCHAR) * (domlen + 1));

(my domlen == 0).

'dup_domain.tbyte_ptr' looks to be freed in Curl_ntlm_sspi_cleanup() via
'ntlm->identity.Domain'. But I see no freeing of 'dup_domain.tchar_ptr'.

- DONE: consider callback-aborted transfers premature

This bug report properly identified that when doing SMTP and aborting
the transfer with a callback, it must be considered aborted prematurely
by the code to avoid QUIT etc to be attempted as that would cause a
hang.

The new test case 1507 verifies this behavior.

Reported by: Patricia Muscalu
Bug: http://curl.haxx.se/bug/view.cgi?id=1184

- FAQ: refreshed some phrases

Nick Zitzmann (7 Feb 2013)
- darwinssl: Fix build under Leopard

It turns out that Leopard (OS X 10.5) doesn't have constants for the ECDH
ciphers in its headers, so the cases for them have been taken out of the
build when building under Leopard. Also added a standard function for
getting a string description of a SecCertificateRef.

Steve Holme (7 Feb 2013)
- RELEASE-NOTES: Added new imap features

- imap: Added support for SASL-IR extension (Part 2)

Modified imap_authenticate() to add support for sending the initial
response with the AUTHENTICATE command, as per RFC4959.

- smtp: Updated SMTP_AUTH_PASSWD state constant

Changed the SMTP_AUTH_PASSWD state constant to SMTP_AUTH_LOGIN_PASSWD to
better describe the state as the second part of an AUTH LOGIN command,
as well as for consistency with the imap and pop3 modules.

- imap: Added support for SASL-IR extension (Part 1)

Introduced detection of the SASL-IR capability, in order to add support
for sending the initial response with the AUTHENTICATE command, as per
RFC4959.

Daniel Stenberg (7 Feb 2013)
- Revert "vc: remove explicit MSVC6 IDE project file and documentation"

This reverts commit 0e66d5878edc3d7ffc445116d194b58bbc7504b9.

Steve Holme (7 Feb 2013)
- imap: Changed response tag generation to be completely unique

Updated the automatic response tag generation to follow the examples
given in RC3501, which list a 4 character string such as A001, A002,
etc.

As a unique identifier should be generated for each command the string
generation is based on the connection id and the incrementing command
id.

Dan Fandrich (6 Feb 2013)
- Tweak the Android.mk file for its new location

This is untested, but ought to be enough to still allow it
to work automatically when the entire curl source tree is
dropped into a full Android source tree.

Daniel Stenberg (6 Feb 2013)
- vc: remove explicit MSVC6 IDE project file and documentation

VC6 is _very_ old and we provide working makefiles even for that
compiler. Users who build with the IDE never use that method and project
file anyway and it was just lingering in the root dir.

Steve Holme (6 Feb 2013)
- imap: Small variable rename in preparation for upcoming change

Renamed a couple of variables and updated some comments in
preparation for upcoming command id / response tag change.

Daniel Stenberg (6 Feb 2013)
- msvc: move Makefile.msvc.names into winbuild/

In an attempt to clear up misc files from the root dir

- build: move Android.mk to packages/Android/

- emacs files: remove from git and dist

We don't need them and I doubt many people used them. We also don't have
any configs for other editors and we wouldn't want that.

Steve Holme (6 Feb 2013)
- email: Moved starttls code in separate functions

To help maintain the readability of the code in imap.c, pop3.c and
smtp.c moved the starttls code into state_starttls() functions.

- [Nick Zitzmann brought this change]

FEATURES: More NTLM and SSL changes, added two others, fixed typo

Added IDN and HTTP data compression as they were left out of the
document until now.

Added notes for qssl, schannel and Secure Transport supporting SSLv2,
Secure Transport supports NTLM, and axTLS does not support SSLv3.

There was also a typo; "AUTH TSL" should be "AUTH TLS".

Kamil Dudka (6 Feb 2013)
- curl-config.in: do not randomly mix tabs and spaces

Daniel Stenberg (6 Feb 2013)
- 7.29.1: onwards!

- THANKS: 12 contributors from 7.29.0

Version 7.29.0 (6 Feb 2013)

Daniel Stenberg (6 Feb 2013)
- vms: config-vms.h is removed, no use trying to distribute it

- RELEASE-NOTES: mention the SASL buffer overflow

- [Eldar Zaitov brought this change]

Curl_sasl_create_digest_md5_message: fix buffer overflow

When negotiating SASL DIGEST-MD5 authentication, the function
Curl_sasl_create_digest_md5_message() uses the data provided from the
server without doing the proper length checks and that data is then
appended to a local fixed-size buffer on the stack.

This vulnerability can be exploited by someone who is in control of a
server that a libcurl based program is accessing with POP3, SMTP or
IMAP. For applications that accept user provided URLs, it is also
thinkable that a malicious user would feed an application with a URL to
a server hosting code targetting this flaw.

Bug: http://curl.haxx.se/docs/adv_20130206.html

Steve Holme (6 Feb 2013)
- FEATURES: Removed erroneous whitespace

Removed whitespace introduced in commit 5f8f20f5e65b that caused
formatting issues when generating the website docs.

Yang Tse (6 Feb 2013)
- setup-vms.h: post VMS patch cleanup - III

- rename post-config-vms.h to setup-vms.h
- move its inclusion into proper location in curl_setup.h

- vms_show: post VMS patch cleanup - II

- remove multiple declarations of vms_show and add comments

- tool_main.c: post VMS patch cleanup - I

- remove header inclusion already done in curl_setup_once.h

Steve Holme (6 Feb 2013)
- FEATURES: Added SSPI to list of NTLM libraries

- FEATURES: Added Secure Transport and qssl to list of SSL libraries

- FEATURES: Added email feature set

Added SMTP, SMTPS, POP3, POP3S, IMAP and IMAPS features.

- imap.h: Corrected incorrect comment clarification

Corrected comment clarification made in commit 167717b8069a.

- COPYING: Updated copyright year to include 2013

Daniel Stenberg (5 Feb 2013)
- RELEASE-NOTES: synced with 25f351424b3538

8 more bug fixes mentioned

- [John E. Malmberg brought this change]

VMS: fix and generate the VMS build config

config_h.com is a new file that generates a config.h file based on the
curl_config.h.in file and a quick scan of the configure script. This is
actually a generic procedure that is shared with other VMS packages.

The existing pre-built config-vms.h had over 100 entries that were not
correct and in some cases conflicted with the build options available in
the build_vms.com.

generate_config_vms_h_curl.com is a helper procedure to the
config_h.com. It covers the cases that the generic config_h.com is not
able to figure out, and accepts input from the build_vms.com procedure.

build_curlbuild_h.com is a new file to generate the curlbuild.h file
that Curl is now using when it is using a curl_config.h file.

post-config-vms.h is a new file that is needed to provide VMS specific
definitions, and most of them need to be set before the system header
files are included.

The VMS build procedure is fixed:

1. Fixed to link in the correct HP ssl library.
2. Fixed to detect if HP Kerberos is installed.
3. Fixed to detect if HP LDAP is installed.
4. Fixed to detect if gnv$libzshr is installed.
5. Simplified the input parameter parsing to not use a loop.
6. Warn that 64 bit pointer option support is not complete
in comments.
7. Default to IEEE floating if platform supports it so
resulting libcurl will be compatible with other
open source projects on VMS.
8. Default to LARGEFILE if platform supports it.
9. Default to enable SSL, LDAP, Kerberos, libz
if the libraries are present.
10. Build with exact case global symbols for libcurl.
11. Generate linker option file needed.
12. Compiler list option only commonly needed items.
13. fulllist option for those who really want it.
14. Create debug symbol file on Alpha, IA64.

- Curl_proxyCONNECT: return once CONNECT is sent

By doing this unconditionally, we infer a simpler and more defined
behavior. This also has the upside that test 1021 no longer fails for me
even if I run with valgrind.

Also fixed some wrong comments.

Steve Holme (5 Feb 2013)
- email: Reworked comments in the endofresp() functions

Tidied up the comments in the endofresp() functions to be more
meaningful prior to release.

Marc Hoersken (5 Feb 2013)
- schannel: Removed extended error connection setup flag

According KB975858 this flag may cause problems on Windows 7 and
Windows Server 2008 R2 systems. Extended error information is not
currently used by libcurl and therefore not a requirement.

The flag may improve the SSL-connection shutdown in case of an
error. This means it might be a good improvement in the future.

Fixes bug/issue #1187 - thanks for the report

Daniel Stenberg (5 Feb 2013)
- [Tor Arntsen brought this change]

singleipconnect: Update *sockp for all CURLE_OK

The 56b7c87c7 change left a case where a good sockfd was not copied to
*sockp before returning with CURLE_OK

- curl_easy_perform: Value stored to 'mcode' is never read

pointed out by clang-analyzer

- singleipconnect: remove dead assignment

pointed out by clang-analyzer

Linus Nielsen Feltzing (5 Feb 2013)
- CURLMOPT_MAXCONNECTS: restore functionality

When a connection is no longer used, it is kept in the cache. If the
cache is full, the oldest idle connection is closed. If no connection is
idle, the current one is closed instead.

Steve Holme (5 Feb 2013)
- RELEASE-NOTES: Updated following recent changes to the email protocols

Added recent additions and fixes following the changes to imap, pop3
and smtp. Additionally added another contributor that helped to test
the imap sasl changes.

- email: Provided extra comments following recent pop3/imap fixes

Provided additional clarification about the logic of the authenticate()
functions following commit 6b6bdc83bd36 and b4270a9af1d0.

Daniel Stenberg (5 Feb 2013)
- [Andrei Kurushin brought this change]

winbuild: include version info for .dll .exe

Bug: http://curl.haxx.se/bug/view.cgi?id=1186

- FAQ: clarify 5.13 How do I stop an ongoing transfer

Rich Gray provided good feedback and we now clarify that you can in fact
stop a multi transfer at any point you like by removing the easy handle.

- [Matt Arsenault brought this change]

cmake: Fix mingw build

- [Sergei Nikulov brought this change]

cmake: updated OpenSSL build

Steve Holme (4 Feb 2013)
- pop3.c: Updated variable names to use shorter / more readable variant

Tidied up code from commit 6b6bdc83bdUpdated where a few instances of
the pop3c struct variable used the longer conndata struct rather than
matching what other code in pop3_authenticate() used.

Guenter Knauf (4 Feb 2013)
- updated copyright years.

- configure: update the copyright years for the output.

Steve Holme (3 Feb 2013)
- imap: Fixed no known authentication mechanism when fallback is required

Fixed an issue where (lib)curl is compiled without support for a
supported challenge-response based SASL authentication mechanism, such
as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
mechanisms and (lib)curl doesn't fallback to Clear Text authentication.

Note: In order to fallback to Clear Text authentication properly this
fix adds support for the LOGINDISABLED server capability.
imap: Fixed no known authentication mechanism when fallback is required

Note: In order to fallback to Clear Text authentication properly this
fix adds support for the LOGINDISABLED server capability.

Related bug: http://curl.haxx.se/mail/lib-2013-02/0004.html
Reported by: Stanislav Ivochkin

- pop3: Fixed no known authentication mechanism when fallback is required

Bug: http://curl.haxx.se/mail/lib-2013-02/0004.html
Reported by: Stanislav Ivochkin

Daniel Stenberg (1 Feb 2013)
- singleipconnect: simplify and clean up

Remove timeout argument that's never used.

Make the actual connection get detected on a single spot to reduce code
duplication.

Store the IPv6 state already when the connection is attempted.

- Curl_perfom: removed

Curl_perfom is no longer used anywhere since the always-multi commit
c43127414d89ccb9, and some related functions were used only from within
Curl_perfom.

Guenter Knauf (30 Jan 2013)
- Updated date.

Yang Tse (30 Jan 2013)
- zz40-xc-ovr.m4: fix 'wc' detection - follow-up 2

- Fix a pair of single quotes to double quotes.

URL: http://curl.haxx.se/mail/lib-2013-01/0355.html
Reported by: Tor Arntsen

- zz40-xc-ovr.m4: fix 'wc' detection - follow-up

- Take into account that 'wc' may return leading spaces and/or tabs.

- Set initial IFS to space, tab and newline.

- zz40-xc-ovr.m4: fix 'wc' detection

- Take into account that 'wc' may return leading spaces.

- Set internationalization behavior variables.

Tor Arntsen analyzed and reported the issue.

URL: http://curl.haxx.se/mail/lib-2013-01/0351.html

- zz40-xc-ovr.m4: check another three basic utilities

Guenter Knauf (29 Jan 2013)
- Fixed debug.c to work again unchanged.

Added CURLOPT_FOLLOWLOCATION since example.com is now redirected.

Daniel Stenberg (29 Jan 2013)
- [Nick Zitzmann brought this change]

darwinssl: Fix bug where packets were sometimes transmitted twice

There was a bug where, if SSLWrite() returned errSSLWouldBlock but did
succeed in transmitting at least something, then we'd incorrectly
resend the packet. Now we never take errSSLWouldBlock as a sign that
nothing was transferred to/from the server.

Bug: http://curl.haxx.se/mail/lib-2013-01/0295.html
Reported by: Bruno de Carvalho

- [Nick Zitzmann brought this change]

FAQ: "Darwinssl" is AKA "Secure Transport" and supports NTLM

- RELEASE-NOTES: only list Nick once

Even though he's a fine dude, once is enough for this time!

Yang Tse (28 Jan 2013)
- zz40-xc-ovr.m4: 1.0 interface stabilization

- Stabilization results in 4 public interface m4 macros:
XC_CONFIGURE_PREAMBLE
XC_CONFIGURE_PREAMBLE_VER_MAJOR
XC_CONFIGURE_PREAMBLE_VER_MINOR
XC_CHECK_PATH_SEPARATOR
- Avoid one level of internal indirection
- Update comments
- Drop XC_OVR_ZZ40 macro

Kamil Dudka (28 Jan 2013)
- docs: fix typos in man pages

Reported by: Jiri Jaburek
Bug: https://bugzilla.redhat.com/896544

- docs: update the comments about loading CA certs with NSS

Bug: https://bugzilla.redhat.com/696783

Guenter Knauf (28 Jan 2013)
- Updated dependency libs.

- Fixed simple.c to work again unchanged.

Added CURLOPT_FOLLOWLOCATION since example.com is now redirected.

Steve Holme (27 Jan 2013)
- smtp.c: Fixed unnecessary state change if starttls fails

The state machine should only be changed to SMTP_STARTTLS when the
STARTTLS command has been successfully sent to the server.

- pop3.c: Fixed unnecessary state change if starttls fails

The state machine should only be changed to POP3_STARTTLS when the
STLS command has been successfully sent to the server.

- imap.c: Fixed unnecessary state change if starttls fails

The state machine should only be changed to IMAP_STARTTLS when the
STARTTLS command has been successfully sent to the server.

- email: Updated comment regarding ssldone usage

Updated the ssldone comment as multi mode is always used internally now.

Yang Tse (26 Jan 2013)
- zz40-xc-ovr.m4: emit witness message in configure BODY

This avoids witness message in output when running configure --help,
while sending the message to config.log for other configure runs.

Steve Holme (25 Jan 2013)
- smtp.c: Added comments to smtp_endofresp()

Minor code tidy up to add comments similar to those used in the pop3
and imap end of resp functions, in order to assist anyone reading the
code and highlight the similarities between each of these protocols.

Yang Tse (25 Jan 2013)
- zz40-xc-ovr.m4: truly do version conditional overriding

- version conditional overriding
- catch unexpanded XC macros
- fix double words in comments

- zz40-xc-ovr.m4: fix variable assignment of subshell output bashism

Tor Arntsen analyzed and reported the issue.

URL: http://curl.haxx.se/mail/lib-2013-01/0306.html

- zz40-xc-ovr.m4: reinstate strict AC_REQUIRE macro dependencies

- zz40-xc-ovr.m4: avoid double single-quote usage

- zz40-xc-ovr.m4: parentheses balancing of 'case' statements

m4 quadrigraph shell comment technique allows proper autoconf
parentheses balancing in shell 'case' statements. The presence
of unbalanced parentheses may otherwise trigger expansion bugs.

Steve Holme (24 Jan 2013)
- smtp.c: Corrected RFC references

The most recent version of the SMTP RFC is RFC5321 and not RFC2821 as
previously documented.

Added RFC1870 and re-ordered list numerically.

- smtp.c: Fixed failure detection during TLS upgrade

smtp_state_upgrade_tls() would attempt to incorrectly complete the
upgrade to smtps and start the EHLO command if
Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
was set to TRUE. This would only happen when a non-blocking API hadn't
been provided by the SSL implementation and curlssl_connect() was
called underneath.

- pop3.c: Fixed failure detection during TLS upgrade

pop3_state_upgrade_tls() would attempt to incorrectly complete the
upgrade to pop3s and start the CAPA command if
Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
was set to TRUE. This would only happen when a non-blocking API hadn't
been provided by the SSL implementation and curlssl_connect() was
called underneath.

- imap.c: Fixed failure detection during TLS upgrade

imap_state_upgrade_tls() would attempt to incorrectly complete the
upgrade to imaps and start the CAPABILITY command if
Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
was set to TRUE. This would only happen when a non-blocking API hadn't
been provided by the SSL implementation and curlssl_connect() was
called underneath.

Yang Tse (24 Jan 2013)
- zz40-xc-ovr.m4: internals overhauling

- Update comments
- Execute commands in subshells
- Faster path separator check
- Fix missing 'test' command
- Rename private macros
- Minimize AC_REQUIRE usage

Steve Holme (23 Jan 2013)
- email: Removed unnecessary return statements

Small tidy up to remove unnecessary return statements prior to the next
fix.

Yang Tse (23 Jan 2013)
- zz40-xc-ovr.m4: redirect errors and warnings to stderr

- zz40-xc-ovr.m4: AC_REQUIRE also XC_CONFIGURE_PREAMBLE success message

- zz60-xc-ovr.m4: tighten XC_OVR_ZZ60 macro placement requirements

- configure: use XC_CONFIGURE_PREAMBLE early checks

Some basic checks we make were placed early enough in generated
configure script when using autoconf 2.5X versions. Newer autoconf
versions expand these checks much further into the configure script,
rendering them useless. Using XC_CONFIGURE_PREAMBLE fixes placement
of early intended checks across all our autoconf supported versions.

- zz40-xc-ovr.m4: provide XC_CONFIGURE_PREAMBLE macro

Daniel Stenberg (23 Jan 2013)
- FAQ: update the SSL lib list and wording in question 2.2

Steve Holme (22 Jan 2013)
- curl_sasl.c: Corrected references to RFC

The most recent version of the RFC is RFC4422 and not RFC2222 as
previously documented.

- email: Corrected references to SASL RFC

The most recent version of the SASL RFC is RFC4422 and not RFC2222 as
previously documented.

Daniel Stenberg (22 Jan 2013)
- [Ulion brought this change]

formpost: support quotes, commas and semicolon in file names

- document the double-quote and backslash need be escaped if quoting.
- libcurl formdata escape double-quote in filename by backslash.
- curl formparse can parse filename both contains '"' and ',' or ';'.
- curl now can uploading file with ',' or ';' in filename.

Bug: http://curl.haxx.se/bug/view.cgi?id=1171

- memanalyze.pl: handle fopen() of file names with quotes

Yang Tse (21 Jan 2013)
- xc-cc-check.m4: re-evaluate exporting and AC_SUBST'ing vars

Notes:

When running a configure script that has nested packages (for example
libcurl's configure with --enable-ares and c-ares sources embedded in
curl tree) and AC_CONFIG_SUBDIRS([nested-subdir]) machinery is used to
automatically run the nested configure script from within the parent
configure script, it happens that the nested _shell_ script will
inherit shell variables exported from the parent _shell_ script.

If for example parent configure script sets and exports LDFLAGS and LIBS
variables with proper values in order to link either a parent library or
program with a library which will be configured and built by a nested
package; It will happen that when the nested configure script runs, the
nested library does not exist yet and _any_ link-test done in the nested
configure will fail, such as those that autoconf macros perform in order
to detect existing compiler and its characteristics, the result is that
the nested configure script will fail with errors such as:

configure: error: C compiler cannot create executables

For now, we no longer export variables previously exported here.

On the other hand, AC_SUBST'ing them is appropriate and even with nested
packages each package's config.status gets its own package values.

So we reinstate AC_SUBST'ing previously AC_SUBST'ed variables.

Daniel Stenberg (21 Jan 2013)
- FAQ: 3.22 curl -X gives me HTTP problems

Yang Tse (21 Jan 2013)
- xc-cc-check.m4: avoid recursive package automake'ing breakage

- xc-cc-check.m4: mark earlier variables that are to be exported

- configure: autotools compatibility fixes - step I

Fix proper macro expansion order across autotools versions for
C compiler and preprocessor program checks.

Steve Holme (20 Jan 2013)
- pop3.c: Fixed conditional compilation of the apop response function

Extended the fix from commit 8b15c84ea91e to additionally exclude
pop3_state_apop_resp() if the CURL_DISABLE_CRYPTO_AUTH flag is
defined.

Yang Tse (20 Jan 2013)
- Makefile.inc: fix $(top_srcdir) not allowed in _SOURCES variables

Daniel Stenberg (19 Jan 2013)
- formadd: reject trying to read a directory where a file is expected

Bug: http://curl.haxx.se/mail/archive-2013-01/0017.html
Reported by: Ulrich Doehner

- curl_easy_send.3: document return codes

Reported by: Craig Davison
Bug: http://curl.haxx.se/mail/lib-2013-01/0234.html

- curl_easy_recv.3: document return codes

Reported by: Craig Davison
Bug: http://curl.haxx.se/mail/lib-2013-01/0234.html

Steve Holme (19 Jan 2013)
- email: General code tidy up

Corrected some function argument definitions to maximize the 80
character line length limit and be in keeping with the curl
coding style.

- pop3.c: Fixed a problem with pop3s connections not connecting properly

Fixed an issue where Curl_ssl_connect_nonblocking() wouldn't complete
correctly and the ssldone flag wouldn't be set to true for pop3s based
connections.

Bug introduced in commit: 4ffb8a6398ed.

Daniel Stenberg (18 Jan 2013)
- RELEASE-NOTES: add references to several bugfixes+changes

Steve Holme (18 Jan 2013)
- RELEASE-NOTES: Added missing imap fix

Added missing imap fix as per commit 709b3506cd9b.

Yang Tse (18 Jan 2013)
- runtests.pl: make VPATH builds find valgrind.supp

Daniel Stenberg (18 Jan 2013)
- RELEASE-NOTES: synced with c43127414d89

- always-multi: always use non-blocking internals

Remove internal separated behavior of the easy vs multi intercace.
curl_easy_perform() is now using the multi interface itself.

Several minor multi interface quirks and bugs have been fixed in the
process.

Much help with debugging this has been provided by: Yang Tse

Yang Tse (17 Jan 2013)
- url.c: fix HTTP CONNECT tunnel establishment upon delayed response

Fixes initial proxy response being processed by the tunneled protocol
handler instead of the HTTP wrapper handler. This issue would trigger
upon delayed CONNECT response from the proxy.

Additionally fixes a multi interface code-path in which connections
would not time out properly.

This does not fix known bug #39.

URL: http://curl.haxx.se/mail/lib-2013-01/0191.html

Daniel Stenberg (16 Jan 2013)
- [Yves Arrouye brought this change]

--libcurl: fix for non-zero default options

If the default value for an option taking a long as its value is non
zero, and it is set by zero by a command line option, then that command
line option is not reflected in --libcurl's output. This is because line
520-521 of tool_setopt.c look like:

if(!lval)
skip = TRUE;

An example of a command-line option doing so is the -k option that sets
CURLOPT_SLL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST to 0L, when the
defaults are non-zero.

- FTP: reject illegal port numbers in EPSV 229 responses

Yang Tse (15 Jan 2013)
- commit bc682cbd follow-up

- build: use per-target '_CPPFLAGS' for those currently using default

Automake documents that doing this will make it choose a different name
for intermediate object files even when sharing source files across
targets of same Makefile.am.

Up to automake 1.13.1 target's intermediate object files were placed
in the build subdirectory of the target. We depended on this, probably
undocumented behavior, to achieve same behavior as if a per-target flag
had been specified when building targets that actually belong to
different Makefile.am files.

It seems automake 1.13.2 is going to break behavior mentioned above.

So, lets use a documented behavior in order to achieve same purpose,
across automake versions, no matter where automake wishes to place
intermediate object files.

Our build targets that already were using a per-target '_CFLAGS' or
'_CPPFLAGS' need no 'fixing', these were already 'fixed'. The only
Makefile.am or Makefile.in files in libcurl's source tree touched by
this 'fix' are tests/libtest/Makefile.inc and tests/unit/Makefile.inc.

- tests/libtest/Makefile.inc: sort build targets

- tests/Makefile.am: remove wildcard usage in EXTRA_DIST

Kamil Dudka (15 Jan 2013)
- nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE

Do not use the error messages from NSS for errors not occurring in NSS.

Steve Holme (14 Jan 2013)
- TODO: Updated following IMAP SASL additions

Yang Tse (14 Jan 2013)
- configure: fix automake 1.13 compatibility

Tested with:

buildconf: autoconf version 2.69
buildconf: autom4te version 2.69
buildconf: autoheader version 2.69
buildconf: automake version 1.13.1
buildconf: aclocal version 1.13.1
buildconf: libtool version 2.4
buildconf: GNU m4 version 1.4.16

Daniel Stenberg (13 Jan 2013)
- BUGS: update bug tracker URL

... and refresh number of lines of code

- Curl_resolver_getsock: fix the function description comment

It referred to it by the wrong name and said it returned the wrong value.

Reported by: Gisle Vanem

Kamil Dudka (11 Jan 2013)
- nss: clear session cache if a client cert from file is used

This commit fixes a regression introduced in 052a08ff.

NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback
and if we connect second time to the same server, the cached cert/key
pair is used. If we use multiple client certificates for different
paths on the same server, we need to clear the session cache to force
NSS to call the hook again. The commit 052a08ff prevented the session
cache from being cleared if a client certificate from file was used.

The condition is now fixed to cover both cases: consssl->client_nickname
is not NULL if a client certificate from the NSS database is used and
connssl->obj_clicert is not NULL if a client certificate from file is
used.

Review by: Kai Engert

Yang Tse (11 Jan 2013)
- sockfilt.c: log file descriptor number on read/write error

- [Gisle Vanem brought this change]

packages/DOS/common.dj: remove COFF debug info generation

gcc on DOS hasn't really supported COFF-debug (-gcoff) on djgpp for a
long time.

"Sounds like the COFF debug info generation has bit-rotted in GCC.
Nothing new here, no other platform uses COFF AFAIK."

So lets drop it too.

URL: http://curl.haxx.se/mail/lib-2013-01/0130.html

- curl: ignore SIGPIPE - compilation fix - follow-up

- test servers: handle W32/W64 SIGBREAK with exit_signal_handler

- test servers: fix errno, ERRNO and SOCKERRNO usage for W32/W64

- sockfilt.c: fix some W64 compiler warnings

Daniel Stenberg (9 Jan 2013)
- [Nick Zitzmann brought this change]

docs: the --with-darwinssl option is available on Apple OSes

Yang Tse (9 Jan 2013)
- curl: ignore SIGPIPE - compilation fix

- build: fix circular header inclusion with other packages

This commit renames lib/setup.h to lib/curl_setup.h and
renames lib/setup_once.h to lib/curl_setup_once.h.

Removes the need and usage of a header inclusion guard foreign
to libcurl. [1]

Removes the need and presence of an alarming notice we carried
in old setup_once.h [2]

----------------------------------------

1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard
up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H,
this single inclusion guard is enough to ensure that inclusion of
lib/setup_once.h done from lib/setup.h is only done once.

Additionally lib/setup.h has always used __SETUP_ONCE_H macro to
protect inclusion of setup_once.h even after commit ec691ca3, this
was to avoid a circular header inclusion triggered when building a
c-ares enabled version with c-ares sources available which also has
a setup_once.h header. Commit ec691ca3 exposes the real nature of
__SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard
foreign to libcurl belonging to c-ares's setup_once.h

The renaming this commit does, fixes the circular header inclusion,
and as such removes the need and usage of a header inclusion guard
foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl.

2 - Due to the circular interdependency of old lib/setup_once.h and the
c-ares setup_once.h header, old file lib/setup_once.h has carried
back from 2006 up to now days an alarming and prominent notice about
the need of keeping libcurl's and c-ares's setup_once.h in sync.

Given that this commit fixes the circular interdependency, the need
and presence of mentioned notice is removed.

All mentioned interdependencies come back from now old days when
the c-ares project lived inside a curl subdirectory. This commit
removes last traces of such fact.

Daniel Stenberg (8 Jan 2013)
- curl: ignore SIGPIPE

This is a work-around for bug #1180 which is really libcurl's inability
to ignore SIGPIPE in a few cases. With this work-around at least curl
won't suffer from it!

Bug: http://curl.haxx.se/bug/view.cgi?id=1180
Reported by: Lluís Batlle i Rossell

Yang Tse (8 Jan 2013)
- sockfilt.c: fix some compiler warnings

Daniel Stenberg (8 Jan 2013)
- Revert "configure: update req to 2.59"

This reverts commit 7a6d8b1b1a8fcc184c36d6b6e741e32250b4bacb.

URL: http://curl.haxx.se/mail/lib-2013-01/0103.html

Steve Holme (8 Jan 2013)
- pop3: Added support for non-blocking SSL upgrade

Added support for asynchronous SSL upgrade when using the
multi-interface.

Daniel Stenberg (8 Jan 2013)
- configure: update req to 2.59

I ran the 2.59 version of autoupdate that updates obsoleted configure.ac
constructs to the 2.59 standard. With a little hands-on fiddling I
prevented it from ruining the quoting in AS_HELP_STRING() uses.

I subsequently also bumped the required autoconf version to 2.59
(released in December 2003) as I don't have an older autoconf version
around to test with and I can't be bothered to install one either...

Inspired by: Björn Stenberg
Related blog post: http://cazfi.livejournal.com/195108.html

Steve Holme (7 Jan 2013)
- imap.c: Small tidy up to add missing comment

- imap: Added support for sasl digest-md5 authentication

- imap: Added support for sasl cram-md5 authentication

Marc Hoersken (7 Jan 2013)
- tests/server/sockfilt.c: Fixed integer comparison warning

- tests/server/sockfilt.c: Include required Win32 headers

Steve Holme (7 Jan 2013)
- imap: Added support for sasl ntlm authentication

- imap: Added support for sasl login authentication

- pop3.c: Fixed default authentication detection

Fixed an issue where a server may positively respond to the CAPA command
but not list clear text as a valid authentication type.

- curl_sasl.c: Small code tidy up following imap changes

- smtp.c: Small code tidy up following imap changes

- pop3.c: Small code tidy up following imap changes

- imap: Added support for sasl plain text authentication

Marc Hoersken (6 Jan 2013)
- tests/server/sockfilt.c: Fixed support for listening sockets

This commit fixes support for sockets that are ready to accept
a new connection and have previously been put into listening mode.

It also includes changes which are the result of investigation
regarding Windows STDIN. These changes are the preparation for further
improvements regarding support for reading data from STDIN on Windows.

Open issue: WaitForMultipleObjectsEx does not support PIPE handles
which are returned by GetStdHandle while running without a GUI.

- tests/server/sockfilt.c: Set Windows Console to binary mode

- tests/server/sockfilt.c: Improved log error messages

Include error code and parameters in error messages.

Steve Holme (6 Jan 2013)
- imap: Introduced the continue response in imap_endofresp()

- imap: Added support for SASL based authentication mechanism detection

Added support for detecting the supported SASL authentication mechanisms
via the CAPABILITY command.

Yang Tse (6 Jan 2013)
- Revert changes relative to lib/*.[ch] recent renaming

This reverts renaming and usage of lib/*.h header files done
28-12-2012, reverting 2 commits:

f871de0... build: make use of 76 lib/*.h renamed files
ffd8e12... build: rename 76 lib/*.h files

This also reverts removal of redundant include guard (redundant thanks
to changes in above commits) done 2-12-2013, reverting 1 commit:

c087374... curl_setup.h: remove redundant include guard

This also reverts renaming and usage of lib/*.c source files done
3-12-2013, reverting 3 commits:

13606bb... build: make use of 93 lib/*.c renamed files
5b6e792... build: rename 93 lib/*.c files
7d83dff... build: commit 13606bbfde follow-up 1

Start of related discussion thread:

http://curl.haxx.se/mail/lib-2013-01/0012.html

Asking for confirmation on pushing this revertion commit:

http://curl.haxx.se/mail/lib-2013-01/0048.html

Confirmation summary:

http://curl.haxx.se/mail/lib-2013-01/0079.html

NOTICE: The list of 2 files that have been modified by other
intermixed commits, while renamed, and also by at least one
of the 6 commits this one reverts follows below. These 2 files
will exhibit a hole in history unless git's '--follow' option
is used when viewing logs.

lib/curl_imap.h
lib/curl_smtp.h

Daniel Stenberg (6 Jan 2013)
- mk-ca-bundle.1: convert syntax to what's used elsewhere

... mostly to make sure roffit works better on it, but also to make our
man pages use a more unified style.

- mk-ca-bundle.1: mention new -f, fix outputfile output

also edited a few sentences to become more verbose

- mk-ca-bundle: add -f, support passing to stdout and more

1. When the downloaded data file from Mozilla is current, but the output
bundle does not exist: continue processing to create the bundle. The
goal is to have the output file - not just download the latest input.

2. added -f option to force re-processing the file. Useful for
debugging/testing the process.

3. added support for output to '-' (stdout), allowing the output to be
piped.

4. All progress and error messages go to STDERR rather than STDOUT (3)

5. The script opened and closed the output file many times
unnecessarily. It now opens it once, does the output and closes it.

6. Backup of the input files happens after successful processing, not
before.

7. The output is written to a temporary file, and renamed to the
requested name after backup - this greatly reduces the window where the
file can be seen partially written.

8. all die calls have a \n at the end to suppress perl's traceback - the
traceback isn't useful to end users.

Patch: http://curl.haxx.se/mail/lib-2013-01/0045.html

Yang Tse (5 Jan 2013)
- imap test server: fix typo in name of SELECT_imap() sub definition

IMAP test server breaking typo introduced with commit b708a522a1

Steve Holme (4 Jan 2013)
- imap test server: Added support for the CAPABILITY command

Added support for the CAPABILITY command in preparation of upcoming
changes.

Daniel Stenberg (3 Jan 2013)
- writeout: -w now supports remote_ip/port and local_ip/port

Added mention to the curl.1 man page.

Test case 1223 verifies remote_ip/port.

Yang Tse (3 Jan 2013)
- test 1222: 8 chars object name generation && test 1221: adjustments

Daniel Stenberg (3 Jan 2013)
- INTERNALS: remove "footnote" never used

Yang Tse (3 Jan 2013)
- build: commit 13606bbfde follow-up 1

Daniel Stenberg (3 Jan 2013)
- FAQ: Can I write a server with libcurl?

Yang Tse (3 Jan 2013)
- build: rename 93 lib/*.c files

93 lib/*.c source files renamed to use our standard naming scheme.

This commit only does the file renaming.

----------------------------------------

renamed: lib/amigaos.c -> lib/curl_amigaos.c
renamed: lib/asyn-ares.c -> lib/curl_asyn_ares.c
renamed: lib/asyn-thread.c -> lib/curl_asyn_thread.c
renamed: lib/axtls.c -> lib/curl_axtls.c
renamed: lib/base64.c -> lib/curl_base64.c
renamed: lib/bundles.c -> lib/curl_bundles.c
renamed: lib/conncache.c -> lib/curl_conncache.c
renamed: lib/connect.c -> lib/curl_connect.c
renamed: lib/content_encoding.c -> lib/curl_content_encoding.c
renamed: lib/cookie.c -> lib/curl_cookie.c
renamed: lib/cyassl.c -> lib/curl_cyassl.c
renamed: lib/dict.c -> lib/curl_dict.c
renamed: lib/easy.c -> lib/curl_easy.c
renamed: lib/escape.c -> lib/curl_escape.c
renamed: lib/file.c -> lib/curl_file.c
renamed: lib/fileinfo.c -> lib/curl_fileinfo.c
renamed: lib/formdata.c -> lib/curl_formdata.c
renamed: lib/ftp.c -> lib/curl_ftp.c
renamed: lib/ftplistparser.c -> lib/curl_ftplistparser.c
renamed: lib/getenv.c -> lib/curl_getenv.c
renamed: lib/getinfo.c -> lib/curl_getinfo.c
renamed: lib/gopher.c -> lib/curl_gopher.c
renamed: lib/gtls.c -> lib/curl_gtls.c
renamed: lib/hash.c -> lib/curl_hash.c
renamed: lib/hmac.c -> lib/curl_hmac.c
renamed: lib/hostasyn.c -> lib/curl_hostasyn.c
renamed: lib/hostcheck.c -> lib/curl_hostcheck.c
renamed: lib/hostip.c -> lib/curl_hostip.c
renamed: lib/hostip4.c -> lib/curl_hostip4.c
renamed: lib/hostip6.c -> lib/curl_hostip6.c
renamed: lib/hostsyn.c -> lib/curl_hostsyn.c
renamed: lib/http.c -> lib/curl_http.c
renamed: lib/http_chunks.c -> lib/curl_http_chunks.c
renamed: lib/http_digest.c -> lib/curl_http_digest.c
renamed: lib/http_negotiate.c -> lib/curl_http_negotiate.c
renamed: lib/http_negotiate_sspi.c -> lib/curl_http_negotiate_sspi.c
renamed: lib/http_proxy.c -> lib/curl_http_proxy.c
renamed: lib/idn_win32.c -> lib/curl_idn_win32.c
renamed: lib/if2ip.c -> lib/curl_if2ip.c
renamed: lib/imap.c -> lib/curl_imap.c
renamed: lib/inet_ntop.c -> lib/curl_inet_ntop.c
renamed: lib/inet_pton.c -> lib/curl_inet_pton.c
renamed: lib/krb4.c -> lib/curl_krb4.c
renamed: lib/krb5.c -> lib/curl_krb5.c
renamed: lib/ldap.c -> lib/curl_ldap.c
renamed: lib/llist.c -> lib/curl_llist.c
renamed: lib/md4.c -> lib/curl_md4.c
renamed: lib/md5.c -> lib/curl_md5.c
renamed: lib/memdebug.c -> lib/curl_memdebug.c
renamed: lib/mprintf.c -> lib/curl_mprintf.c
renamed: lib/multi.c -> lib/curl_multi.c
renamed: lib/netrc.c -> lib/curl_netrc.c
renamed: lib/non-ascii.c -> lib/curl_non_ascii.c
renamed: lib/curl_non-ascii.h -> lib/curl_non_ascii.h
renamed: lib/nonblock.c -> lib/curl_nonblock.c
renamed: lib/nss.c -> lib/curl_nss.c
renamed: lib/nwlib.c -> lib/curl_nwlib.c
renamed: lib/nwos.c -> lib/curl_nwos.c
renamed: lib/openldap.c -> lib/curl_openldap.c
renamed: lib/parsedate.c -> lib/curl_parsedate.c
renamed: lib/pingpong.c -> lib/curl_pingpong.c
renamed: lib/polarssl.c -> lib/curl_polarssl.c
renamed: lib/pop3.c -> lib/curl_pop3.c
renamed: lib/progress.c -> lib/curl_progress.c
renamed: lib/qssl.c -> lib/curl_qssl.c
renamed: lib/rawstr.c -> lib/curl_rawstr.c
renamed: lib/rtsp.c -> lib/curl_rtsp.c
renamed: lib/security.c -> lib/curl_security.c
renamed: lib/select.c -> lib/curl_select.c
renamed: lib/sendf.c -> lib/curl_sendf.c
renamed: lib/share.c -> lib/curl_share.c
renamed: lib/slist.c -> lib/curl_slist.c
renamed: lib/smtp.c -> lib/curl_smtp.c
renamed: lib/socks.c -> lib/curl_socks.c
renamed: lib/socks_gssapi.c -> lib/curl_socks_gssapi.c
renamed: lib/socks_sspi.c -> lib/curl_socks_sspi.c
renamed: lib/speedcheck.c -> lib/curl_speedcheck.c
renamed: lib/splay.c -> lib/curl_splay.c
renamed: lib/ssh.c -> lib/curl_ssh.c
renamed: lib/sslgen.c -> lib/curl_sslgen.c
renamed: lib/ssluse.c -> lib/curl_ssluse.c
renamed: lib/strdup.c -> lib/curl_strdup.c
renamed: lib/strequal.c -> lib/curl_strequal.c
renamed: lib/strerror.c -> lib/curl_strerror.c
renamed: lib/strtok.c -> lib/curl_strtok.c
renamed: lib/strtoofft.c -> lib/curl_strtoofft.c
renamed: lib/telnet.c -> lib/curl_telnet.c
renamed: lib/tftp.c -> lib/curl_tftp.c
renamed: lib/timeval.c -> lib/curl_timeval.c
renamed: lib/transfer.c -> lib/curl_transfer.c
renamed: lib/url.c -> lib/curl_url.c
renamed: lib/version.c -> lib/curl_version.c
renamed: lib/warnless.c -> lib/curl_warnless.c
renamed: lib/wildcard.c -> lib/curl_wildcard.c

----------------------------------------

- build: make use of 93 lib/*.c renamed files

93 *.c source files renamed to use our standard naming scheme.

This change affects 77 files in libcurl's source tree.

Daniel Stenberg (3 Jan 2013)
- INSTALL: unify the SSL library texts

Make them smaller and more similar for each separate SSL library
supported by the configure build

Yang Tse (2 Jan 2013)
- curl_setup.h: remove redundant include guard

- build and tests: curl_10char_object_name() shell function

lib/objnames.inc provides definition of curl_10char_object_name() shell
function. The intended purpose of this function is to transliterate a
(*.c) source file name that may be longer than 10 characters, or not,
into a string with at most 10 characters which may be used as an OS/400
object name.

Test case 1221 does unit testng of this function and also verifies
that it is possible to generate distinct short object names for all
curl and libcurl *.c source file names.

lib/objnames-test.sh is the shell script used for test case 1221.

tests/runtests.pl modified to accept shell script test cases.

More details inside lib/objnames.inc and lib/objnames-test.sh

- configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS

automake 1.13 errors if AM_CONFIG_HEADER is used in configure script.
automake 1.13 no longer autoupdates AM_CONFIG_HEADER to
AC_CONFIG_HEADERS, thing which automake has been doing since automake
version 1.7

Given that our first automake supported version is automake 1.7,
simply replacing AM_CONFIG_HEADER usage with AC_CONFIG_HEADERS seems
enough to yet support same automake versions.

Dave Reisner reported issue with 1.13 and provided patch.

http://curl.haxx.se/mail/lib-2012-12/0246.html

- curl-override.m4: provide AC_CONFIG_MACRO_DIR definition conditionally

Provide a 'traceable' AC_CONFIG_MACRO_DIR definition only when using
an autoconf version that does not provide it, instead of what we were
doing up to now of providing and overriding AC_CONFIG_MACRO_DIR for
all autoconf versions.

Steve Holme (30 Dec 2012)
- imap.c: Minor follow up tidy up

- imap: Code tidy up prior to adding support for the CAPABILITY command

* Changing the order of the state machine to represent the order in
which commands are sent to the server.

* Reworking the imap_endofresp() function as the FETCH response doesn't
include the command id and shouldn't be part of the length comparison
that takes into account the id string.

- pop3_doing: Applied debug info message when function fails

Applied the same debug message as used in smtp_doing() and imap_doing()
when pop3_multi_statemach() fails.

- imap_doing: don't call imap_dophase_done() if already failed

Applied the POP3 fix from commit 2897ce7dc2e1 so imap_dophase_done()
isn't called if imap_multi_statemach() fails.

- smtp_doing: don't call smtp_dophase_done() if already failed

Applied the POP3 fix from commit 2897ce7dc2e1 so smtp_dophase_done()
isn't called if smtp_multi_statemach() fails.

Yang Tse (29 Dec 2012)
- examples/certinfo.c: fix compiler warning

Steve Holme (29 Dec 2012)
- pop3.c: Removed unnecessary POP3_STOP state changes

Removed unnecessary state changes in pop3_state_starttls_resp()
following previous fix in IMAP module.

- smtp.c: Added extra comments around SMTP_STOP state change

Provided extra comments in the SMTP module following previous IMAP fix.

- imap.c: Fixed bad state error when logging in with invalid credentials

Fixed a problem with the state machine when attempting to log in with
invalid credentials. The server would report login failure but libcurl
would not read the response due to inappropriate IMAP_STOP states being
set after the login was sent.

Yang Tse (29 Dec 2012)
- imap.c: remove trailing whitespace

Steve Holme (28 Dec 2012)
- imap.c: Code tidy up - Part 2

- imap.c: Code tidy up - Part 1

Applied some of the comment and layout changes that had already been
applied to the pop3 and smtp code over the last 6 to 9 months.

This is in preparation of adding SASL based authentication.

- pop3.c: Minor code tidy up

Minor tidy up of comments and layout prior to next part of imap work.

- smtp: Minor code tidy up

Minor tidy up of comments and layout prior to next part of imap work.

- curl_imap.h: Tidy up of comments to be more readable

- imap.c: Code tidy up renaming imapsendf() to imap_sendf()

Renamed imapsendf() to imap_sendf() to be more in keeping with the
other imap functions as well as Curl_pp_sendf() that it replaces.

Yang Tse (28 Dec 2012)
- build: rename 76 lib/*.h files

76 private header files renamed to use our standard naming scheme.

This commit only does the file renaming.

----------------------------------------

renamed: amigaos.h -> curl_amigaos.h
renamed: arpa_telnet.h -> curl_arpa_telnet.h
renamed: asyn.h -> curl_asyn.h
renamed: axtls.h -> curl_axtls.h
renamed: bundles.h -> curl_bundles.h
renamed: conncache.h -> curl_conncache.h
renamed: connect.h -> curl_connect.h
renamed: content_encoding.h -> curl_content_encoding.h
renamed: cookie.h -> curl_cookie.h
renamed: cyassl.h -> curl_cyassl.h
renamed: dict.h -> curl_dict.h
renamed: easyif.h -> curl_easyif.h
renamed: escape.h -> curl_escape.h
renamed: file.h -> curl_file.h
renamed: fileinfo.h -> curl_fileinfo.h
renamed: formdata.h -> curl_formdata.h
renamed: ftp.h -> curl_ftp.h
renamed: ftplistparser.h -> curl_ftplistparser.h
renamed: getinfo.h -> curl_getinfo.h
renamed: gopher.h -> curl_gopher.h
renamed: gtls.h -> curl_gtls.h
renamed: hash.h -> curl_hash.h
renamed: hostcheck.h -> curl_hostcheck.h
renamed: hostip.h -> curl_hostip.h
renamed: http.h -> curl_http.h
renamed: http_chunks.h -> curl_http_chunks.h
renamed: http_digest.h -> curl_http_digest.h
renamed: http_negotiate.h -> curl_http_negotiate.h
renamed: http_proxy.h -> curl_http_proxy.h
renamed: if2ip.h -> curl_if2ip.h
renamed: imap.h -> curl_imap.h
renamed: inet_ntop.h -> curl_inet_ntop.h
renamed: inet_pton.h -> curl_inet_pton.h
renamed: krb4.h -> curl_krb4.h
renamed: llist.h -> curl_llist.h
renamed: memdebug.h -> curl_memdebug.h
renamed: multiif.h -> curl_multiif.h
renamed: netrc.h -> curl_netrc.h
renamed: non-ascii.h -> curl_non-ascii.h
renamed: nonblock.h -> curl_nonblock.h
renamed: nssg.h -> curl_nssg.h
renamed: parsedate.h -> curl_parsedate.h
renamed: pingpong.h -> curl_pingpong.h
renamed: polarssl.h -> curl_polarssl.h
renamed: pop3.h -> curl_pop3.h
renamed: progress.h -> curl_progress.h
renamed: qssl.h -> curl_qssl.h
renamed: rawstr.h -> curl_rawstr.h
renamed: rtsp.h -> curl_rtsp.h
renamed: select.h -> curl_select.h
renamed: sendf.h -> curl_sendf.h
renamed: setup.h -> curl_setup.h
renamed: setup_once.h -> curl_setup_once.h
renamed: share.h -> curl_share.h
renamed: slist.h -> curl_slist.h
renamed: smtp.h -> curl_smtp.h
renamed: sockaddr.h -> curl_sockaddr.h
renamed: socks.h -> curl_socks.h
renamed: speedcheck.h -> curl_speedcheck.h
renamed: splay.h -> curl_splay.h
renamed: ssh.h -> curl_ssh.h
renamed: sslgen.h -> curl_sslgen.h
renamed: ssluse.h -> curl_ssluse.h
renamed: strdup.h -> curl_strdup.h
renamed: strequal.h -> curl_strequal.h
renamed: strerror.h -> curl_strerror.h
renamed: strtok.h -> curl_strtok.h
renamed: strtoofft.h -> curl_strtoofft.h
renamed: telnet.h -> curl_telnet.h
renamed: tftp.h -> curl_tftp.h
renamed: timeval.h -> curl_timeval.h
renamed: transfer.h -> curl_transfer.h
renamed: url.h -> curl_url.h
renamed: urldata.h -> curl_urldata.h
renamed: warnless.h -> curl_warnless.h
renamed: wildcard.h -> curl_wildcard.h

----------------------------------------

- build: make use of 76 lib/*.h renamed files

76 private header files renamed to use our standard naming scheme.

This change affects 322 files in libcurl's source tree.

- lib/*.h: use our standard naming scheme for header inclusion guards

Steve Holme (28 Dec 2012)
- imsp.c: Fixed usernames and passwords that contain escape characters

Fixed a problem with sending usernames and passwords that contain
backslash, quotation mark and space characters.

Daniel Stenberg (27 Dec 2012)
- curl.1: extend the -X, --request description

- RELEASE-NOTES: synced with e3ed2b82e6

- [Nick Zitzmann brought this change]

darwinssl: Fixed inability to disable peer verification

... on Snow Leopard and Lion

Snow Leopard introduced the SSLSetSessionOption() function, but it
doesn't disable peer verification as expected on Snow Leopard or
Lion (it works as expected in Mountain Lion). So we now use sysctl()
to detect whether or not the user is using Snow Leopard or Lion,
and if that's the case, then we now use the deprecated
SSLSetEnableCertVerify() function instead to disable peer verification.

Yang Tse (26 Dec 2012)
- curl tool: rename hugehelp files to tool_hugehelp

- curl tool: renaming hugehelp files to tool_hugehelp

- sockfilt.c: commit b44da5a82a follow-up 2

- sockfilt.c: commit b44da5a82a follow-up

- sockfilt.c: fix some compiler warnings

- curl_multi_remove_handle: commit 0aabfd9963 follow-up

Daniel Stenberg (25 Dec 2012)
- lib556: enable VERBOSE to ease debugging on failures

Marc Hoersken (25 Dec 2012)
- socklift.c: Quick fix to re-add missing code

- socklift.c: Added select_ws function to support Windows

WinSock select() does not support standard file descriptors,
it can only check SOCKETs. The following function is an attempt
to create a select() function with support for other handles.

Yang Tse (25 Dec 2012)
- Enable tests 1503, 1504 and 1505

- curl_multi_remove_handle: fix memory leak triggered with CURLOPT_RESOLVE

- Curl_hash_clean: OOM handling fix

- test 1504 and 1505: same as 1502 but with different cleanup sequences

Daniel Stenberg (24 Dec 2012)
- Curl_conncache_foreach: allow callback to break loop

... and have it take a proper 'struct connectdata *' as first argument

- pop3_doing: don't call pop3_dophase_done() if already failed

... it also clobbered the 'result' return value so that it wouldn't
return the error back to the parent function properly, which broke test
809 when run with 'multi-always'.

Yang Tse (23 Dec 2012)
- test 1503: same as 1502 but with a different cleanup sequence

- test 1502: OOM handling fixes

- curl_multi_wait: OOM handling fix

- [Daniel Stenberg brought this change]

curl_multi_wait: avoid an unnecessary memory allocation

- runtests.pl: prepend $srcdir to HTTPTLS server config files path

- multi.c: OOM handling fix

- lib543.c: OOM handling fixes

- configure: add internal sanity check (warn only) on vars for makefiles

Daniel Stenberg (21 Dec 2012)
- SCP: relative path didn't work

When prefixing a path with /~/ it is supposed to be used relative to the
user's home directory but it didn't work. Now we cut off the entire
three byte sequenct "/~/" which seems to be how OpenSSH does it.

Bug: http://curl.haxx.se/bug/view.cgi?id=1173
Reported by: Balaji Parasuram

Yang Tse (21 Dec 2012)
- configure: LIBMETALINK_CFLAGS actually is LIBMETALINK_CPPFLAGS

- configure: add minimal sanity check on user provided CFLAGS and CPPFLAGS

- bundles connection caching: some out of memory handling fixes

- libntlmconnect.c: fix compiler warnings and OOM handling

- configure.ac: clear local test intended variables before use

- VC6 IDE: link with advapi32.lib when using WIN32 crypto API (md5.c)

- curl-functions.m4: improve gethostname arg 2 data type check

- setup_once.h: HP-UX specific 'bool', 'false' and 'true' definitions.

Also reverts commit f254c59dc7

- configure: check if compiler halts on function prototype mismatch

- warnless.c: fix compiler warnings

- curl-functions.m4: add gethostname arg 2 data type check and definition

Daniel Stenberg (14 Dec 2012)
- [Nick Zitzmann brought this change]

darwinssl: Fix implicit conversion compiler warnings

The Clang compiler found a few implicit conversion problems that have
now been fixed.

Yang Tse (14 Dec 2012)
- setup_once.h: HP-UX <sys/socket.h> issue workaround

Issue: When building a 32bit target with large file support HP-UX
<sys/socket.h> header file may simultaneously provide two different
sets of declarations for sendfile and sendpath functions, one with
static and another with external linkage. Given that we do not use
mentioned functions we really don't care which linkage is the
appropriate one, but on the other hand, the double declaration emmits
warnings when using the HP-UX compiler and errors when using modern
gcc versions resulting in fatal compilation errors.

Mentioned issue is now fixed as long as we don't use sendfile nor
sendpath functions.

- setup_once.h: refactor inclusion of <unistd.h> and <sys/socket.h>

Inclusion of top two most included header files now done in setup_once.h

- setup_once.h: HP-UX specific TRUE and FALSE definitions

Some HP-UX system headers require TRUE defined to 1 and FALSE to 0.

Daniel Stenberg (12 Dec 2012)
- gopher: #include cleanup

Remove all system file includes from this file as they're not needed

Reported by: Dan Fandrich

Yang Tse (11 Dec 2012)
- examples/simplessl.c: fix compiler warning

- examples/externalsocket.c: fix SunPro compilation issue

- examples/simplessl.c: fix compiler warning

- build: add bundles and conncache files to other build systems

- conncache: fix enumerated type mixed with another type

- examples/anyauthput.c: fix Tru64 compilation issue

Daniel Stenberg (8 Dec 2012)
- [Colin Watson brought this change]

configure: fix cross pkg-config detection

When cross-compiling, CURL_CHECK_PKGCONFIG was checking for the cross
pkg-config using ${host}-pkg-config.

The gold standard for doing this correctly is pkg-config's own macro,
PKG_PROG_PKG_CONFIG. However, on the assumption that you have a good
reason not to use that directly (reduced dependencies for maintainer
builds?), the behaviour of cURL's version should at least match.
PKG_PROG_PKG_CONFIG uses AC_PATH_TOOL, which ultimately ends up trying
${host_alias}-pkg-config; this is not quite the same as what cURL does,
and may differ because ${host} has been run through config.sub. For
instance, when cross-building to the armhf architecture on Ubuntu,
${host_alias} is arm-linux-gnueabihf while ${host} is
arm-unknown-linux-gnueabihf. This may also have been the cause of the
problem reported at http://curl.haxx.se/mail/lib-2012-04/0224.html.

AC_PATH_TOOL is significantly simpler than cURL's current code, and
dates back to well before the current minimum of Autoconf 2.57, so let's
use it instead.

- [Linus Nielsen Feltzing brought this change]

Introducing a new persistent connection caching system using "bundles".

A bundle is a list of all persistent connections to the same host.
The connection cache consists of a hash of bundles, with the
hostname as the key.
The benefits may not be obvious, but they are two:

1) Faster search for connections to reuse, since the hash
lookup only finds connections to the host in question.
2) It lays out the groundworks for an upcoming patch,
which will introduce multiple HTTP pipelines.

This patch also removes the awkward list of "closure handles",
which were needed to send QUIT commands to the FTP server
when closing a connection.
Now we allocate a separate closure handle and use that
one to close all connections.

This has been tested in a live system for a few weeks, and of
course passes the test suite.

- [Fabian Keil brought this change]

runtests and friends: Do not add undefined values to @INC

On FreeBSD this fixes the warning:
Use of uninitialized value $p in string eq at /usr/local/lib/perl5/5.14.2/BSDPAN/BSDPAN.pm line 36.

Steve Holme (5 Dec 2012)
- Merge pull request #52 from isn-/master

small compilation fix

Stanislav Ivochkin (5 Dec 2012)
- build: fix compilation with CURL_DISABLE_CRYPTO_AUTH flag

Yang Tse (5 Dec 2012)
- libtest: fix some compiler warnings

- examples: fix compilation issues - commit 7332a7cafb follow-up

- examples: fix compilation issues - commit 23f8dca6fb follow-up

- examples: fix compilation issues

- build: explain current role of LIBS in our Makefile.am files

BLANK_AT_MAKETIME may be used in our Makefile.am files to blank
LIBS variable used in generated makefile at makefile processing
time. Doing this functionally prevents LIBS from being used for
all link targets in given makefile.

Daniel Stenberg (4 Dec 2012)
- multi: fix re-sending request on early connection close

This handling already works with the easy-interface code. When a request
is sent on a re-used connection that gets closed by the server at the
same time as the request is sent, the situation may occur so that we can
send the request and we discover the broken connection as a RECV_ERROR
in the PERFORM state and then the request needs to be retried on a fresh
connection. Test 64 broke with 'multi-always-internally'.

Yang Tse (4 Dec 2012)
- configure: add minimal sanity check on user provided LIBS and LDFLAGS

- build: prevent global LIBS from influencing src and lib build targets

Currently, LIBS is already used through other macros.

Kamil Dudka (3 Dec 2012)
- nss: prevent NSS from crashing on client auth hook failure

Although it is not explicitly stated in the documentation, NSS uses
*pRetCert and *pRetKey even if the client authentication hook returns
a failure. Namely, if we destroy *pRetCert without clearing *pRetCert
afterwards, NSS destroys the certificate once again, which causes a
double free.

Reported by: Bob Relyea

Yang Tse (30 Nov 2012)
- testcurl.pl: build example programs for several autobuilds

Affected autobuilds: IRIX, AIX, Tru64 and AIX.

- build: prevent global LIBS from influencing examples build targets

- build: prevent global LIBS from influencing libtest build targets

- build: prevent global LIBS from influencing test server build targets

- build: fix Windows build targets damaged since commit 550e403f00

- build: avoid linkage of directly unused libraries

- dd missing NTLM feature for tests 2025, and 2028 to 2032

- avoid mixing of enumerated type with another type

- multi.c: disambiguate precedence of bitwise and relational operation

Daniel Stenberg (26 Nov 2012)
- [Fabian Keil brought this change]

Remove stray CRLF in chunk-encoded content-free request bodies

.. that are sent when auth-negotiating before a chunked
upload or when setting the 'Transfer-Encoding: chunked'
header and intentionally sending no content.

Adjust test565 and test1333 accordingly.

- FAQ: clarify the 3.4 section

You can do custom commands to FTP without sending anything by using the
CURLOPT_NOBODY, which -I sets.

- [Lijo Antony brought this change]

examples: Updated asiohiper.cpp to remove connect from opensocket

Blocking connect on the socket has been removed from opensocket
callback. opensocket just opens a new socket and gives it back to
libcurl and libcurl will take care of the connect. sockopt_callback has
also been removed, as it is no longer required.

Yang Tse (23 Nov 2012)
- build: fix AIX compilation and usage

AIX sys/poll.h header file defines 'events' and 'revents' as C
preprocessor macros. Usage of these literals in libcurl's external
API was introduced in commit de24d7bd4c causing AIX build failures.
Appropriate inclusion of sys/poll.h by libcurl's external interface
fixes AIX build and usage issues while avoiding a SONAME bump.

Steve Holme (23 Nov 2012)
- DOCS: Updated CURLOPT_CONNECT_ONLY to reflect usage in other protocols

Daniel Stenberg (23 Nov 2012)
- test: offer "automake" output and check for perl better

runtests.pl -am now uses the "PASS/FAIL: [desc]" output for each
executed test. You can run 'make test-am' in the root build directory to
invoke that. The reason for this output style is to better allow generic
test suite parsers to also grok our test output.

The test Makefile now also tests that perl was indeed found and that the
PERL variable points to an executable before it tries to run the main
test perl script runtests.pl,

- [Fabian Keil brought this change]

Test 206: Use a Content-Length header for the 407 response

Otherwise curl would have to guess where the body ends.

- [Fabian Keil brought this change]

Test 206: Don't respond to a succesful CONNECT request with a body

It's against the spec and caused test failures when header
and response were read from the network separately in which
case bug #39 wasn't triggered.

- htmltitle: use .cpp extension for C++ examples

- [Lijo Antony brought this change]

examples: Added a c++ example of using multi with boost::asio

Added an example for demonstrating the usage of curl multi interface
with boost::asio in c++

- VC Makefiles: add missing hostcheck

the newly introduced hostcheck.h/c is missing in the Visual Studio
Makefiles as obj file.

Bug: http://curl.haxx.se/mail/lib-2012-11/0176.html

- compiler warning fixes

The conversions from ssize_t to int need to be typecasted.

- bump: start working on 7.28.2

- THANKS: added 14 contributors from the 7.28.1 release

Version 7.28.1 (20 Nov 2012)

Daniel Stenberg (20 Nov 2012)
- RELEASE-NOTES: synced with 52af6e69f079 / 7.28.1

Kamil Dudka (20 Nov 2012)
- [Anthony Bryan brought this change]

RELEASE-NOTES: NSS can be used for metalink hashing

- [Fabian Keil brought this change]

Get test 2032 working when using valgrind

If curl_multi_fdset() sets maxfd to -1, the socket detection
loop is skipped and thus !found_new_socket is no cause for alarm.

- test2032: spurious failure caused by premature termination

Bug: http://curl.haxx.se/mail/lib-2012-11/0095.html

Daniel Stenberg (19 Nov 2012)
- [Fabian Keil brought this change]

Fix comment typos in test 517

- [Fabian Keil brought this change]

Test 92 and 194: normalize spaces in the Server headers

It makes no difference from curl's point of view but
makes it more convenient to use the tests with a
lws-normalizing proxy between curl and the test server.

- [Fabian Keil brought this change]

Add a HOSTIP precheck for tests 31 and 1105

They currently only work for 127.0.0.1 which
is hardcoded and can't be easily changed.

- [Fabian Keil brought this change]

Let test 8 work as long as %HOSTIP ends with ".0.0.1"

.. and add a precheck to skip the test otherwise.

- [Fabian Keil brought this change]

Add --resolve to the keywords and name of test 1318

This makes it easier to skip it automatically when
the test suite is used with external proxies.

- [Fabian Keil brought this change]

Add FTP keywords for a couple of currently keyword-less FTP tests

- [Fabian Keil brought this change]

Add keywords for a couple of currently keyword-less HTTP tests

- [Fabian Keil brought this change]

Use carriage returns in all headers in test 31

Trailing spaces were left unmodifed, assuming they were intentional.

- [Fabian Keil brought this change]

Do not mix CRLF and LF header endings in a couple of HTTP tests

Consistently use CRLF instead. The mixed endings weren't
documented so I assume they were unintentional.

This change doesn't matter for curl itself but makes using
the tests with a proxy between curl and the test server
more convenient.

Tests that consistently use no carriage returns were
left unmodified as one can easily work around this.

- fixed memory leak: CURLOPT_RESOLVE with multi interface

DNS cache entries populated with CURLOPT_RESOLVE were not properly freed
again when done using the multi interface.

Test case 1502 added to verify.

Bug: http://curl.haxx.se/bug/view.cgi?id=3575448
Reported by: Alex Gruz

- RELEASE-NOTES: synced with ee588fe08807778

4 more bug fixes and 4 more contributors

- mem-include-scan: verify memory #includes

If we use memory functions (malloc, free, strdup etc) in C sources in
libcurl and we fail to include curl_memory.h or memdebug.h we either
fail to properly support user-provided memory callbacks or the memory
leak system of the test suite fails.

After Ajit's report of a failure in the first category in http_proxy.c,
I spotted a few in the second category as well. These problems are now
tested for by test 1132 which runs a perl program that scans for and
attempts to check that we use the correct include files if a memory
related function is used in the source code.

Reported by: Ajit Dhumale
Bug: http://curl.haxx.se/mail/lib-2012-11/0125.html

- tftp_rx: code style cleanup

Fixed checksrc warnings

- [Fabian Keil brought this change]

Fix the libauthretry changes from 7c0cbcf2f61

They broke the NTLM tests from 2023 to 2031.

- [Christian Vogt brought this change]

tftp_rx: handle resends

Re-send ACK for block X in case we receive block X data again while
waiting for block X+1.

Based on an earlier patch by Marcin Adamski.

- autoconf: don't force-disable compiler debug option

When nothing is told to configure, we should not enforce switching off
debug options with -g0 (or similar). We instead don't use -g at all in
that situaion and therefore allow the user's CFLAGS settings possibly
dictate what to do.

- [Mark Snelling brought this change]

winbuild: Fix PDB file output

And fix some newlines to be proper CRLF

Bug: http://curl.haxx.se/bug/view.cgi?id=3586741

- RELEASE-NOTES: synced with fa1ae0abcde

- [Cristian Rodríguez brought this change]

OpenSSL: Disable SSL/TLS compression

It either causes increased memory usage or exposes users
to the "CRIME attack" (CVE-2012-4929)

- [Sebastian Rasmussen brought this change]

FILE: Make upload-writes unbuffered by not using FILE streams

Kamil Dudka (13 Nov 2012)
- tool_metalink: fix error detection of hash alg initialization

The {MD5,SHA1,SHA256}_Init functions from OpenSSL are called directly
without any wrappers and they return 1 for success, 0 otherwise. Hence,
we have to use the same approach in all the wrapper functions that are
used for the other crypto libraries.

This commit fixes a regression introduced in commit dca8ae5f.

Daniel Stenberg (13 Nov 2012)
- RELEASE-NOTES: synced with 7c0cbcf2f617b

- [Sergei Nikulov brought this change]

fixed Visual Studio 2010 compilation

- [Anton Malov brought this change]

ftp: EPSV-disable fix over SOCKS

Bug: http://curl.haxx.se/bug/view.cgi?id=3586338

Patrick Monnerat (12 Nov 2012)
- Merge branch 'master' of github.com:bagder/curl

- OS400: upgrade wrappers for the 7.28.1 release.

Daniel Stenberg (12 Nov 2012)
- runtests: limit execessive logging/output

- [Gabriel Sjoberg brought this change]

Digst: Add microseconds into nounce calculation

When using only 1 second precision, curl doesn't create new cnonce
values quickly enough for all uses.

For example, issuing the following command multiple times to a recent
Tomcat causes authentication failures:

curl --digest -utest:test http://tomcat.test.com:8080/manager/list

This is because curl uses the same cnonce for several seconds, but
doesn't increment the nonce counter. Tomcat correctly interprets
this as a replay attack and rejects the request.

When microsecond-precision is available, this commit causes curl to
change cnonce values much more frequently.

With microsecond resolution, increasing the nounce length used in the
headers to 32 was made to further reduce the risk of duplication.

- SCP/SFTP: improve error code used for send failures

Instead of relying on the generic CURLE error for SCP or SFTP send
failures, try passing back a more suitable error if possible.

- Curl_write: remove unneeded typecast

Kamil Dudka (9 Nov 2012)
- tool_metalink: allow to use hash algorithms provided by NSS

Fixes bug #3578163:
http://sourceforge.net/tracker/?func=detail&atid=100976&aid=3578163&group_id=976

- tool_metalink: allow to handle failure of hash alg initialization

- tool_metalink: introduce metalink_cleanup() in the internal API

... to release resources allocated at global scope

Daniel Stenberg (8 Nov 2012)
- hostcheck: only build for the actual users

and make local function static

- [Oscar Koeroo brought this change]

SSL: Several SSL-backend related fixes

axTLS:

This will make the axTLS backend perform the RFC2818 checks, honoring
the VERIFYHOST setting similar to the OpenSSL backend.

Generic for OpenSSL and axTLS:

Move the hostcheck and cert_hostcheck functions from the lib/ssluse.c
files to make them genericly available for both the OpenSSL, axTLS and
other SSL backends. They are now in the new lib/hostcheck.c file.

CyaSSL:

CyaSSL now also has the RFC2818 checks enabled by default. There is a
limitation that the verifyhost can not be enabled exclusively on the
Subject CN field comparison. This SSL backend will thus behave like the
NSS and the GnuTLS (meaning: RFC2818 ok, or bust). In other words:
setting verifyhost to 0 or 1 will disable the Subject Alt Names checks
too.

Schannel:

Updated the schannel information messages: Split the IP address usage
message from the verifyhost setting and changed the message about
disabling SNI (Server Name Indication, used in HTTP virtual hosting)
into a message stating that the Subject Alternative Names checks are
being disabled when verifyhost is set to 0 or 1. As a side effect of
switching off the RFC2818 related servername checks with
SCH_CRED_NO_SERVERNAME_CHECK
(http://msdn.microsoft.com/en-us/library/aa923430.aspx) the SNI feature
is being disabled. This effect is not documented in MSDN, but Wireshark
output clearly shows the effect (details on the libcurl maillist).

PolarSSL:

Fix the prototype change in PolarSSL of ssl_set_session() and the move
of the peer_cert from the ssl_context to the ssl_session. Found this
change in the PolarSSL SVN between r1316 and r1317 where the
POLARSSL_VERSION_NUMBER was at 0x01010100. But to accommodate the Ubuntu
PolarSSL version 1.1.4 the check is to discriminate between lower then
PolarSSL version 1.2.0 and 1.2.0 and higher. Note: The PolarSSL SVN
trunk jumped from version 1.1.1 to 1.2.0.

Generic:

All the SSL backends are fixed and checked to work with the
ssl.verifyhost as a boolean, which is an internal API change.

- libcurl: VERSIONINFO update

Since we added the curl_multi_wait function, the VERSIONINFO needed
updating.

Reported by: Patrick Monnerat

Guenter Knauf (8 Nov 2012)
- Added .def file to output.

Requested by Johnny Luong on the libcurl list.

- Added deps for static metalink-aware MinGW builds.

Daniel Stenberg (8 Nov 2012)
- [Fabian Keil brought this change]

Fix compilation of lib1501

- Curl_readwrite: remove debug output

The text "additional stuff not fine" text was added for debug purposes a
while ago, but it isn't really helping anyone and for some reason some
Linux distributions provide their libcurls built with debug info still
present and thus (far too many) users get to read this info.

- RELEASE-NOTES: synced with 487538e87a3d5e

6 new bugfixes and 3 more contributors...

- http_perhapsrewind: consider NTLM over proxy too

The logic previously checked for a started NTLM negotiation only for
host and not also with proxy, leading to problems doing POSTs over a
proxy NTLM that are larger than 2000 bytes. Now it includes proxy in the
check.

Bug: http://curl.haxx.se/bug/view.cgi?id=3582321
Reported by: John Suprock

- [Lars Buitinck brought this change]

Curl_connecthost: friendlier "couldn't connect" message

- test1413: verify redirects to URLs with fragments

The bug report claimed it didn't work. This problem was probably fixed
in 473003fbdf.

Bug: http://curl.haxx.se/bug/view.cgi?id=3581898

- URL parser: cut off '#' fragments from URLs (better)

The existing logic only cut off the fragment from the separate 'path'
buffer which is used when sending HTTP to hosts. The buffer that held
the full URL used for proxies were not dealt with. It is now.

Test case 5 was updated to use a fragment on a URL over a proxy.

Bug: http://curl.haxx.se/bug/view.cgi?id=3579813

- OpenSSL/servercert: use correct buffer size, not size of pointer

Bug: http://curl.haxx.se/bug/view.cgi?id=3579286

- curl: set CURLOPT_SSL_VERIFYHOST to 0 to disable

- test 2027/2030: take duplicate Digest requests into account

With the reversion of ce8311c7e49eca and the new clear logic, this flaw
is present and we allow it.

- Curl_pretransfer: clear out unwanted auth methods

As a handle can be re-used after having done HTTP auth in a previous
request, it must make sure to clear out the HTTP types that aren't
wanted in this new request.

- test1412: verify Digest with repeated URLs

This test case verifies that bug 3582718 is fixed.

Bug: http://curl.haxx.se/bug/view.cgi?id=3582718
Reported by: Nick Zitzmann (originally)

- Revert "Zero out auth structs before transfer"

This reverts commit ce8311c7e49eca93c136b58efa6763853541ec97.

The commit made test 2024 work but caused a regression with repeated
Digest authentication. We need to fix this differently.

- CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value

After a research team wrote a document[1] that found several live source
codes out there in the wild that misused the CURLOPT_SSL_VERIFYHOST
option thinking it was a boolean, this change now bans 1 as a value and
will make libcurl return error for it.

1 was never a sensible value to use in production but was introduced
back in the days to help debugging. It was always documented clearly
this way.

1 was never supported by all SSL backends in libcurl, so this cleanup
makes the treatment of it unified.

The report's list of mistakes for this option were all PHP code and
while there's a binding layer between libcurl and PHP, the PHP team has
decided that they have an as thin layer as possible on top of libcurl so
they will not alter or specifically filter a 'TRUE' value for this
particular option. I sympathize with that position.

[1] = http://daniel.haxx.se/blog/2012/10/25/libcurl-claimed-to-be-dangerous/

- gnutls: fix compiler warnings

- [Alessandro Ghedini brought this change]

gnutls: print alerts during handshake

- [Alessandro Ghedini brought this change]

gnutls: fix the error_is_fatal logic

- RELEASE-NOTES: synced with fa6d78829fd30ad

- httpcustomheader.c: free the headers after use

- [Dave Reisner brought this change]

uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES

Since automake 1.12.4, the warnings are issued on running automake:

warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')

Avoid INCLUDES and roll these flags into AM_CPPFLAGS.

Compile tested on:
Ubuntu 10.04 (automake 1:1.11.1-1)
Ubuntu 12.04 (automake 1:1.11.3-1ubuntu2)
Arch Linux (automake 1.12.4)

- libauthretry.c: shorten lines to fit within 80 cols

- ftp_readresp: fix build without krb4 support

Oops, my previous commit broke builds with krb support.

- test/README: mention the 1500 test number range

- FTP: prevent the multi interface from blocking

As pointed out in Bug report #3579064, curl_multi_perform() would
wrongly use a blocking mechanism internally for some commands which
could lead to for example a very long block if the LIST response never
showed.

The solution was to make sure to properly continue to use the multi
interface non-blocking state machine.

The new test 1501 verifies the fix.

Bug: http://curl.haxx.se/bug/view.cgi?id=3579064
Reported by: Guido Berhoerster

Marc Hoersken (1 Nov 2012)
- winbuild: Use machine type of development environment

This patch restores the original behavior instead of always
falling back to x86 if no MACHINE-type was specified.

- winbuild: Additional clean up

- [Sapien2 brought this change]

Even more winbuild refactoring

- [Sapien2 brought this change]

Minor winbuild refactoring

- [Sapien2 brought this change]

Architecture selection for winbuild and minor makefiles refactoring

Daniel Stenberg (1 Nov 2012)
- BUGS: fix the bug tracker URL

The URL we used before is the one that goes directly to 'add' a bug
report, but since you can only do that after first having logged in to
sourceforge, the link often doesn't work for visitors.

Bug: http://curl.haxx.se/bug/view.cgi?id=3582408
Reported by: Oscar Norlander

- evhiperfifo: fix the pointer passed to WRITEDATA

Bug: http://curl.haxx.se/bug/view.cgi?id=3582407
Reported by: Oscar Norlander

Guenter Knauf (1 Nov 2012)
- Fixed MSVC libssh2 static build.

Since libssh2 supports now agent stuff it also depends on user32.lib.
Posted to the list by Jan Ehrhardt.

Daniel Stenberg (23 Oct 2012)
- tlsauthtype: deal with the string case insensitively

When given a string as 'srp' it didn't work, but required 'SRP'.
Starting now, the check disregards casing.

Bug: http://curl.haxx.se/bug/view.cgi?id=3578418
Reported by: Jeff Connelly

- asyn-ares: restore working with c-ares < 1.6.1

Back in those days the public ares.h header didn't include the
ares_version.h header so it needs to be included here.

Bug: http://curl.haxx.se/bug/view.cgi?id=3577710

- [Nick Zitzmann brought this change]

metalink/md5: Use CommonCrypto on Apple operating systems

Previously the Metalink code used Apple's CommonCrypto library only if
curl was built using the --with-darwinssl option. Now we use CommonCrypto
on all Apple operating systems including Tiger or later, or iOS 5 or
later, so you don't need to build --with-darwinssl anymore. Also rolled
out this change to libcurl's md5 code.

- href_extractor.c: fix the URL

- [Michał Kowalczyk brought this change]

href_extractor: example code extracting href elements

It does so in a streaming manner using the "Streaming HTML parser".

- [Nick Zitzmann brought this change]

darwinssl: un-broke iOS build, fix error on server disconnect

The iOS build was broken by a reference to a function that only existed
under OS X; fixed. Also fixed a hard-to-reproduce problem where, if the
server disconnected before libcurl got the chance to hang up first and
SecureTransport was in use, then we'd raise an error instead of failing
gracefully.

- [Alessandro Ghedini brought this change]

gnutls: put reset code into else block

Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690551

Guenter Knauf (13 Oct 2012)
- Fix now broken libmetalink-aware OpenSSL build.

- Revert c44e674; add OpenSSL includes/defines.

The makefile is designed to build against a libmetalink devel package;
therefore is does not matter what will change inside libmetalink.
Add OpenSSL includes and defines for libmetalink-aware OpenSSL builds.

Daniel Stenberg (10 Oct 2012)
- version-bump: towards 7.28.1!

- THANKS: 14 new contributors from 7.28.0

Version 7.28.0 (10 Oct 2012)

Daniel Stenberg (10 Oct 2012)
- RELEASE-NOTES: synced with 8373ca3641

One bug, one contributor. Getting ready for release.

- curl_multi_wait: no wait if no descriptors to wait for

This is a minor change in behavior after having been pointed out by Mark
Tully and discussed on the list. Initially this case would internally
call poll() with no sockets and a timeout which would equal a sleep for
that specified time.

Bug: http://curl.haxx.se/mail/lib-2012-10/0076.html
Reported by: Mark Tully

- TODO-RELEASE: cleanup for 7.28.0

one issue is now KNOWN_BUG #79

the other we just skip since nobody is working on it or is planning to
start working on it anytime soon

- curl_multi_wait.3: style formatting mistake

Marc Hoersken (8 Oct 2012)
- ssluse.c: md5.h is required for Curl_ossl_md5sum

Daniel Stenberg (8 Oct 2012)
- curl_multi_wait.3: fix the name of the man page

- curl_multi_wait.3: renamed the last argument variable for clarity

Marc Hoersken (6 Oct 2012)
- curl_schannel.c: Fixed caching more data than required

Do not fill the decrypted data buffer with more data unless
required in order to return the requested amount of data.

- curl_schannel: Removed buffer limit and optimized buffer strategy

Since there are servers that seem to return very big encrypted
data packages, we need to be able to handle those without having
an internal size limit. To avoid the buffer growing to fast to
early the initial size was decreased and the minimum free space
in the buffer was decreased as well.

- lib/socks.c: Merged two size variables into one

- lib/socks.c: Avoid type conversions where possible

Streamlined variable names and types to avoid type conversions that
may result in data being lost on non 32-bit systems.

- lib/curl_schannel.c: Hide size_t conversion warning

- krb5/curl_rtmp.c: Hide size_t to int type conversion warning

- security.c: Aligned internal type to return type

Use ssize_t instead of int to avoid conversion problems on 64-bit
systems. Also added curlx_sztosi where necessary.

- lib/curl_schannel: Increased maximum buffer size to factor 128

- winbuild/MakefileBuild.vc: Follow up on 0c8ccf7

Daniel Stenberg (2 Oct 2012)
- RELEASE-NOTES: synced with 971f5bcedd418

9 new bug fixes, 5 changes, 6 more contributors

- multi_runsingle: CURLOPT_LOW_SPEED_* fix for rate limitation

During the periods of rate limitation, the speedcheck function wasn't
called and thus the values weren't updated accordingly and it would then
easily trigger wrongly once data got transferred again.

Also, the progress callback's return code was not acknowledged in this
state so it could make an "abort" return code to get ignored and not
have the documented effect of aborting an ongoing transfer.

Bug: http://curl.haxx.se/mail/lib-2012-09/0081.html
Reported by: Jie He

- [Tatsuhiro Tsujikawa brought this change]

tool_metalink.c: Filtered resource URLs by type

In Metalink v3, the type attribute of url element indicates the
type of the resource the URL points to. It can include URL to the
meta data, such as BitTorrent metainfo file. In Curl, we are not
interested in these meta data URLs. Instead, we are only
interested in the HTTP and FTP URLs. This change filters out
non-HTTP and FTP URLs. If we don't filter out them, it will be
downloaded by curl and hash check will fail if hash is provided
and next URL will be tried. This change will cut this useless
network transfer.

Kamil Dudka (1 Oct 2012)
- https.c example: remember to call curl_global_init()

... in order not to leak memory on initializing an SSL library.

Reported by: Tomas Mlcoch

Daniel Stenberg (28 Sep 2012)
- FAQ: remove the date from the topmost line

- FAQ: 5.16 I want a different time-out!

- Curl_reconnect_request: clear pointer on failure

The Curl_reconnect_request() function could end up returning a pointer
to a free()d struct when Curl_done() failed inside. Clearing the pointer
unconditionally after Curl_done() avoids this risk.

Reported by: Ho-chi Chen
Bug: http://curl.haxx.se/mail/lib-2012-09/0188.html

- CURLOPT_CONNECTTIMEOUT: works without signals or posix too!

Marc Hoersken (24 Sep 2012)
- Makefile.vc6: Follow up on 0c8ccf7

- Makefile.vc6: Added missing default library advapi32.lib

Daniel Stenberg (19 Sep 2012)
- HTTP_ONLY: disable more protocols

- test2006: Updated expected output to include hash name

Output changed in commit a34197ef77cb

- [Sergei Nikulov brought this change]

cmake: use standard findxxx modules for cmake v2.8+

- [Sergei Nikulov brought this change]

setup.h: fixed for MS VC10 build

Bug: http://curl.haxx.se/bug/view.cgi?id=3568327

- TODO-RELEASE: push new features to 7.29

Leave two bug fixes as possibly fixed for 7.28 but as nobody seems to be
working on them I have little hope...

Marc Hoersken (17 Sep 2012)
- metalink tests: Updated expected output to include hash name

Daniel Stenberg (16 Sep 2012)
- [Sara Golemon brought this change]

curl_multi_wait: Add parameter to return number of active sockets

Minor change to recently introduced function. BC breaking, but since
curl_multi_wait() doesn't exist in any releases that should be fine.

Marc Hoersken (14 Sep 2012)
- socks.c: Fixed warning: conversion to 'int' from 'long unsigned int'

- http_negotiate.c: Fxied warning: unused variable 'rc'

- ssh.c: Fixed warning: implicit conversion from enumeration type

- socks.c: Check that IPv6 is enabled before using it's features

- checksrc: Fixed line length and comment indentation

- socks.c: Updated error messages to handle hostname and IPv6

- socks.c: Added support for IPv6 connections through SOCKSv5 proxy

Daniel Stenberg (13 Sep 2012)
- parse_proxy: treat "socks://x" as a socks4 proxy

Selected socks proxy in Google's Chrome browser. Resulting in the
following environment variables:

NO_PROXY=localhost,127.0.0.0/8
ALL_PROXY=socks://localhost:1080/
all_proxy=socks://localhost:1080/
no_proxy=localhost,127.0.0.0/8

... and libcurl didn't treat 'socks://' as socks but instead picked HTTP
proxy.

Reported by: Scott Bailey

Bug: http://curl.haxx.se/bug/view.cgi?id=3566860

Kamil Dudka (12 Sep 2012)
- ssh: do not crash if MD5 fingerprint is not provided by libssh2

The MD5 fingerprint cannot be computed when running in FIPS mode.

- ssh: move the fingerprint checking code to a separate fnc

Marc Hoersken (12 Sep 2012)
- tool_metalink.c: Added name of validation hash to messages

This makes it easier to debug broken hashes or hash functions.

- wincrypt: Fixed cross-compilation issues caused by include name

For some reason WinCrypt.h is named wincrypt.h under MinGW.

- md5.c: Added support for Microsoft Windows CryptoAPI

- Makefile.m32: Updated to build against libmetalink 0.1.2

The include and library path were moved within libmetalink, this
patch adjusts the defaults provided within the curl MinGW makefile.

- tool_metalink.c: Added support for Microsoft Windows CryptoAPI

Since Metalink support requires a crypto library for hash functions
and Windows comes with the builtin CryptoAPI, this patch adds that
API as a fallback to the supported crypto libraries.
It is automatically used on Windows if no other library is provided.

- libntlmconnect.c: Fixed typo and conversion

- libntlmconnect.c: Fixed warning: curl_easy_getinfo expects long pointer

Fixed tests/libtest/libntlmconnect.c:52: warning: call to
'_curl_easy_getinfo_err_long' declared with attribute warning:
curl_easy_getinfo expects a pointer to long for this info

- sws.c: Fixed warning: 'err' may be used uninitialized in this function

- libntlmconnect.c: Fixed warning: comparison of signed/unsigned integer

Windows does not use -1 to represent invalid sockets and the
SOCKET type is unsigned.

- nss.c: Fixed warning: 'err' may be used uninitialized in this function

- tool_metalink.c: Fixed error: 'O_BINARY' undeclared

Check for O_BINARY which is not available on every system.

- tool_metalink.c: Fixed validation of binary files containing EOF

Since Windows/MinGW threat 0x1A as the EOF character, reading binary
files which contain that byte does not work using text mode.
The read function will only read until the first 0x1A byte. This
means that the hash is not computed from the whole file and the
final validation check using hash comparision fails.

- winbuild: Added support for building with SPNEGO enabled

Since Simple and Protected GSSAPI Negotiation Mechanism
is already implemented in curl and supported by the MinGW
builds, this change adds build support to winbuild makefiles.

- winbuild: Adjusted order of options to generated config name

Cleaned up order of handled build options by ordering them
nearly alphabetically by using the order of the generated
config name. Preparation for future/more build options.

Daniel Stenberg (9 Sep 2012)
- [Anthony Bryan brought this change]

MANUAL: clarified user+password in HTTP URLs

- RELEASE-NOTES: synced with 6c6f1f64c2

6 bug fixes to mention, 5 contributors

- TODO-RELEASE: CURLSSH_AUTH_AGENT and curl_multi_wait() are done

-321 - CURLSSH_AUTH_AGENT patch by Armel Asselin

-324 - curl_multi_select() vs curl_multi_fdvec() etc

Marc Hoersken (9 Sep 2012)
- curl_schannel.c: Reference count the credential/session handle

Reference counting the credential handle should avoid that such a
handle is freed while it is still required for connection shutdown

Daniel Stenberg (8 Sep 2012)
- [Nick Zitzmann brought this change]

darwinssl: fixed for older Mac OS X versions

SSL didn't work on older cats if built on a newer cat with weak-linking
turned on to support the older cat

- [David Blaikie brought this change]

tool_easysrc.c: Test pointers against NULL

While validating a new Clang diagnostic (-Wnon-literal-null-conversion -
yes, the name isn't quite correct in this case, but it suffices) I found
a few violations of it in Curl.

- SOCKS: truly disable it if CURL_DISABLE_PROXY is defined

Bug: http://curl.haxx.se/bug/view.cgi?id=3561305

Patch by: Marcel Raad

- mk-ca-bundle: detect start of trust section better

Each certificate section of the input certdata.txt file has a trust
section following it with details.

This script failed to detect the start of the trust for at least one
cert[*], which made the script continue pass that section into the next
one where it found an 'untrusted' marker and as a result that certficate
was not included in the output.

[*] = "Hellenic Academic and Research Institutions RootCA 2011"

Bug: http://curl.haxx.se/mail/lib-2012-09/0019.html

- [Alessandro Ghedini brought this change]

gnutls: do not fail on non-fatal handshake errors

Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685402

- FILEFORMAT: the FTP commands work for more protocols

- test1411: verify SMTP without SIZE support

- [František Kučera brought this change]

SMTP: only send SIZE if supported

SMTP client will send SIZE parameter in MAIL FROM command only if server
supports it. Without this patch server might say "504 Command parameter
not implemented" and reject the message.

Bug: http://curl.haxx.se/bug/view.cgi?id=3564114

- ftpserver: respond with a 250 to SMTP EHLO

... and specify that SIZE is supported. 250 is the "correct" response
code according to RFC 2821

- RELEASE-NOTES: synced with abb0da919300e

Dan Fandrich (3 Sep 2012)
- Updated Symbian build files

This is untested, but at least Symbian still has a chance of
still working now.

- Updated build docs w.r.t. Android and binary sizes

Daniel Stenberg (1 Sep 2012)
- symbols-in-versions: new CURL_WAIT_* symbols

- [Sara Golemon brought this change]

Unit test for curl_multi_wait()

- [Sara Golemon brought this change]

Manpage for curl_multi_wait().

- [Sara Golemon brought this change]

multi: add curl_multi_wait()

/*
* Name: curl_multi_wait()
*
* Desc: Poll on all fds within a CURLM set as well as any
* additional fds passed to the function.
*
* Returns: CURLMcode type, general multi error code.
*/
CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle,
struct curl_waitfd extra_fds[],
unsigned int extra_nfds,
int timeout_ms);

- [Nick Zitzmann brought this change]

darwinssl: Bugfix for previous commit for older cats

I accidentally broke functionality for versions of OS X prior to Mountain
Lion in the previous commit. This commit fixes the problems.

- [Joe Mason brought this change]

Use MAX_EASY_HANDLES instead of hardcoding the number of handles twice

- test2032: bail out after last transfer

The test would hang and get aborted with a "ABORTING TEST, since it
seems that it would have run forever." until I prevented that from
happening.

I also fixed the data file which got broken CRLF line endings when I
sucked down the path from Joe's repo == my fault.

Removed #37 from KNOWN_BUGS as this fix and test case verifies exactly
this.

- [Joe Mason brought this change]

NTLM: re-use existing connection better

If we need an NTLM connection and one already exists, always choose that
one.

- [Joe Mason brought this change]

NTLM: verify multiple connections work

Add test2032 to test that NTLM does not switch connections in the middle
of the handshake

- curl.1: list the -w variables sorted alphabetically

- libcurl-share.3: remove wrong info of what can be shared

"Currently you can only share DNS and/or COOKIE data" is incorrect since
also SSL sessions can be shared.

Bug: http://curl.haxx.se/bug/view.cgi?id=3562261
Reported by: Joe Mason

- [Dave Reisner brought this change]

examples: use do/while loop for multi examples

It's conceivable that after the first time curl_multi_perform returns,
the outvalue still_running will be 0, but work will have been done. This
is shown by a workload of small, purely file:// based URLs. Ensure that
we always read pending messages off the multi handle by forcing the
while loop to run at least once.

- curl.h: fix comment to refer to current names

CURLOPT_USE_SSL should be set to CURLUSESSL_* and nothing else in modern
libcurl versions.

- ftpsget: simple example showing a FTPS fetch

- sftpget: SFTP is not "SSH FTP"

- [Armel Asselin brought this change]

sftpget: example showing a simple SFTP download

... using SSH-agent

- curl_multi_perform.3: extended/clarified

- INSTALL.cmake: clarify some flaws/limits in the cmake build

- https.c example: spell check used define

Bug: http://curl.haxx.se/bug/view.cgi?id=3559845
Reported by: Olivier Berger

- configure: update the copyright years for the output

- [Nick Zitzmann brought this change]

darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions

In Mountain Lion, Apple added TLS 1.1 and 1.2, and deprecated a number
of SecureTransport functions, some of which we were using. We now check
to see if the replacement functions are present, and if so, we use them
instead. The old functions are still present for users of older
cats. Also fixed a build warning that started to appear under Mountain
Lion

- curl_easy_setopt: documented CURLSOCKTYPE_ACCEPT for SOCKOPTFUNCTION

- [Gokhan Sengun brought this change]

ftp: active conn, place calling sockopt callback at the end of function

Commit b91d29a28e170c16d65d956db79f2cd3a82372d2 introduces a bug and breaks Curl_closesocket function. sock_accepted flag for the second socket should be tagged as TRUE before the sockopt callback is called because in case the callback returns an error, Curl_closesocket function is going to call the - fclosesocket - callback for the accept()ed socket

- [Gokhan Sengun brought this change]

ftp: active conn, allow application to set sockopt after accept() call

For active FTP connections, applications may need setting the sockopt after accept() call returns successful. This fix gives a call to the callback registered with CURL_SOCKOPTFUNCTION option. Also a new sock type - CURLSOCKTYPE_ACCEPT - is added. This type is to be passed to application callbacks with - purpose - parameter. Applications may use this parameter to distinguish between socket types.

- configure: remove the --enable/disable-nonblocking options

Removing this option as it currently only functions to lure people into
wrongly using it and falsely believing that libcurl will work fine
without using nonblocking sockets internally - which leads to hard to
track or understand errors.

- [Ant Bryan brought this change]

MANUAL review

- curl.1: shorten lines, avoid referring to libcurl instead of curl

- [Ant Bryan brought this change]

curl.1: fix more consistent wording

"If this option is used several times, the last one will be used."
uniformity

- ssh: use the libssh2 agent API conditionally

Commit e351972bc89aa4c brought in the ssh agent support but some uses of
the libssh2 agent API was done unconditionally which wasn't good enough
since that API hasn't always been present.

- white space fix: shorten long line

... to please checksrc.pl

Kamil Dudka (9 Aug 2012)
- docs: update the links to cipher-suites supported by NSS

... and make the list of cipher-suites in nss.c readable by humans.

Bug: http://curl.haxx.se/mail/archive-2012-08/0016.html

- nss: do not print misleading NSS error codes

Daniel Stenberg (8 Aug 2012)
- RELEASE-NOTES: synced with 0774386b23

5 more bug fixes, one change, 6 contributors

- [Armel Asselin brought this change]

docs: mention CURLSSH_AUTH_AGENT

- [Armel Asselin brought this change]

SSH: added agent based authentication

CURLSSH_AUTH_AGENT is a new auth type for SSH

- bump version to 7.28.0

I am about to merge the first patch that adds changes into the pending
release, and thus we bump the minor number.

- RELEASE-NOTES: added missing link

- curl_version: fixed Value stored to 'len' is never read

Fixed this (harmless) clang-analyzer warning. Also fixed the source
indentation level.

- TODO-RELEASE: the (nil) bug is fixed

- add_next_timeout: minor restructure of code

By reading the ->head pointer and using that instead of the ->size
number to figure out if there's a list remaining we avoid the (false
positive) clang-analyzer warning that we might dereference of a null
pointer.

- verbose messages: fixed output of hostnames in re-used connections

I suspect this is a regression introduced in commit 207cf150, included
since 7.24.0.

Avoid showing '(nil)' as hostname in verbose output by making sure the
hostname fixup function is called early enough to set the pointers that
are used for this. The name data is set again for each request even for
re-used connections to handle multiple hostnames over the same
connection (like with proxy) or that the casing etc of the host name is
changed between requests (which has proven to be important at least once
in the past).

Test1011 was modified to use a redirect with a re-used a connection
since it then showed the bug and now lo longer does. There's currently
no easy way to have the test suite detect 'nil' texts in verbose ouputs
so no tests will detect if this problem gets reintroduced.

Bug: http://curl.haxx.se/mail/lib-2012-07/0111.html
Reported by: Gisle Vanem

- [Nick Zitzmann brought this change]

metalink: Un-broke the build when building --with-darwinssl

Guenter Knauf (8 Aug 2012)
- Fix some compiler warnings.

Daniel Stenberg (8 Aug 2012)
- TODO-RELEASE: two bugs fixed

These are now addressed:

323 - patch - select.c / Curl_socket_check() interrupted

325 - Avoid leak of local device string when reusing connection

- curl.1: minor format fix for --data-ascii

... and removal of trailing whitespace on a single line

- [Ant Bryan brought this change]

curl man page cleanup

- [Mike Crowe brought this change]

Avoid leak of local device string when reusing connection

Ensure that the copy of the CURLOPT_INTERFACE string is freed if we
decide we can reuse an existing connection.

- Curl_socket_check: fix timeout return value for select users

This is the same fix applied for the conditional code that uses select()
that was already done for the poll specific code in commit
b61e8b81f5038.

- [Maxime Larocque brought this change]

Curl_socket_check: fix return code for timeout

We found a problem with ftp transfer using libcurl (7.23 and 7.25)
inside an application which is receiving unix signals (SIGUSR1,
SIGUSR2...) almost continuously. (Linux 2.4, PowerPC, HAVE_POLL_FINE
defined).

Curl_socket_check() uses poll() to wait for the socket, and retries it
when a signal is received (EINTR). However, if a signal is received and
it also happens that the timeout has been reached, Curl_socket_check()
returns -1 instead of 0 (indicating an error instead of a timeout).

In our case, the result is an aborted connection even before the ftp
banner is received from the server, and a return value of
CURLE_OUT_OF_MEMORY from curl_easy_perform() (Curl_pp_multi_statemach(),
in pingpong.c, actually returns OOM if Curl_socket_check() fails :-)
Funny to debug on a system on which OOM is a possible cause).

Bug: http://curl.haxx.se/mail/lib-2012-07/0122.html

- RELEASE-NOTES: synced with b4a558041fdf65c0

- TODO-RELEASE: fixed another bug

bug #3544688 "crash during retry with libcurl and SFTP"

- WSAPoll: disabled on all windows builds

Due to WSAPoll bugs, libcurl does not work as intended. When the cURL
library is used to setup a connection to an incorrect port, normally the
result is CURLE_COULDNT_CONNECT, /* 7 */, but due to the bug in WSAPoll,
the result now is CURLE_OPERATION_TIMEDOUT, /* 28 - the timeout time was
reached */.

On August 1, Jan Koen Annot opened a case for this to Microsoft Premier
Online (https://premier.microsoft.com/). The support engineer handling
the case wrote that the case description is quite clear. He will try to
reproduce the issue and then proceed with troubleshooting it.

Reported by: Jan Koen Annot
Bug: http://curl.haxx.se/mail/lib-2012-07/0310.html

- retry request: only access the HTTP data if in fact HTTP

When figuring out if the data stream needs to be rewound when the
request is to be resent, we must not access the HTTP struct unless the
protocol used is indeed HTTP...

Bug: http://curl.haxx.se/bug/view.cgi?id=3544688

- TODO: support DANE, we already support gnutls without gcrypt

- curl-config: parentheses fix

Braces, not parentheses, should be used for shell variable names.

Bug: http://curl.haxx.se/bug/view.cgi?id=3551460
Reported by: Edward Sheldrake

- VC build: add define for openssl

This fixes a build failure of lib/ssluse.c.

Bug: http://curl.haxx.se/bug/view.cgi?id=3552997

- TODO-RELEASE: two bugs fixed!

- globbing: fix segfault when >9 globs were used

Stupid lack of range checks caused the code to overwrite local variables
after glob number nine. Added checks now.

Bug: http://curl.haxx.se/bug/view.cgi?id=3546353

- [Joe Mason brought this change]

sws: close sockets properly

Fix a bug where closed sockets (fd -1) were left in the all_sockets
list, because of missing parens in a pointer arithmetic expression

Reenable the tests that were locking up due to this bug.

- [Joe Mason brought this change]

Remove debug logs that were accidentally checked in

- [Joe Mason brought this change]

Use select in sws, which has better cross-platform support than poll

- [Joe Mason brought this change]

Use cross-platform curlx_nonblock instead of fcntl in sws

- operate: fix clang-analyzer warnings for never read variables

Two separate "Value stored to 'XXX' is never read" warnings

- operate: fix clang-analyzer warning

Value stored to 'separator' is never read

- metalink: change code order to build with gnutls-nettle

Bug: http://curl.haxx.se/bug/view.cgi?id=3554668
Reported by: Anthony G. Basile

- gtls: fix build failure by including nettle-specific headers

Bug: http://curl.haxx.se/bug/view.cgi?id=3554668
Reported by: Anthony G. Basile

Guenter Knauf (6 Aug 2012)
- Fixed compiler warning - argument is type long.

Daniel Stenberg (6 Aug 2012)
- DISABLED: disable the new tests that do NTLM

The tests 2025, 2028 and 2031 don't work for me so I'll have them
disabled for now until we solve the problem.

Joe Mason (3 Aug 2012)
- Add tests of auth retries

- Cleanup handshake after clean NTLM failure

- Zero out auth structs before transfer

- Add a polling loop in main to read from more than one socket at once. Add the O_NONBLOCK and
SO_KEEPALIVE flag to all sockets. Note that several loops which used to continue on a return value
of 0 (theoretical since 0 would never be returned without O_NONBLOCK) now break on 0 so that they
won't continue reading until after poll is called again.

- Change return values of get_request, accept_connection and service_connection to add a return code
for non-blocking sockets: now -1 means error or connection finished, 1 means data was read, and 0
means there is no data available now so need to wait for poll (new return value)

- Hoist the loop out of get_request, and make sure that it can be reentered when a request is
half-finished.

Note the the req struct used to be re-initialized AFTER reading pipeline data, so now that we
initialize it from the caller we must be careful not to overwrite the pipeline data.

Also we now need to handle the case where the buffer is already full when get_request is called -
previously this never happened as it was always called with an empty buffer and looped until done.

Now get_request is called in a loop, so the next step is to run the loop on a socket only when poll
signals it is readable.

- Move blocks of code from the sws main loop into their own functions for easier refactoring later.
The next step will be to call the correct function after a poll, rather than looping unconditionally

- Remove the --fork option of sws, since it makes refactoring to use poll more complicated and should
be redundant once we poll

Kamil Dudka (30 Jul 2012)
- file: use fdopen() for uploaded files if available

It eliminates noisy events when using inotify and fixes a TOCTOU issue.

Bug: https://bugzilla.redhat.com/844385

Guenter Knauf (29 Jul 2012)
- Added DWANT_IDN_PROTOTYPES define for MSVC too.

Discussion on the list: http://curl.haxx.se/mail/lib-2012-07/0271.html

- Added Win32 problems.

- Added hint to read docs/INSTALL too.

- Added new file to distro.

Steve Holme (28 Jul 2012)
- TODO: Updated after 7.27.0 release

Removed APOP and SASL authentication from the POP3 section and metalink
support from the client section as these features were implemented in
this release.

Moved adding gssapi to SASL into it's own section rather than repeat it
for each protocol.

Daniel Stenberg (28 Jul 2012)
- TODO-RELEASE: updated after 7.27.0 release

- THANKS: 12 new contributors from the 7.27.0 release

- version bump: start towards next release

Let's call it 7.27.1 for now, but it it probably going to become 7.28.0
when released.

Version 7.27.0 (27 Jul 2012)

Guenter Knauf (27 Jul 2012)
- Fixed compiler warning 'unused parameter'.

- Added prototypes to kill compiler warning.

- Added --with-winidn to configure.

This needs another look from the configure experts. I tested that
it works so far with MinGW64 cross-compiler; libcurl builds and
links fine, but curl not yet ...

Daniel Stenberg (27 Jul 2012)
- [Ant Bryan brought this change]

Update man page info on --metalink and typo.

- RELEASE-NOTES: remove mentioned of bug never in a release

The --silent bug came with 7561a0fc834c435 which was never in a release.
Pointed out by Kamil Dudka

- RELEASE-NOTES: synced with 33b815e894fb

4 more bugfixes, 3 more contributors

Guenter Knauf (26 Jul 2012)
- Changed Windows IDN text to 'WinIDN'.

Synced the output to the same short form as we now use for
Windows SSL (WinSSL).

Daniel Stenberg (25 Jul 2012)
- [Nick Zitzmann brought this change]

darwinssl: fixed freeze involving the multi interface

Previously the curl_multi interface would freeze if darwinssl was
enabled and at least one of the handles tried to connect to a Web site
using HTTPS. Removed the "wouldblock" state darwinssl was using because
I figured out a solution for our "would block but in which direction?"
dilemma.

Guenter Knauf (25 Jul 2012)
- Added support for tls-srp to MinGW builds.

Daniel Stenberg (24 Jul 2012)
- curl_easy_setopt: fix typo

Reported by: Santhana Todatry

- keepalive: multiply value for OS-specific units

DragonFly uses milliseconds, while our API and Linux use full seconds.

Reported by: John Marino
Bug: http://curl.haxx.se/bug/view.cgi?id=3546257

Kamil Dudka (22 Jul 2012)
- http: print reason phrase from HTTP status line on error

Bug: https://bugzilla.redhat.com/676596

- tool_operate: fix misplaced initialization of orig_noprogress

... and orig_isatty which caused --silent to be entirely ignored in case
the standard output was redirected to a file!

Daniel Stenberg (21 Jul 2012)
- [Anton Yabchinskiy brought this change]

Client's "qop" value should not be quoted (RFC2617, section 3.2.2).

Guenter Knauf (21 Jul 2012)
- Fixed typo.

Daniel Stenberg (20 Jul 2012)
- make: make distclean work again

The clean-local hook needed some polish to make sure make distclean
works. Added comment describing why.

- test Makefile: only feature 'unit' once in the list of dirs

Dan Fandrich (20 Jul 2012)
- Fixed some typos in documentation

Guenter Knauf (20 Jul 2012)
- Fixed CR issue with Win32 version on MSYS.

Previous fix didnt work on Linux ...

- Fixed CR issue with Win32 version on MSYS.

- Fixed MSYS <-> Windows path convertion.

Replaced the Windows real path from mount hack with a more
reliable and simpler hack: the MSYS shell has a builtin pwd
which understands a -W option which does convertion to Windows
paths. Tested and confirmed that this works on all MSYS versions
I have back to a 3 year old one.

- Follow-up fix to detect SSL libs with MinGW.

1) the check for winssl needs to come before nss check
2) the SSL checks must begin with a new if or else we will
never find any SSL lib with MinGW.

- Tell git to not convert configure-related files.

- Trial to teach runtests.pl about WinSSL.

- Fixed warning 'uninitialized value in numeric gt'.

This is a MSYS/MinGW-only warning; full warning text is:
Use of uninitialized value in numeric gt (>) at ../../curl/tests/runtests.pl line 2227.

Daniel Stenberg (15 Jul 2012)
- RELEASE-NOTES: synced with 9d11716933616

Fixed 6 bugs, added 3 contributors

- multi_runsingle: added precaution against easy_conn NULL pointer

In many states the easy_conn pointer is referenced and just assumed to
be working. This is an added extra check since analyzing indicates
there's a risk we can end up in these states with a NULL pointer there.

- getparam: fix the GetStr() macro

It should return PARAM_NO_MEM if the strdup fails. Spotted by
clang-analyzer

Guenter Knauf (15 Jul 2012)
- Tell git to not convert configure-related files.

Daniel Stenberg (13 Jul 2012)
- parse_proxy: remove dead assignment

Spotted by clang-analyzer

- ftp_do_more: add missing check of return code

Spotted by clang-analyzer. The return code was never checked, just
stored.

- getinfo: use va_end and cut off Curl_ from static funcs

va_end() needs to be used after va_start() and we don't normally use
Curl_ prefixes for purely static functions.

- [Philip Craig brought this change]

Split up Curl_getinfo

This avoids false positives from clang's scan-build.

Guenter Knauf (12 Jul 2012)
- Added error checking for curl_global_init().

- Added curl_global_* functions.

- Minor fixes to MinGW makefiles.

Daniel Stenberg (12 Jul 2012)
- docs: mention CURL_GLOBAL_DEFAULT

Guenter Knauf (12 Jul 2012)
- Added curl_global_* functions.

Daniel Stenberg (12 Jul 2012)
- tests: verify the stricter numeric option parser

Test 1409 and 1410 verifies the stricter numeric option parser
introduced the other day in commit f2b6ebed7b.

- SWS: use of uninitialized memory fix

I made "connmon" not get initialized properly before use, and I use the
big hammer and make sure we always clear the entire struct to avoid any
problem like this in the future.

- test48: verify that HEAD doesn't close extra

Two commits ago, we fixed a bug where the connction would be closed
prematurely after a HEAD. Now I added connection-monitor to test 48 and
added a second HEAD and make sure that both are sent over the same
connection.

This triggered a failure before the bug fix and now works. Will help us
avoid a future regression of this kind.

- connection-monitor: always log disconnect when enabled

This makes verifying easier and makes us more sure curl closes the
connection only at the correct point in time. Adjusted test 206 and 1008
accordingly and updated the docs for it.

- HEAD: don't force-close after response-headers

A HEAD response has no body length and gets the headers like the
corresponding GET would so it should not get closed after the response
based on the same rules. This mistake caused connections that did HEAD
to get closed too often without a valid reason.

Bug: http://curl.haxx.se/bug/view.cgi?id=3542731
Reported by: Eelco Dolstra

Guenter Knauf (12 Jul 2012)
- Removed trailing empty strings from awk script.

- Cleaned up version awk script.

- Added project copyright header.

- Removed libcurl.imp from Makefile.am.

Updated .gitignore for NetWare created files.

- Added missing dependency to export list.

- Fixed export list path.

- Changed NetWare build to generate export list.

- Added pointer to FAQ for linkage errors.

- Small NetWare makefile tweak.

- Changed MinGW makefiles to use WINSSL now.

Daniel Stenberg (10 Jul 2012)
- test231: fix wrong -C use!

- cmdline: parse numerical options stricter

1 - str2offset() no longer accepts negative numbers since offsets are by
nature positive.

2 - introduced str2unum() for the command line parser that accepts
numericals which are not supposed to be negative, so that it will
properly complain on apparent bad uses and mistakes.

Bug: http://curl.haxx.se/mail/archive-2012-07/0013.html

- docs: switch to proper UTF-8 for text file encoding

Yang Tse (9 Jul 2012)
- Make Curl_schannel_version() return "WinSSL"

Modification based on voting result:

http://curl.haxx.se/mail/lib-2012-07/0104.html

Daniel Stenberg (9 Jul 2012)
- test 46: use different path lengths to get reliable sort order

Since the order of the cookies is sorted by the length of the paths,
having them on the same path length will make the test depend on what
order the qsort() implementation will put them. As seen in the
windows/msys output posted by Guenter in this posting:
http://curl.haxx.se/mail/lib-2012-07/0105.html

- cookie: fixed typo in comment

- [Christian Hägele brought this change]

https_getsock: provided for schannel backend as well

The function https_getsock was only implemented properly when USE_SSLEAY
or USE_GNUTLS is defined, but it is also necessary for USE_SCHANNEL.

The problem occurs when Curl_read_plain or Curl_write_plain returns
CURLE_AGAIN. In that case CURL_OK is returned to the multi-interface an
the used socket is set to state CURL_POLL_REMOVE and the easy-state is
set to CURLM_STATE_PROTOCONNECT. This is fine, because later the socket
should be set to CURL_POLL_IN or CURL_POLL_OUT via multi_getsock. That's
where https_getsock is called and doesn't return any sockets.

- RELEASE-NOTES: added a URL reference to cookie docs

Guenter Knauf (8 Jul 2012)
- Removed obsolete include path to project root.

Daniel Stenberg (8 Jul 2012)
- TODO-RELEASE: issue 316 NTLM over proxy is fixed

- [Nick Zitzmann brought this change]

darwinssl: don't use arc4random_buf

Re-wrote Curl_darwinssl_random() to not use arc4random_buf() because the
function is not available prior to iOS 4.3 and OS X 10.7.

- KNOWN_BUGS: #80 Curl doesn't recognize certs in DER format

- KNOWN_BUGS: #79 - any RCPT TO failure makes and error

Marc Hoersken (8 Jul 2012)
- winbuild: Aligned BUILD.WINDOWS.txt and Makefile.vc usage help

- winbuild: Make USE_WINSSL depend on USE_SSPI

Since WinSSL cannot be build without SSPI being enabled,
USE_WINSSL now defaults to the value of USE_SSPI.

The makefile does now raise an error if WinSSL is enabled
while SSPI is disabled.

- winbuild: Aligned USE_SSPI with other USE_x defines

Renamed external parameter USE_SSPI = yes/no to ENABLE_SSPI = yes/no.
Backwards compatible change: USE_SSPI can still be passed as external
parameter with yes/no value as long as ENABLE_SSPI is not given.

USE_x defines are passed around with true/false values internally,
USE_SSPI is now aligned to this approach, but still accepts external
values yes/no being passed, just like the other defines.

- winbuild: Clean up formatting and variable naming

- Changed space usage to line up with the whole file
- Renamed CFLAGS_SSPI/IPV6 to SSPI/IPV6_CFLAGS to be
consistent with the other CFLAGS_x variables
- Make use of existing CFLAGS_IPV6 (previously IPV6_CFLAGS)
instead of appending directly to CFLAGS

Daniel Stenberg (7 Jul 2012)
- [Nick Zitzmann brought this change]

darwinssl: output cipher with text, remove SNI warning

The code was printing a warning when SNI was set up successfully. Oops.

Printing the cipher number in verbose mode was something only TLS/SSL
programmers might understand, so I had it print the name of the cipher,
just like in the OpenSSL code. That'll be at least a little bit easier
to understand. The SecureTransport API doesn't have a method of getting
a string from a cipher like OpenSSL does, so I had to generate the
strings manually.

- RELEASE-NOTES: synced with 5a99bce07d

- KNOWN_BUGS: NTLM with unicode works with schannel/winssl!

Bug #75 updated with additional info, still remains for builds with
other backends.

- code police: narrow source to < 80 columns

Yang Tse (5 Jul 2012)
- unicode NTLM SSPI: cleanup follow-up

- unicode NTLM SSPI: cleanup

Reduce the number of #ifdef UNICODE directives used in source files.