all multi and hiper examples:

* don't loop curl_multi_perform calls, that was <7.20.0 style, currently
  the exported multi functions will not return CURLM_CALL_MULTI_PERFORM

all hiper examples:
* renamed check_run_count to check_multi_info
* don't  compare current running handle count with previous value, this
  was the wrong way to check for finished requests, simply call
  curl_multi_info_read
* it's also safe to call curl_multi_remove_handle inside the
  curl_multi_info_read loop.

ghiper.c:
* replaced curl_multi_socket (that function is marked as obsolete) calls
  with curl_multi_socket_action calls (as in hiperfifo.c and
  evhiperfifo.c)

ghiper.c and evhiperfifo.c:
* be smart as hiperfifo.c, don't do uncessary curl_multi_* calls in
  new_conn and main

As we're already in feature freeze, I pushed the feature onwards.

OS400 compile script in test dir updated for chkhostname.

Remove a leak seen on Kerberos/MIT (gss_OID is copied internally and
we were leaking it). Now we just pass NULL as advised in RFC2744.

|tmp| was never set back to buf->data.

Cleaned up Curl_sec_end to take into account failure in Curl_sec_login
(where conn->mech would be NULL but not conn->app_data or
conn->in_buffer->data).

The current implementation would make us send wrong data on a closed
socket. We don't buffer our data so the method can be safely removed.

Following a change in the way socket handler are registered, the custom
recv and send method were conditionaly registered.
We need to register them everytime to handle the ftp security
extensions.

Re-added the clear text handling in sec_recv.

Curl_sec_login was returning the opposite result that the code in ftp.c
was expecting. Simplified the return code (using a CURLcode) so to see
more clearly what is going on.

They are not automatically added and make the output of the verbose
mode a lot more readable.

My use of va_args was completely wrong. Fixed the usage so that
we send the right commands!

According to RFC3986 section 2.3 the letters -, ., _ and ~ should not be
percent-encoded.

Reported by: Miguel Diaz
Bug: http://curl.haxx.se/mail/lib-2010-09/0227.html

The functions Curl_disconnect() and Curl_done() are both used within the
scope of a single request so they cannot be allowed to use
Curl_expire(... 0) to kill all timeouts as there are some timeouts that
are set before a request that are supposed to remain until the request
is done.

The timeouts are now instead cleared at curl_easy_cleanup() and when the
multi state machine changes a handle to the complete state.

Patch was fixed and validated by David McCreedy.

This is an attempt to reproduce bug #3076808

With the latest changes to fix the timeout handling with multi interface
we lost the timeout error messages. This patch brings them back.

The date format in RFC822 allows that the seconds part of HH:MM:SS is
left out, but this function didn't allow it. This change also includes a
modified test case that makes sure that this now works.

Reported by: Matt Ford
Bug: http://curl.haxx.se/bug/view.cgi?id=3076529

Just made sure that the good old curl indentation style is used all over
this file.

tftpd-hpa has a bug where it will send an incorrect ack when the block
counter wraps and tftp options have been sent. Work around that by
accepting an ack for 65535 when we're expecting one for 0.

This reverts commit fbb38de4.

And also removed the FIXME where memory was zeroed just before freed,
and some other minor whitespace changes.

- |fd| is now a curl_socket_t and |len| a size_t to avoid conversions.
- Added 2 FIXMEs about the 2 unsigned -> signed conversions.
- Included 2 minor changes to Curl_sec_end.

- Renamed the method to sec_send now that we
  renamed sec_send to do_sec_send.
- Some more variable renaming.

- Renamed the function to sec_recv.
- Renamed the parameters and variable to match the rest of the code.

- Use an early return as it makes the code more readable.
- Added a FIXME about a conversion.

- Renamed it to do_sec_send as it is the function doing the actual
  transfer.
- Do not return any values as no one was checking it and it never
  reported a failure (added a FIXME about checking for errors).
- Renamed the variables to make their use more specific.
- Removed some casts (int -> curl_socket_t, ...)
- Avoid doing the htnl <-> nthl twice by caching the 2 results.

- Renamed the variables name to better match their intend.
- Unified the |decoded_len| checks.
- Added some FIXMEs to flag some improvement that did not go in this
  change.

- Removed sec_prot_internal as it is now inlined in the function (this removed
  a redundant check).
- Changed the prototype to return an error code.
- Updated the method to use the new ftp_send_command function.
- Added a level_to_char helper method to avoid relying on the compiler's
  bound checks. This default to the maximum security we have in case of a
  wrong input.

security.c: factored the logic from Curl_sec_login into a dedicated method that better reflect its intent.

Introduced a helper method ftp_send_command that synchronously send
an FTP query.

Tighten the type of the |data| parameter to avoid a cast. Also made
it const as we should not modify it.

Added a DEBUGASSERT on the size to be written while changing it.

While doing so, renamed it to socket_write to better match its
function.

To do so, made block_read call Curl_read_plain instead of read.

While changing them renamed block_read to socket_read and sec_get_data
to read_data to better match their function.

Also fixed a potential memory leak in block_read.

... for example when LDAP is not compiled.

Fixed the logic to match the rest of the options' message that is we
update the default message only if the option is not disabled after the
different checks.

Reported by: Guenter Knauf

Obviously, browsers ignore a colon without a following port number. Both
Firefox and Chrome just removes the colon for such URLs. This change
does not remove the colon for URLs sent over a HTTP proxy, so we should
consider doing that change as well.

Reported by: github user 'kreshano'