Support for notes has been in place for a while, but it required
being added to the setup file manually.

This header file must be included after all header files except
memdebug.h, as it does similar memory function redefinitions and can be
similarly affected by conflicting definitions in system or dependent
library headers.

I tested with libressl git master now (v2.1.4-27-g34bf96c) and it seems to
still require the work-around for stapling to work.

URL: http://curl.haxx.se/mail/lib-2015-03/0205.html
Reported-by: Alessandro Ghedini

This is a strange combination of options, but is allowed.

--path-as-is is the command line option

Added docs in curl.1 and CURLOPT_PATH_AS_IS.3

Added test in test 1241

By making sure Curl_getconnectinfo() uses the correct connection cache
to find the last connection.

... it would otherwise lead to memory leakage if we never actually do
the switch.

This conflicted with a WolfSSL typedef.

It seems that some systems (e.g. fairly consistently in some recent
Solaris autobuilds) would manage to get to the connect phase before the
progress callback was called, resulting in a CURLE_COULDNT_CONNECT
error. Reworked the test to point at a test server that never returns a
full result so the progress callback always gets a chance to be called
before the transfer can complete in some other way.

TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.

Coverity CID 1291167 pointed out that 'rc' was received but never used when
gnutls_credentials_set() was used. Added return code check now.

Coverity CID 1291165 pointed out 'chainp' could be dereferenced when
NULL if gnutls_certificate_get_peers() had previously failed.

Coverity CID 1291166 pointed out that we could read this variable
uninitialized.

The certificates were missing the digitalSignature and keyAgreement
usage types, of which at least digitalSignature was checked by CyaSSL.
This caused the test server in test 310 (among others) to fail the
startup verification and therefore run (see
http://curl.haxx.se/mail/lib-2014-07/0303.html).

The certificate generation scripts were also updated to better match the
format of the certificates currently checked in.

CID 1202732 warns on the previous use, although I cannot fine any
problems with it. I'm doing this change only to make the code use a more
familiar approach to accomplish the same thing.

This option can be used to enable/disable TLS False Start defined in the RFC
draft-bmoeller-tls-falsestart.

Reported-by: Frank Gevaerts

This change was made in CyaSSL/WolfSSL ver. 3.4.0

We prematurely changed protocol handler to HTTP/2 which made things very
slow (and wrong).

Reported-by: Stefan Eissing
Bug: https://github.com/bagder/curl/issues/169