... previously, docs/ was only a dist subdir, now also a build subdir.

Reported-by: Dan Fandrich
Bug: https://curl.haxx.se/mail/lib-2017-03/0017.html

Depend on the known behaviour of URLs for nonexistent files rather than
the undefined behaviour of URLs for directories (which fails on Windows).
The test isn't about file: URLs at all, so the URL used doesn't really
matter.

Otherwise, the contents will end up in the output and fail the
verification.

If a % ended the statement, the string's trailing NUL would be skipped
and memory past the end of the buffer would be accessed and potentially
displayed as part of the --write-out output. Added tests 1440 and 1441
to check for this kind of condition.

Reported-by: Brian Carpenter

- Add new option CURLOPT_SUPPRESS_CONNECT_HEADERS to allow suppressing
  proxy CONNECT response headers from the user callback functions
  CURLOPT_HEADERFUNCTION and CURLOPT_WRITEFUNCTION.

- Add new tool option --suppress-connect-headers to expose
  CURLOPT_SUPPRESS_CONNECT_HEADERS and allow suppressing proxy CONNECT
  response headers from --dump-header and --include.

Assisted-by: Jay Satiro
Assisted-by:  <CarloCannas@users.noreply.github.com>
Closes https://github.com/curl/curl/pull/783

A client MUST ignore any Content-Length or Transfer-Encoding header
fields received in a successful response to CONNECT.
"Successful" described as: 2xx (Successful). RFC 7231 4.3.6

Prior to this change such a case would cause an error.

In some ways this bug appears to be a regression since c50b878c. Prior to
that libcurl may have appeared to function correctly in such cases by
acting on those headers instead of causing an error. But that behavior
was also incorrect.

Bug: https://github.com/curl/curl/issues/1317


Reported-by:  <mkzero@users.noreply.github.com>

Broken a few days ago in 6448f98c.

Bug: https://curl.haxx.se/mail/lib-2017-03/0015.html

Do not call curl_easy_reset() between the requests, because the
auth state must be preserved for these tests.

Follow-up to 0afbcfd8

This prevents a "Descriptor is not a socket" error for WinSSL.

Reported-by:  <Antony74@users.noreply.github.com>
Reviewed-by: Jay Satiro

Fixes https://github.com/curl/curl/issues/1239

Follow-up to 5278462c
See https://github.com/curl/curl/issues/1095

This flag is meant for the current request based on authentication
state, once the request is done we can clear the flag.

Also change auth.multi to auth.multipass for better readability.

Fixes https://github.com/curl/curl/issues/1095
Closes https://github.com/curl/curl/pull/1326



Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reported-by: Michael Kaufmann

and try to add the top comment within an HTML comment in the hope
that it might get hidden if the text is kept

CID 1402159 and 1402158

Test 1903 is doing HTTP pipelining, and that is a timing and ordering
sensitive operation and this fails far too often on the Travis CI
leading to people more or less ignoring test failures there. Not good.

The end of pipelning is probably coming sooner rather than later
anyway...

The man page taken from the release package is found in a different
location than if it's built from source. It must be referenced as $< in
the rule to get its correct location in the VPATH.

This eliminates the need for an external gzip program, which wasn't
working with Busybox's gzip, anyway. It now compresses using perl's
IO::Compress::Gzip

...due to the newly added CURL_SSLVERSION_MAX_* functionality

Verified with OpenSSL 1.1.0e and OpenSSL master (1.1.1)

This commit introduces the CURL_SSLVERSION_MAX_* constants as well as
the --tls-max option of the curl tool.

Closes https://github.com/curl/curl/pull/1166

Assisted-by: Ray Satiro
Bug: https://curl.haxx.se/mail/lib-2017-03/0002.html

maketgz now runs scripts/updatemanpages.pl to update the man pages .TH
section to use the current date and curl/libcurl version.

(TODO Section 3.1)

Closes #1058

Ignore man page dist files generated by scripts/updatemanpages.pl

Added script to update man pages to use the current date and
curl/libcurl versions.

updatemanpages.pl has three arrays: list of directories to look in,
list of extensions to process, list of files to exclude from
processing.

Check man page in git repoistory using the date from the existing man
page before updating to avoid updating the man page if no change is
made.

If data is received from the git command then update the man page with
the current date and version otherwise leave alone.

Applied patch from badger to make the date argument optional, change the
git command used, added date argument to processfile subroutine and
print to STDERR if no date is found in a man page.

Added code to process the changed man page into a new man page with
.dist added to the filename to keep the original source files unchanged.
Updated POD documentation to reflect that the date argument optional.

Code style is in line with CODE_STYLE.md.

Directo...

This fixes assertion error which occurs when redirect is done with 0
length body via HTTP/2, and the easy handle is reused, but new
connection is established due to hostname change:

    curl: http2.c:1572: ssize_t http2_recv(struct connectdata *,
      int, char *, size_t, CURLcode *):
    Assertion `httpc->drain_total >= data->state.drain' failed.

To fix this bug, ensure that http2_handle_stream is called.

Fixes #1286
Closes #1302

Assisted-by: Ray Satiro

Bug: https://curl.haxx.se/mail/lib-2017-03/0009.html

Bug: https://github.com/curl/curl/issues/1308
Reported-by: Justin Clift

... because it causes confusion with users. Example URLs:

"http://[127.0.0.1]:11211:80" which a lot of languages' URL parsers will
parse and claim uses port number 80, while libcurl would use port number
11211.

"http://user@example.com:80@localhost" which by the WHATWG URL spec will
be treated to contain user name 'user@example.com' but according to
RFC3986 is user name 'user' for the host 'example.com' and then port 80
is followed by "@localhost"

Both these formats are now rejected, and verified so in test 1260.

Reported-by: Orange Tsai