... in order not to leak memory on initializing an SSL library.

Reported by: Tomas Mlcoch

The Curl_reconnect_request() function could end up returning a pointer
to a free()d struct when Curl_done() failed inside. Clearing the pointer
unconditionally after Curl_done() avoids this risk.

Reported by: Ho-chi Chen
Bug: http://curl.haxx.se/mail/lib-2012-09/0188.html

Output changed in commit a34197ef

Bug: http://curl.haxx.se/bug/view.cgi?id=3568327

Leave two bug fixes as possibly fixed for 7.28 but as nobody seems to be
working on them I have little hope...

Minor change to recently introduced function.  BC breaking, but since
curl_multi_wait() doesn't exist in any releases that should be fine.

Selected socks proxy in Google's Chrome browser. Resulting in the
following environment variables:

NO_PROXY=localhost,127.0.0.0/8
ALL_PROXY=socks://localhost:1080/
all_proxy=socks://localhost:1080/
no_proxy=localhost,127.0.0.0/8

... and libcurl didn't treat 'socks://' as socks but instead picked HTTP
proxy.

Reported by: Scott Bailey

Bug: http://curl.haxx.se/bug/view.cgi?id=3566860

The MD5 fingerprint cannot be computed when running in FIPS mode.

This makes it easier to debug broken hashes or hash functions.

For some reason WinCrypt.h is named wincrypt.h under MinGW.

The include and library path were moved within libmetalink, this
patch adjusts the defaults provided within the curl MinGW makefile.

Since Metalink support requires a crypto library for hash functions
and Windows comes with the builtin CryptoAPI, this patch adds that
API as a fallback to the supported crypto libraries.
It is automatically used on Windows if no other library is provided.

Fixed tests/libtest/libntlmconnect.c:52: warning: call to
'_curl_easy_getinfo_err_long' declared with attribute warning:
curl_easy_getinfo expects a pointer to long for this info

Windows does not use -1 to represent invalid sockets and the
SOCKET type is unsigned.

Check for O_BINARY which is not available on every system.

Since Windows/MinGW threat 0x1A as the EOF character, reading binary
files which contain that byte does not work using text mode.
The read function will only read until the first 0x1A byte. This
means that the hash is not computed from the whole file and the
final validation check using hash comparision fails.

Since Simple and Protected GSSAPI Negotiation Mechanism
is already implemented in curl and supported by the MinGW
builds, this change adds build support to winbuild makefiles.

Cleaned up order of handled build options by ordering them
nearly alphabetically by using the order of the generated
config name. Preparation for future/more build options.

6 bug fixes to mention, 5 contributors