Closes #2069

... to make url.c smaller.

Closes #1944

Ensure HAVE_SETMODE is set to 1 on OSes that have setmode. Without this,
curl will corrupt binary files when writing them to stdout on Windows.

Closes https://github.com/curl/curl/pull/2067

CID 984459, detected by Coverity

Update CMakeLists.txt to add curl.rc to the correct list.

The --interface command (CURLOPT_INTERFACE option) already uses
SO_BINDTODEVICE on Linux, but it tries to parse it as an interface or IP
address first, which fails in case the user passes a VRF.

Try to use the socket option immediately and parse it as a fallback
instead.  Update the documentation to mention this feature, and that it
requires the binary to be ran by root or with CAP_NET_RAW capabilities
for this to work.

Closes #2024

Closes #2043

As documented in RFC 3501 section 9:
https://tools.ietf.org/html/rfc3501#section-9

Closes #2061

... previously it would store it already in the happy eyeballs stage
which could lead to the IPv6 bit being set for an IPv4 connection,
leading to curl not wanting to do EPSV=>PASV for FTP transfers.

Closes #2053

... even when there's no socket to wait for, the timeout can still be
very short.

- Don't call zlib's inflate() when avail_in stream bytes is 0.

This is a follow up to the parent commit 19e66e53. Prior to that change
libcurl's inflate_stream could call zlib's inflate even when no bytes
were available, causing inflate to return Z_BUF_ERROR, and then
inflate_stream would treat that as a hard error and return
CURLE_BAD_CONTENT_ENCODING.

According to the zlib FAQ, Z_BUF_ERROR is not fatal.

This bug would happen randomly since packet sizes are arbitrary. A test
of 10,000 transfers had 55 fail (ie 0.55%).

Ref: https://zlib.net/zlib_faq.html#faq05

Closes https://github.com/curl/curl/pull/2060

There was a duplicate check for backslashes in the setcharset()
function.

Coverity CID 1420611

Since 'conn' won't be NULL in there and we also access the pointer in
there without the check.

Coverity CID 1420610

Ref cc1f4436

It adds the ability to link against static brotli libs.

Also fix brotli include path.

This uses the brotli external library (https://github.com/google/brotli).
Brotli becomes a feature: additional curl_version_info() bit and
structure fields are provided for it and CURLVERSION_NOW bumped.

Tests 314 and 315 check Brotli content unencoding with correct and
erroneous data.

Some tests are updated to accomodate with the now configuration dependent
parameters of the Accept-Encoding header.

This is implemented as an output streaming stack of unencoders, the last
calling the client write procedure.

New test 230 checks this feature.

Bug: https://github.com/curl/curl/pull/2002
Reported-By: Daniel Bankhead

Since CURLSSH_AUTH_ANY (aka CURLSSH_AUTH_DEFAULT) is ~0 an arg value
check on this option is incorrect; we have to accept any value.

Prior to this change since f121575c (7.56.1+) CURLOPT_SSH_AUTH_TYPES
erroneously rejected CURLSSH_AUTH_ANY with CURLE_BAD_FUNCTION_ARGUMENT.

Bug: https://github.com/curl/curl/commit/f121575#commitcomment-25347120

It triggers an assert() when built with memdebug since malloc(0) may
return NULL *or* a valid pointer.

Detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4054

Assisted-by: Max Dymond
Closes #2054

By properly keeping track of the last entry in the list of URLs/uploads
to handle, curl now avoids many meaningless traverses of the list which
speeds up many-URL handling *MASSIVELY* (several magnitudes on 100K
URLs).

Added test 1291, to verify that it doesn't take ages - but we don't have
any detection of "too slow" command in the test suite.

Reported-by: arainchik on github
Fixes #1959
Closes #2052

Assisted-by: Per Lundberg
Fixes #2044
Closes #2046
Closes #2048

Regression since f121575c

Reported-by: Petr Voytsik
Fixes #2047

Prior to this change since f121575c (7.56.1+) CURLOPT_DNS_CACHE_TIMEOUT
erroneously rejected -1 with CURLE_BAD_FUNCTION_ARGUMENT.

This caused the torture tests on test 1800 to fail.

Test cleanup after OOM wasn't being consistently performed.

... which is valid according to documentation. Regression since
f121575c.

Verified now in test 501.

Reported-by: cbartl on github
Fixes #2038
Closes #2039

.. also add same arg value check to CURLOPT_POSTFIELDSIZE_LARGE.

Prior to this change since f121575c (7.56.1+) CURLOPT_POSTFIELDSIZE
erroneously rejected -1 value with CURLE_BAD_FUNCTION_ARGUMENT.

Bug: https://curl.haxx.se/mail/lib-2017-11/0000.html
Reported-by: Andrew Lambert

... when expiring old cookies.

Reported-by: Pavel Gushchin
Fixes #2032
Closes #2035

This avoids build errors and warnings caused by implicit casts.

Closes https://github.com/curl/curl/pull/2031

Do not generate line with the current date, such as:

* Generation time: Tue Oct-24 18:01:41 2017

This will improve reproducibility. The generated string is only
part of a comment, so there should be no adverse consequences.

Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>

closes #2026