Reported-by: elsamuko at github
Fixes #3921
Closes #3922

Closes https://github.com/curl/curl/pull/3923

- Change data and protocol sections to CRLF line endings.

Prior to this change the tests would fail or hang, which is because
certain sections such as protocol require CRLF line endings.

Follow-up to a9499ff1 from today which added the tests.

Ref: https://github.com/curl/curl/pull/3790

Regression since e91e4816.

Reported-by: Tom Greenslade
Fixes #3924
Closes #3925

This reverts commit 3b06e68b.

Clearly this change wasn't good enough as it broke CURLOPT_LOW_SPEED_LIMIT +
CURLOPT_LOW_SPEED_TIME

Reported-by: Dave Reisner

Fixes #3927
Closes #3928

Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.

Fixed #3653
Closes #3790

Testing against OpenSSH for Windows requires v7.7.0.0 or newer
due to the use of AllowUsers and DenyUsers. For more info see:
https://github.com/PowerShell/Win32-OpenSSH/wiki/sshd_config

Closes https://github.com/curl/curl/pull/3919

Closes https://github.com/curl/curl/pull/3919

Closes https://github.com/curl/curl/pull/3919

Closes https://github.com/curl/curl/pull/3919

Closes https://github.com/curl/curl/pull/3919

Also removed mentions from most docs.

Discussed: https://curl.haxx.se/mail/lib-2019-05/0045.html

Closes #3888

- adds the check to cmake

- fixes the configure check to work for cross-compiled windows builds

Closes #3917

If the proxy string is given as an IPv6 numerical address with a zone
id, make sure to use that for the connect to the proxy.

Reported-by: Edmond Yu

Fixes #3482
Closes #3918

Reported-by: GitYuanQu on github
Fixes #3902
Closes #3914

Made detection macros for these two functions in the same style as other
functions possibly in winsock in the hope this will work better to
detect these functions when cross-compiling for Windows.

Follow-up to e91e4816

Fixes #3913
Closes #3915

Fixes Codacy/CppCheck warnings.

Closes

When compiling without getpeername() or getsockname(), the sockfd
paramter to Curl_udpateconninfo() became unused after commit e91e4816
added ifdef guards.

Closes #3910
Fixes https://curl.haxx.se/dev/log.cgi?id=20190520172441-32196
Reviewed-by: Marcel Raad, Daniel Stenberg

Commit e91e4816 moved ftp_ccc in under
the FTP featureflag in the UserDefined struct, but vtls callsites were
still using it unprotected.

Closes #3912
Fixes: https://curl.haxx.se/dev/log.cgi?id=20190520044705-29865
Reviewed-by: Daniel Stenberg, Marcel Raad

Reported-by: Olen Andoni
Fixes #3906
Closes #3907

Closes #3892

Ref: #3905

The longest currently registered URI scheme at IANA is 36 bytes long.

Closes #3905
Closes #3900

Fixes Codacy/CppCheck warnings.

Closes https://github.com/curl/curl/pull/3872

Just initialize word_begin with the correct value.

Closes https://github.com/curl/curl/pull/3873

This way, we need only one call to free.

Closes https://github.com/curl/curl/pull/3873

sock was only used to be assigned to fd_read.

Closes https://github.com/curl/curl/pull/3873

bug: https://curl.haxx.se/docs/CVE-2019-5436.html
Reported-by: l00p3r on hackerone
CVE-2019-5436

When running a multi TLS backend build the version string needs more
buffer space. Make the internal ssl_buffer stack buffer match the one
in Curl_multissl_version() to allow for the longer string. For single
TLS backend builds there is no use in extended to buffer. This is a
fallout from #3863 which fixes up the multi_ssl string generation to
avoid a buffer overflow when the buffer is too small.

Closes #3875
Reviewed-by: Daniel Stenberg <daniel@haxx.se>

Currently when the server responds with 401 on NTLM authenticated
connection (re-used) we consider it to have failed.  However this is
legitimate and may happen when for example IIS is set configured to
'authPersistSingleRequest' or when the request goes thru a proxy (with
'via' header).

Implemented by imploying an additional state once a connection is
re-used to indicate that if we receive 401 we need to restart
authentication.

Missed in fe6049f0.