It does so in a streaming manner using the "Streaming HTML parser".

The iOS build was broken by a reference to a function that only existed
under OS X; fixed. Also fixed a hard-to-reproduce problem where, if the
server disconnected before libcurl got the chance to hang up first and
SecureTransport was in use, then we'd raise an error instead of failing
gracefully.

Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690551

The makefile is designed to build against a libmetalink devel package;
therefore is does not matter what will change inside libmetalink.
Add OpenSSL includes and defines for libmetalink-aware OpenSSL builds.

One bug, one contributor. Getting ready for release.

This is a minor change in behavior after having been pointed out by Mark
Tully and discussed on the list. Initially this case would internally
call poll() with no sockets and a timeout which would equal a sleep for
that specified time.

Bug: http://curl.haxx.se/mail/lib-2012-10/0076.html
Reported by: Mark Tully

one issue is now KNOWN_BUG #79

the other we just skip since nobody is working on it or is planning to
start working on it anytime soon

Do not fill the decrypted data buffer with more data unless
required in order to return the requested amount of data.

Since there are servers that seem to return very big encrypted
data packages, we need to be able to handle those without having
an internal size limit. To avoid the buffer growing to fast to
early the initial size was decreased and the minimum free space
in the buffer was decreased as well.

Streamlined variable names and types to avoid type conversions that
may result in data being lost on non 32-bit systems.

Use ssize_t instead of int to avoid conversion problems on 64-bit
systems. Also added curlx_sztosi where necessary.

9 new bug fixes, 5 changes, 6 more contributors

During the periods of rate limitation, the speedcheck function wasn't
called and thus the values weren't updated accordingly and it would then
easily trigger wrongly once data got transferred again.

Also, the progress callback's return code was not acknowledged in this
state so it could make an "abort" return code to get ignored and not
have the documented effect of aborting an ongoing transfer.

Bug: http://curl.haxx.se/mail/lib-2012-09/0081.html
Reported by: Jie He

In Metalink v3, the type attribute of url element indicates the
type of the resource the URL points to. It can include URL to the
meta data, such as BitTorrent metainfo file.  In Curl, we are not
interested in these meta data URLs. Instead, we are only
interested in the HTTP and FTP URLs. This change filters out
non-HTTP and FTP URLs. If we don't filter out them, it will be
downloaded by curl and hash check will fail if hash is provided
and next URL will be tried. This change will cut this useless
network transfer.

... in order not to leak memory on initializing an SSL library.

Reported by: Tomas Mlcoch

The Curl_reconnect_request() function could end up returning a pointer
to a free()d struct when Curl_done() failed inside. Clearing the pointer
unconditionally after Curl_done() avoids this risk.

Reported by: Ho-chi Chen
Bug: http://curl.haxx.se/mail/lib-2012-09/0188.html

Output changed in commit a34197ef

Bug: http://curl.haxx.se/bug/view.cgi?id=3568327

Leave two bug fixes as possibly fixed for 7.28 but as nobody seems to be
working on them I have little hope...