* Added description to Curl_sspi_free_identity()
* Added parameter and return explanations to Curl_sspi_global_init()
* Added parameter explaination to Curl_sspi_global_cleanup()

Missed from commit 8356022d.

...and discuss a possible solution.

CURLDEBUG is for the memory debugging

DEBUGBUILD is for the extra debug stuff

Pointed-out-by: Steve Holme

darwinssl: add documentation stating that the --cainfo option is intended for backward compatibility only

In other news, I changed one other reference to "Mac OS X" in the documentation (that I previously wrote) to say "macOS" instead.

Follow-up to c3e906e9, seems like a more appropriate error code

Suggested-by: Jay Satiro

Fixes #986

With HTTP/2 each transfer is made in an indivial logical stream over the
connection, making most previous errors that caused the connection to get
forced-closed now instead just kill the stream and not the connection.

Fixes #941

... instead of if() before the switch(), add a default to the switch so
that the compilers don't warn on "warning: enumeration value
'PLATFORM_DONT_CARE' not handled in switch" anymore.

- Disable ALPN on Wine.

- Don't pass input secbuffer when ALPN is disabled.

When ALPN support was added a change was made to pass an input secbuffer
to initialize the context. When ALPN is enabled the buffer contains the
ALPN information, and when it's disabled the buffer is empty. In either
case this input buffer caused problems with Wine and connections would
not complete.

Bug: https://github.com/curl/curl/issues/983
Reported-by: Christian Fillion

Serialise the call to PK11_FindSlotByName() to avoid spurious errors in
a multi-threaded environment. The underlying cause is a race condition
in nssSlot_IsTokenPresent().

Bug: https://bugzilla.mozilla.org/1297397

Closes #985

... when we are not asked to use a certificate from file

- unknown protocols probably won't send more headers (e.g. WebSocket)
- improved comments and moved them to the correct case statements

Closes #899

synced with OpenSSL git master commit cc06906707

... instead of relying on the pkg-config autoconf macros to be present.

Fixes #972 (again...)

.. also remove same from scp

When we're uploading using FTP and the server issues a tiny pause
between opening the connection to the client's secondary socket, the
client's initial poll() times out, which leads to second poll() which
does not wait for POLLIN on the secondary socket. So that poll() also
has to time out, creating a long (200ms) pause.

This patch adds the correct flag to the secondary socket, making the
second poll() correctly wait for the connection there too.

Signed-off-by: Ales Novak <alnovak@suse.cz>

Closes #978

With commit c2f9b78a we added a new dependency on pkg-config for
developers which may be unwanted. This change make the configure script
still work as before if pkg-config isn't installed, it'll just use the
old zlib detection logic without pkg-config.

Reported-by: Marc Hörsken

Fixes #972

This reverts commit 9cb1059f.

As discussed in #835 SOCKS5 supports IPv6 proxies and destinations.

Closes #820

Only choose the GSSAPI authentication mechanism when the user name
contains a Windows domain name or the user is a valid UPN.

Fixes #718

Completing commit 00417fd6 and 2708d425.

From commit 2708d425.

Instead of displaying the requested hostname the one returned
by the SOCKS5 proxy server is used in case of connection error.
The requested hostname is displayed earlier in the connection sequence.

The upper-value of the port is moved to a temporary variable and
replaced with a 0-byte to make sure the hostname is 0-terminated.

As of 7.25.0 and commit 54300072.

Replace custom string formatting with Curl_printable_address.
Add additional debug and error output in case of failures.

Calling sscanf is not required since the raw IPv4 address is
available and the protocol can be detected using ai_family.

Made by Visual Studio's auto-correct feature and missed by me in my own
code reviews!

Hooked up the HTTP authentication layer to query the new 'is mechanism
supported' functions when deciding what mechanism to use.

As per commit 00417fd6 existing functionality is maintained for now.