(http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
Black identifying several FTP-SSL test cases fail when we build libcurl with
NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS.

(http://curl.haxx.se/bug/view.cgi?id=1724016) noticing that downloading
glob-ranges for TFTP was broken in CVS.

peer's name in the SSL certificate when built for OpenSSL. The leak happens
for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN
name from UTF8.

counted in seconds...

bug report #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the
transfer-related info "variables" were indeed overwritten with zeroes wrongly
and have now been adjusted. The upload size still isn't accurate.

code for timeouts less than fice seconds, and also provided a fix for it.

memdebug log file after every line and avoid losing the last few log
entries if curl crashes.

case 614.
Allow SFTP quote commands chmod, chown, chgrp to set a value of 0.

sftp didn't truncate it first, which would corrupt the file if the new
file was shorter than the old.

because I just made SCP uploads return this value if the file size of
the upload file isn't given with CURLOPT_INFILESIZE*. Docs updated to
reflect this news, and a define for the old name was added to the public
header file.

cache grow a bit too much, beyond the normal 4 * easy_handles.

when CURLOPT_HTTP200ALIASES is used to avoid the problem mentioned below is
not very nice if the client wants to be able to use _either_ a HTTP 1.1
server or one within the aliases list... so starting now, libcurl will
simply consider 200-alias matches the to be HTTP 1.0 compliant.

libcurls, which turned out to be the 25-nov-2006 change which treats HTTP
responses without Content-Length or chunked encoding as without bodies. We
now added the conditional that the above mentioned response is only without
body if the response is HTTP 1.1.

  when CURLM_CALL_MULTI_PERFORM is returned from curl_multi_socket*/perform,
  to make applications using only curl_multi_socket() to properly function
  when adding easy handles "on the fly". Bug report and test app provided by
  Michael Wallner.

since it then inits libgcrypt and libgcrypt is being evil and EXITS the
application if it fails to get a fine random seed. That's really not a nice
thing to do by a library.

been removed from a multi handle, and then fixed another flaw that prevented
curl_easy_duphandle() to work even after the first fix - the handle was
still marked as using the multi interface.

since it easy-handle related and not connection-related.

moves and re-arranges how range/resume is setup and freed.

was 16385 bytes (16K+1) and it turned out we didn't properly always "suck
out" all data from libssh2. The effect being that libcurl would hang on the
socket waiting for data when libssh2 had in fact already read it all...

the CURLOPT_RESUME_FROM or CURLOPT_RANGE options and an existing connection
in the connection cache is closed to make room for the new one when you call
curl_easy_perform(). It would then wrongly free range-related data in the
connection close funtion.

can/will be used as it then makes the common cases save 16KB of data for each
easy handle that isn't used for pipelining.

using custom timeout values.

identifying a double-free problem in the SSL-dealing layer, telling GnuTLS to
free NULL credentials on closedown after a failure and a bad #ifdef for NSS
when closing down SSL.

survive getting called twice

'pending_ms' may be used uninitialized in this function

  Curl_socket_ready(), Curl_poll() and Curl_select() when these are called
  with a zero timeout or a timeout value indicating a blocking call should
  be performed.

  These unnecessary calls to gettimeofday() got introduced in 7.16.2 when
  fixing 'timeout would restart when signal caught while awaiting socket
  events' on 20 March 2007.

- Move some loop breaking logic from the while clause into the loop,
  avoiding compiler warning 'assignment within conditional expression'