Without this workaround, NSS re-uses a session cache entry despite the
server name does not match.  This causes SNI host name to differ from
the actual host name.  Consequently, certain servers (e.g. github.com)
respond by 400 to such requests.

Bug: https://bugzilla.mozilla.org/1202264

... without sha256 support and no define saying so.

Reported-by: Rajkumar Mandal

CURLE_SSL_PINNEDPUBKEYNOTMATCH and CURLE_SSL_INVALIDCERTSTATUS

- Show how a certificate can be obtained using OpenSSL.

Bug: https://github.com/bagder/curl/pull/430
Reported-by: Daniel Hwang

s => is

Closes #428

It uses 'Note:' as a prefix as opposed to the common 'Warning:' to take
down the tone a bit.

It adds a warning for using -XHEAD on other methods becasue that may
lead to a hanging connection.

Bug: https://github.com/bagder/curl/pull/411
Reported-by: Viktor Szakats

long => double

Closes #409

If the port number in the proxy string ended weirdly or the number is
too large, skip it. Mostly as a means to bail out early if a "bare" IPv6
numerical address is used without enclosing brackets.

Also mention the bracket requirement for IPv6 numerical addresses to the
man page for CURLOPT_PROXY.

Closes #415

Reported-by: Marcel Raad

In some timing-dependnt cases when a 4xx response immediately followed
after a 150 when a STOR was issued, this function would wrongly return
'complete == true' while 'wait_data_conn' was still set.

Closes #405

Reported-by: Patricia Muscalu

Closes #414
Closes #413

leavit => leaveit

closes #412

This reverts commit a60bde79 I have
pushed by mistake.  Apologies for my incompetent use of the git repo!

It causes dynamic linking issues at run-time after an update of NSS.

Bug: https://lists.fedoraproject.org/pipermail/devel/2015-September/214117.html

changed macro name, moved and renamed script to become docs/libcurl/has.pl,
generate code that is checksrc compliant

RFC 7540 section 8.1.2.2 states: "An endpoint MUST NOT generate an
HTTP/2 message containing connection-specific header fields; any message
containing connection-specific header fields MUST be treated as
malformed"

Closes #401

and some general cleaning up

This fixes another run-time check failure because of a narrowing cast on
Visual C++.

Closes #408

- Warn that cookies without a domain are sent to any domain:
CURLOPT_COOKIELIST, CURLOPT_COOKIEFILE, --cookie

- Note that imported Set-Cookie cookies without a domain are no longer
exported:
CURLINFO_COOKIELIST, CURLOPT_COOKIEJAR, --cookie-jar

tool_sdecls.h:139 warning: comma at end of enumerator list