Clarified the release procedure

Error 4 has got a meaning

Error 48 has got a slightly different meaning now

When using -O the file will be saved in the current directory, and this
is now spelled out clearly.

Reported by: Hongli Lai

Stop the abuse of CURLE_FAILED_INIT as return code for things not being
init related by introducing two new return codes:

CURLE_NOT_BUILT_IN and CURLE_UNKNOWN_OPTION

CURLE_NOT_BUILT_IN replaces return code 4 that has been obsoleted for
several years. It is used for returning error when something is
attempted to be used but the feature/option was not enabled or
explictitly disabled at build-time. Getting this error mostly means that
libcurl needs to be rebuilt.

CURLE_FAILED_INIT is now saved and used strictly for init
failures. Getting this problem means something went seriously wrong,
like a resource shortage or similar.

CURLE_UNKNOWN_OPTION is the option formerly known as
CURLE_UNKNOWN_TELNET_OPTION (and the old name is still present,
separately defined to be removed in a very distant future). This error
code is meant to be used to return when an option is given to libcurl
that isn't known. This problem would mostly indicate a problem in the
program that uses libcurl.

The read callback must return the exact requested amount of data when it
is used for doing TFTP uploads. This is due to how it deals with data
internally. This could/should be fixed but for now we document the
existing behavior.

Reported by: Colin Blair
Bug: http://curl.haxx.se/mail/lib-2011-03/0319.html

If a new enough OpenSSL version is used, configure detects the TLS-SRP
support and enables it.

Added a little generic info section about the lists and a section about
how to deal with trolls and spam on the lists.

This is a new documentation for the source tree. This information has
been present since a long time at
http://curl.haxx.se/mail/etiquette.html but now it is put into a plain
text version too for wider distribution. The web version will be
automatically generated from this source document.

This avoids warnings generated by autoconf 2.68.

Signed-off-by: Dave Reisner <d@falconindy.com>

Scanned with a tool that checked for mistakes and this is the subsequent
cleanup.

Slightly modified to become a nicer web page when converted for the site

CURLE_CHUNK_FAILED and CURLE_FTP_BAD_FILE_LIST were introduced in
7.21.0, not 7.20.1

Reported by: Andre Guibert de Bruet

When NSS-powered libcurl connected to a SSL server with
CURLOPT_SSL_VERIFYPEER equal to zero, NSS remembered that the peer
certificate was accepted by libcurl and did not ask the second time when
connecting to the same server with CURLOPT_SSL_VERIFYPEER equal to one.

This patch turns off the SSL session cache for the particular SSL socket
if peer verification is disabled.  In order to avoid any performance
impact, the peer verification is completely skipped in that case, which
makes it even faster than before.

Bug: https://bugzilla.redhat.com/678580

Lines that are indented with at least 5 spaces get special treatment by
the script that converts it to HTML on the site.

All C and H files now (should) feature the proper project curl source
code header, which includes basic info, a copyright statement and some
basic disclaimers.

Stress that it is for client certificates and then mention that it also
works for all other SSL-based protocols apart from HTTPS and
FTPS. Namely POP3S, IMAPS and SMTPS for now.

Extend the docs to clarify that CURLOPT_SSH_KEYFUNCTION is only called
if the known hosts option is also correctly set!

CURLOPT_HTTPAUTH was mentioning CURLOPT_USERPASSWORD instead of
CURLOPT_PASSWORD.

Reported by: Mike Henshaw

This enables people to specify a path to the netrc file to use.
The new option override --netrc if both are present. However it
does follow --netrc-optional if specified.

I forgot to sort it when I added the CURL_SOCKOPT_* symbols

On second thought, I think CURLE_TLSAUTH_FAILED should be eliminated. It
was only being raised when an internal error occurred while allocating
or setting the GnuTLS SRP client credentials struct. For TLS
authentication failures, the general CURLE_SSL_CONNECT_ERROR seems
appropriate; its error string already includes "passwords" as a possible
cause. Having a separate TLS auth error code might also cause people to
think that a TLS auth failure means the wrong username or password was
entered, when it could also be a sign of a man-in-the-middle attack.

Reported by: Ian D Allen
Bug: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/714895

Forwarded to us by:

Reported by: Andreas Olsson
Bug: http://curl.haxx.se/bug/view.cgi?id=3175422