MIPSPro compiler detected curl_easy_getinfo() related missing adjustments.
SunPro compiler detected curl tool --libcurl option related missing adjustments.

Fail with CURLE_NOT_BUILT_IN when none of requested auth methods is supported.

Reject CURLAUTH_ONLY bit when given alone or with CURLAUTH_NONE.

Data type of internal vars holding CURLAUTH_* bitmasks changed from 'long' to
'unsigned long' for proper handling and operating.

Include stdbool.h only when it is available and configure is capable of
detecting a proper 'bool' data type when the header is included.

Compilation fix for old or unpatched versions of XL C compiler.

Report: http://curl.haxx.se/mail/archive-2012-04/0022.html

Usage in other code paths already protected and requiring even newer versions.

This protects from attribute names being defined by third party's code.

Improvement: http://curl.haxx.se/mail/lib-2012-04/0127.html

NSS_InitContext() was introduced in NSS 3.12.5 and helps to prevent
collisions on NSS initialization/shutdown with other libraries.

Bug: https://bugzilla.redhat.com/738456

This bumps the minimal supported version of NSS to 3.12.x.

configure script now provides conditional definitions for Makefile.am
that result in CURL_HIDDEN_SYMBOLS being defined by resulting makefiles
when appropriate.

Additionally, configure script option for symbol hiding control is now
named --enable-symbol-hiding --disable-symbol-hiding. While still valid,
old option name --enable-hidden-symbols --disable-hidden-symbols will
be deprecated in some future release.

BUILDING_LIBCURL and CURL_STATICLIB are no longer defined in curl_config.h,
configure will generate appropriate conditionals so that mentioned symbols
get defined and used in Makefiles at compilation time

amigaos.[ch] now integrates nicely with any libcurl build

Configuration files such as curl_config.h and all config-*.h no longer exist
nor are generated/copied into 'src' directory, now these only exist in 'lib'
directory from where curl tool sources uses them.

Additionally old src/setup.h has been refactored into src/tool_setup.h which
now pulls lib/setup.h

The possibility of a makefile needing an include path adjustment exists.

When a server certificate matches one in the given CRL file, the code
now returns CURLE_SSL_CACERT as test case 313 expects and verifies.

Previously it would say PolarSSL only, now it says PolarSSL/1.1.0 in the
same style other libs and components do.

As it turns out, some people do want that after all.

This reverts commit f7e2ab62.

This change caused fetching of the certificates to become unreliable.

Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html
Reported by: Tim Heckman

Commit 97b66ebe was copying a smaller buffer, thus duplicating the last
character.

Curl_socket returns CURLE_COULDNT_CONNECT when the opensocket callback
returns CURL_SOCKET_BAD. Previous return value CURLE_FAILED_INIT
conveys incorrect information to the user.

Reworked the command sending from two specific LIST and RETR command
functions into a single command based function as well as the two
associated response handlers into a generic command handler.

If an empty string is passed to CURLOPT_SSH_PUBLIC_KEYFILE, libcurl will
pass no public key to libssh2 which then tries to compute it from the
private key. This is known to work when libssh2 1.4.0+ is linked against
OpenSSL.

This change replaces RFC 2818 based hostname check in OpenSSL build with
RFC 6125 [1] based one.

The hostname check in RFC 2818 is ambiguous and each project implements
it in the their own way and they are slightly different. I check curl,
gnutls, Firefox and Chrome and they are all different.

I don't think there is a bug in current implementation of hostname
check. But it is not as strict as the modern browsers do. Currently,
curl allows multiple wildcard character '*' and it matches '.'. (as
described in the comment in ssluse.c).

Firefox implementation is also based on RFC 2818 but it only allows at
most one wildcard character and it must be in the left-most label in the
pattern and the wildcard must not be followed by any character in the
label.[2] Chromium implementation is based on RFC 6125 as my patch does.
Firefox and Chromium both require wildcard in the left-most label in the
presented identifier.

This patch is more strict than the current implementation, so there may
be some cases where old curl works but new one does not. But at the same
time I think it is good practice to follow the modern browsers do and
follow the newer RFC.

[1] http://tools.ietf.org/html/rfc6125#section-6.4.3
[2] https://bugzilla.mozilla.org/show_bug.cgi?id=159483

With FOLLOWLOCATION enabled. When a 3xx page is downloaded and the
download size was known (like with a Content-Length header), but the
subsequent URL (transfered after the 3xx page) was chunked encoded, then
the previous "known download size" would linger and cause the progress
meter to get incorrect information, ie the former value would remain
being sent in. This could easily result in downloads that were WAY
larger than "expected" and would cause >100% outputs with the curl
command line tool.

Test case 599 was created and it was used to repeat the bug and then
verify the fix.

Bug: http://curl.haxx.se/bug/view.cgi?id=3510057
Reported by: Michael Wallner

Replaced the hard coded md5 digest length (16) with a preprocessor
constant

It is now possible to calculate the md5 sum as the stream of buffers
becomes known where as previously it was only possible to calculate the
md5 sum of a pre-prepared buffer.

This reverts commit 9f0e1689.

It turned out that "improvement" instead made the fetching of the
certificates unreliable

Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html
Reported by: Tim Heckman

This feature allows the user to specify and use additional POP3
commands such as UIDL and DELE via libcurl's CURLOPT_CUSTOMREQUEST or
curl's -X command line option.