The curl-config now features a --built-shared command line option that
will output 'yes' or 'no' depending if the build process was asked to
build shared library/libraries or not.

It is primarily made to offer more details to the test suite to know
what kind of stunts it can expect to work.

Win64's 32 bit long but 64 bit size_t caused a warning that we avoid
with a typecast. A small whitespace indent fix was also applied.

Reported by: Adam Light

This one was long overdue to be mentioned in the FAQ. Also, mention the
new ftp wildcard downloading feature.

Signed-off-by: Ben Greear <greearb@candelatech.com>

  This passes -Werror to gcc when building curl and libcurl,
  allowing easy dection of compile warnings.

Signed-off-by: Ben Greear <greearb@candelatech.com>

Signed-off-by: Ben Greear <greearb@candelatech.com>

... since FTP is using it as well, and potentially other protocols!

Also, an #endif CURL_DISABLE_HTTP was incorrectly marked, as it seems to
end the proxy block instead.

Fixed the comment/document for the response_time struct member.

The FTP implementation was missing a timestamp reset point, making the
waiting for responses after sending a post-transfer "QUOTE" command not
working as supposedly. This bug was introduced in 7.20.0

The --remote-header-name option for the command-line tool assumes that
everything beyond the filename= field is part of the filename, but that
might not always be the case, for example:

Content-Disposition: attachment; filename=file.txt; modification-date=...

This fix chops the filename off at the next semicolon, if there is one.

When getting multiple URLs, curl didn't properly reset the byte counter
after a successful transfer so if the subsequent transfer failed it
would wrongly use the previous byte counter and behave badly (segfault)
because of that. The code assumes that the byte counter and the 'stream'
pointer is well in synch.

Reported by: Jon Sargeant
Bug: http://curl.haxx.se/bug/view.cgi?id=3028241

Make the multi-interface using examples use curl_multi_timeout to
properly educate users how to do things.

curl_multi perform has two phases: run through every easy handle calling
multi_runsingle and remove expired timers (timer removal).

If a small timer (e.g. 1-10ms) is set during multi_runsingle, then it's
possible that the timer has passed by when the timer removal runs. The
timer which was just added is then removed. This will potentially cause
the timer list to be empty and cause the next call to curl_multi_timeout
to return -1. Ideally, curl_multi_timeout should return 0 in this case.

One way to fix this is to move the struct timeval now = Curl_tvnow(); to
the top of curl_multi_perform. The change does that.

Reset old timer first so we can set a new one further in the future.

configure checks for grep, egrep, sed and ar and set the variables GREP,
EGREP, SED and AR accordingly. We now let already set variables override
the internal choices to let users make decisions when they know the
right choice already. This is a regression as our configure script used
to allow this back before commit 0b57c475 (up to 7.18.2).

Reported by: "kdekker"
Bug: http://curl.haxx.se/bug/view.cgi?id=3028318

The test would loop forever if authtype bit 0 wasn't set.

Since uploading from stdin is very likely to not work with anyauth and
its multi-phase probing for what authentication to actually use, alert
the user about it. Multi-phase negotiate almost certainly will involve
sending data and thus libcurl will need to rewind the stream to send
again, and it cannot do that with stdin.

As mentioned in bug report #2956968, the HTTP code wouldn't send the
first empty chunk during the auth negotiation phase of the HTTP request
sending, so the server would wait for data to come and libcurl would
wait for data to arrive... I've made the code not enable chunked
encoding until the auth negotiation is done and thus this scenario
doesn't occur anymore.

Reported by: Sidney San Martín
Bug: http://curl.haxx.se/bug/view.cgi?id=2956968

I think the [REMARK] and commented function calls cluttered the code a
bit too much and made the generated code ugly to read. Now we instead
track the remarks one specially and just lists them at the end of the
generated code more as additional information.

it makes the --libcurl output easier to follow.

And additionally, don't show function or object pointers actual value
since they make no sense to anyone. Show 'functionpointer' and
'objectpointer' instead.

In the generated code --libcurl makes, all calls to curl_easy_setopt()
that use *_LARGE options now have the value typecasted to curl_off_t, so
that it works correctly for 32bit systems with 64bit curl_off_t type.

When curl_multi_remove_handle() is called and an easy handle is returned
to the connection cache held in the multi handle, then we cannot allow
CURLINFO_LASTSOCKET to extract it since that will more or less encourage
that the user uses the socket while it can get used by libcurl again.

Without this fix, we'd get a segfault in Curl_getconnectinfo() trying to
dereference the NULL pointer in 'data->state.connc'.

Bug: http://curl.haxx.se/bug/view.cgi?id=3023840

When configured with '--without-ssl --with-nss', NTLM authentication
now uses NSS crypto library for MD5 and DES.  For MD4 we have a local
implementation in that case.  More details are available at
https://bugzilla.redhat.com/603783

In order to get it working, curl_global_init() must be called with
CURL_GLOBAL_SSL or CURL_GLOBAL_ALL.  That's necessary because NSS needs
to be initialized globally and we do so only when the NSS library is
actually required by protocol.  The mentioned call of curl_global_init()
is responsible for creating of the initialization mutex.

There was also slightly changed the NSS initialization scenario, in
particular, loading of the NSS PEM module.  It used to be loaded always
right after the NSS library was initialized.  Now the library is
initialized as soon as any SSL or NTLM is required, while the PEM module
is prevented from being loaded until the SSL is actually required.

curl didn't properly handle escaping characters in a URL with the use of
backslash. It did an attempt, but that failed as reported in bug
3022551. The described example was using the URL
"http://example.com?{AB,C\,D}".

I've now removed the special-handling of letters following the backslash
and I also removed the bad extra check that triggered this particular
bug.

Bug: http://curl.haxx.se/bug/view.cgi?id=3022551
Reported by: Jon Sargeant

There was a problem when a UNIX-like server returned information
about directory size (total NNNNNN) at the first line of
response.

When a hostname resolves to multiple IP addresses and the first one
tried doesn't work, the socket for the second attempt may get dropped on
the floor, causing the request to eventually time out. The issue is that
when using kqueue (as on mac and bsd platforms) instead of select, the
kernel removes the first fd from kqueue when it is closed (in trynextip,
connect.c:503). Trynextip() then goes on to open a new socket, which
gets assigned the same number as the one it just closed. Later in
multi.c, socket_cb is not called because the fd is already in
multi->sockhash, so the new socket is never added to kqueue.

The correct fix is to ensure that socket_cb is called to remove the fd
when trynextip() closes the socket, and again to re-add it after
singleipsocket(). I'm not sure how to cleanly do that, but the attached
patch works around the problem in an admittedly kludgy way by delaying
the close to ensure that the newly-opened socket gets a different fd.

Daniel's added comment: I didn't spot a way to easily do a nicer fix so
I've proceeded with Ben's patch.

Bug: http://curl.haxx.se/bug/view.cgi?id=3017819
Patch by: Ben Darnell

It was broken for URLs like "ftp://example.com/".

It passes the git log output through 'log2changes.pl' to produce
the lot.