in the connectdata structure by a single handler table ptr.

string: "FLUSH". Using that will cause libcurl to flush its cookies to the
CURLOPT_COOKIEJAR file.

CURLOPT_OPENSOCKETDATA to set a callback that allows an application to replace
the socket() call used by libcurl. It basically allows the app to change
address, protocol or whatever of the socket. (I also did some whitespace
indent/cleanups in lib/url.c which kind of hides some of these changes, sorry
for mixing those in.)

CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both make
the SCP or SFTP connection verify the remote host's md5 checksum of the public
key before doing a connect, to reduce the risk of a man-in-the-middle attack.

variables to avoid shadowing global declarations.

curl_easy_setopt() that alters how libcurl functions when following
redirects. It makes libcurl obey the RFC2616 when a 301 response is received
after a non-GET request is made. Default libcurl behaviour is to change
method to GET in the subsequent request (like it does for response code 302
- because that's what many/most browsers do), but with this CURLOPT_POST301
option enabled it will do what the spec says and do the next request using
the same method again. I.e keep POST after 301.

The curl tool got this option as --post301

Test case 1011 and 1012 were added to verify.

Renamed the curl_ftpssl enum to curl_usessl and its enumerated constants,
creating macros for backward compatibility.

and allow reuse by multiple protocols. Several unused error codes were
removed.  In all cases, macros were added to preserve source (and binary)
compatibility with the old names.  These macros are subject to removal at
a future date, but probably not before 2009.  An application can be
tested to see if it is using any obsolete code by compiling it with the
CURL_NO_OLDIES macro defined.

Documented some newer error codes in libcurl-error(3)

added basic ldaps support; for now its ifdef'd with HAVE_LDAP_SSL unless we know its fully working, and available with all LDAP SDKs.
Win32 requires to have the trusted CA in local keystore - I've not found yet a way to disable the cert check.

the configure script checks for openldap and friends and we link with those
libs just like we link all other third party libraries, and we no longer
dlopen() those libraries. Our private header file lib/ldap.h was renamed to
lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix)
just before this commit, just in case.

it into a few new functions.
Fixed a few leaks in out of memory conditions, including for test case 231.

LIBSSH2_APINO

(http://curl.haxx.se/bug/view.cgi?id=1766320) pointing out that the libcurl
code accessed two curl_easy_setopt() options (CURLOPT_DNS_CACHE_TIMEOUT and
CURLOPT_DNS_USE_GLOBAL_CACHE) as ints even though they're documented to be
passed in as longs, and that makes a difference on 64 bit architectures.

after 7.16.2. This is much due to the different treatment file:// gets
internally, but now I added test 231 to make it less likely to happen again
without us noticing!

passed to it with curl_easy_setopt()! Previously it has always just refered
to the data, forcing the user to keep the data around until libcurl is done
with it. That is now history and libcurl will instead clone the given
strings and keep private copies.

of a socket after it has been closed, when the FTP-SSL data connection is taken
down.

some few internal identifiers to avoid conflicts, which could be useful on
other platforms.

could in fact get stuck in an endless loop.

* Move scp:// into a state machine so it won't block in multi mode
* When available use the full directory entry from the sftp:// server

libcurl. This also makes the options change name to --krb (from --krb4) and
CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still

and CURLOPT_NEW_DIRECTORY_PERMS.  These control the premissions for files
and directories created on the remote server.  CURLOPT_NEW_FILE_PERMS
defaults to 0644 and CURLOPT_NEW_DIRECTORY_PERMS defaults to 0755

tool reports and it was indeed a legitimate one and it is one fixed. It was
a use of a share without doing the proper locking first.

a connection through a socks proxy doesn't work

hundreds of parallel transfers...

since it easy-handle related and not connection-related.