Selected socks proxy in Google's Chrome browser. Resulting in the
following environment variables:

NO_PROXY=localhost,127.0.0.0/8
ALL_PROXY=socks://localhost:1080/
all_proxy=socks://localhost:1080/
no_proxy=localhost,127.0.0.0/8

... and libcurl didn't treat 'socks://' as socks but instead picked HTTP
proxy.

Reported by: Scott Bailey

Bug: http://curl.haxx.se/bug/view.cgi?id=3566860

The MD5 fingerprint cannot be computed when running in FIPS mode.

This makes it easier to debug broken hashes or hash functions.

For some reason WinCrypt.h is named wincrypt.h under MinGW.

The include and library path were moved within libmetalink, this
patch adjusts the defaults provided within the curl MinGW makefile.

Since Metalink support requires a crypto library for hash functions
and Windows comes with the builtin CryptoAPI, this patch adds that
API as a fallback to the supported crypto libraries.
It is automatically used on Windows if no other library is provided.

Fixed tests/libtest/libntlmconnect.c:52: warning: call to
'_curl_easy_getinfo_err_long' declared with attribute warning:
curl_easy_getinfo expects a pointer to long for this info

Windows does not use -1 to represent invalid sockets and the
SOCKET type is unsigned.

Check for O_BINARY which is not available on every system.

Since Windows/MinGW threat 0x1A as the EOF character, reading binary
files which contain that byte does not work using text mode.
The read function will only read until the first 0x1A byte. This
means that the hash is not computed from the whole file and the
final validation check using hash comparision fails.

Since Simple and Protected GSSAPI Negotiation Mechanism
is already implemented in curl and supported by the MinGW
builds, this change adds build support to winbuild makefiles.

Cleaned up order of handled build options by ordering them
nearly alphabetically by using the order of the generated
config name. Preparation for future/more build options.

6 bug fixes to mention, 5 contributors

-321 - CURLSSH_AUTH_AGENT patch by Armel Asselin

-324 - curl_multi_select() vs curl_multi_fdvec() etc

Reference counting the credential handle should avoid that such a
handle is freed while it is still required for connection shutdown

SSL didn't work on older cats if built on a newer cat with weak-linking
turned on to support the older cat

While validating a new Clang diagnostic (-Wnon-literal-null-conversion -
yes, the name isn't quite correct in this case, but it suffices) I found
a few violations of it in Curl.

Bug: http://curl.haxx.se/bug/view.cgi?id=3561305

Patch by: Marcel Raad

Each certificate section of the input certdata.txt file has a trust
section following it with details.

This script failed to detect the start of the trust for at least one
cert[*], which made the script continue pass that section into the next
one where it found an 'untrusted' marker and as a result that certficate
was not included in the output.

[*] = "Hellenic Academic and Research Institutions RootCA 2011"

Bug: http://curl.haxx.se/mail/lib-2012-09/0019.html

Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685402

SMTP client will send SIZE parameter in MAIL FROM command only if server
supports it. Without this patch server might say "504 Command parameter
not implemented" and reject the message.

Bug: http://curl.haxx.se/bug/view.cgi?id=3564114

... and specify that SIZE is supported. 250 is the "correct" response
code according to RFC 2821

This is untested, but at least Symbian still has a chance of
still working now.