hostcache_timestamp_remove() should remove old *unused* entries from the
host cache, but it never checked whether the entry was actually in
use. This complements commit 030a2b8c.

Bug: http://curl.haxx.se/bug/view.cgi?id=1327

tftp_done() can get called with its TFTP state pointer still being NULL
on an early time-out, which caused a segfault when dereferenced.

Reported-by: Glenn Sheridan
Bug: http://curl.haxx.se/mail/lib-2014-01/0246.html

Incorrect password if use backspace while entered the password.

Regression from f7bfdbab

The '?:' operator has lower priority than the '-' operator

Since the previous complex select function with initial support for
non-socket file descriptors, did not actually work correctly for
Console handles, this change simplifies the whole procedure by using
an internal waiting thread for the stdin console handle.

The previous implementation made it continuously trigger for the stdin
handle if it was being redirected to a parent process instead of
an actual Console input window.

This approach supports actual Console input handles as well as
anonymous Pipe handles which are used during input redirection.

It depends on the fact that ReadFile supports trying to read zero bytes
which makes it wait for the handle to become ready for reading.

Removed Unix-specific functionality in order to support Windows:
- select.epoll replaced with select.select
- SocketServer.ForkingMixIn replaced with SocketServer.ForkingMixIn
- socket.MSG_DONTWAIT replaced with socket.setblocking(False)

Even though epoll has a better performance and improved socket handling
than select, this change should not affect the actual test case.

The list was out of date and the paragraph already refers to the
CURLOPT_HTTPAUTH explanation. All the auth bits are explained properly
there.

It also removes the ambiguity for what the "added" phrase refers to.

This change based on pull request #85 on github

URL: https://github.com/bagder/curl/pull/85
Reported-by: gnawhleinad

Make it possible to call
curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD, &filesize)
and related functions on remote sftp:// files, without downloading them.

Reported-by: Yingwei Liu
Bug: http://curl.haxx.se/mail/lib-2014-01/0139.html

This covers changes from commit afd288b2.

This prevents sending a `Content-Length: -1` header, e.g this ocurred
with the following combination:

* standard HTTP POST (no chunked encoding),
* user-defined read function set,
* `CURLOPT_POSTFIELDSIZE(_LARGE)` NOT set.

With this fix it now behaves like HTTP PUT.

Make GnuTLS old and new consistent, specify the desired protocol, cipher
and certificate type in always in both modes. Disable insecure ciphers
as reported by howsmyssl.com. Honor not only --sslv3, but also the
--tlsv1[.N] switches.

Related Bug: http://curl.haxx.se/bug/view.cgi?id=1323

Due to the changes in commit 3c929ff9 and lack of subsequent
updates, curl could return a CURLE_FTP_ACCEPT_FAILED error if
checkpasswd() ran out of memory in versions 7.33.0 and 7.34.0.

Updated the function declaration and return code to return
CURLE_OUT_OF_MEMORY and CURLE_OK where appropriate.