- Mike Crowe pointed out that setting CURLOPT_USERPWD to NULL used to clear

- Andre Guibert de Bruet found a call to a OpenSSL function that didn't check

  for a failure properly.

- Mike Crowe pointed out that setting CURLOPT_USERPWD to NULL used to clear

  the auth credentials back in 7.19.0 and earlier while now you have to set ""

  to get the same effect. His patch brings back the ability to use NULL.

Daniel Stenberg (25 May 2009)

- bug report #2796358 (http://curl.haxx.se/bug/view.cgi?id=2796358) pointed

  out that the cookie parser would leak memory when it parses cookies that are

 o crash on bad socket close with FTP

 o leaking cookie memory when duplicate domains or paths were used

 o build fix for Symbian

 o CURLOPT_USERPWD set to NULL clears auth credentials

This release includes the following known bugs:

This release would not have looked like this without help, code, reports and

advice from friends like these:

 Kamil Dudka, Caolan McNamara, Frank McGeough, Andre Guibert de Bruet

 Kamil Dudka, Caolan McNamara, Frank McGeough, Andre Guibert de Bruet,

 Mike Crowe

        Thanks! (and sorry if I forgot to mention someone)

  char* separator;

  CURLcode result = CURLE_OK;

  if(!option)

    return result;

  if(!option) {

    /* we treat a NULL passed in as a hint to clear existing info */

    Curl_safefree(*user_storage);

    *user_storage = (char *) NULL;

    Curl_safefree(*pwd_storage);

    *pwd_storage = (char *) NULL;

    return CURLE_OK;

  }

  separator = strchr(option, ':');

  if (separator != NULL) {