We need 1.0.0 or later. Also verified by configure.

When referring to OAuth 2.0 we should use the official name rather the
SASL mechanism name.

The fix in 1a614c6c was wrong and would leed to free() of a fixed
string.

Pointed-out-by: Kamil Dudka

Because it's illogical to check for a 16-bit curl_off_t.

Ref: https://github.com/bagder/curl/issues/425#issuecomment-154964205

Bug: https://github.com/bagder/curl/issues/486
Closes https://github.com/bagder/curl/pull/487

... when it was within a string!

Closes #517

imap.c:657:13: error: assignment discards 'const' qualifier from pointer
target type [-Werror=discarded-qualifiers]

... it is just weird to include by default even if it still works.

The tftpd test server now logs all received options and thus all TFTP
test cases need to match them exactly.

Extended test 283 to use and verify --tftp-blksize.

- Set user info param to the socket returned by Curl_getconnectinfo,
regardless of if the socket is bad. Effectively this means the user info
param now will receive CURL_SOCKET_BAD instead of -1 on bad socket.

- Remove incorrect comments.

CURLINFO_ACTIVESOCKET is documented to write CURL_SOCKET_BAD to user
info param but prior to this change it wrote -1.

Bug: https://github.com/bagder/curl/pull/518
Reported-by: Marcel Raad

Rationale: when starting up a curl-using app, all cookies from the jar
are checked against each other. This was causing a startup delay in the
Fifth browser.

All tests pass.

Signed-off-by: Lauri Kasanen <cand@gmx.com>

Apparently there are sites out there that do redirects to URLs they
provide in plain UTF-8 or similar. Browsers and wget %-encode such
headers when doing a subsequent request. Now libcurl does too.

Added test 1138 to verify.

Closes #473

Closes #425

Fixes a name space pollution at the cost of programs using one of these
defines will no longer compile. However, the vast majority of libcurl
programs that do multipart formposts use curl_formadd() to build this
list.

Closes #506

CID 1332129

CID 1332128

This reverts commit 370ee919.

Issue #509 has all the details but it was confirmed that the crash was
not due to this, so the previous commit was wrong.

... as the certificate is strictly speaking not private.

Reported-by: John Levon

After a successful call to SSL_CTX_use_PrivateKey(), we must not call
EVP_PKEY_free() on the key.

Reported-by: nased0
Closes #509

Out of date and not kept accurate. It was sort of a problem of the past
anyway.

closes #507

- Allow the user to use PKG_CONFIG but not PKGCONFIG.

Background:

Last week in 14d5a86b a change was made to allow the user to set the
PKGCONFIG variable. Today in 72d99f2e I supplemented that to allow the
more common PKG_CONFIG as an alternative if PKGCONFIG is not set.

Neither of those changes worked as expected because PKGCONFIG is
occasionally reset in configure and by the CURL_CHECK_PKGCONFIG macro.
Instead in this commit I take the approach that the user may set
PKG_CONFIG only.

- If mingw ssl make sure -lgdi32 comes after ssl libs

- Allow PKG_CONFIG to set pkg-config location and options

Bug: https://github.com/bagder/curl/pull/501
Reported-by: Kang Lin

Global private symbols MUST start with Curl_!