                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

                                  Changelog

Version 7.45.0 (7 Oct 2015)

Daniel Stenberg (7 Oct 2015)
- THANKS: 19 new contributors from the 7.45.0 announcement

- RELEASE-NOTES: synced with 69ea57970080

Jay Satiro (4 Oct 2015)
- getinfo: Fix return code for unknown CURLINFO options
  
  - If a CURLINFO option is unknown return CURLE_UNKNOWN_OPTION.
  
  Prior to this change CURLE_BAD_FUNCTION_ARGUMENT was returned on
  unknown. That return value is contradicted by the CURLINFO option
  documentation which specifies a return of CURLE_UNKNOWN_OPTION on
  unknown.

- [rouzier brought this change]

  hiperfifo: fix the pointer passed to WRITEDATA
  
  Closes https://github.com/bagder/curl/pull/471

- [Maksim Stsepanenka brought this change]

  tool_setopt: fix c_escape truncated octal
  
  Closes https://github.com/bagder/curl/pull/469

Daniel Stenberg (1 Oct 2015)
- [Orange Tsai brought this change]

  gopher: don't send NUL byte
  
  Closes #466

Jay Satiro (29 Sep 2015)
- runtests: Fix pid check in checkdied
  
  Because the 'not' operator has a very low precedence and as a result the
  entire statement was erroneously negated and could never be true.

Daniel Stenberg (30 Sep 2015)
- [Thorsten Schöning brought this change]

  win32: make recent Borland compilers use long long

- RELEASE-NOTES: synced with 69b89050d4

Jay Satiro (28 Sep 2015)
- [Michael Kalinin brought this change]

  openssl: Fix algorithm init
  
  - Change algorithm init to happen after OpenSSL config load.
  
  Additional algorithms may be available due to the user's config so we
  initialize the algorithms after the user's config is loaded.
  
  Bug: https://github.com/bagder/curl/issues/447
  Reported-by: Denis Feklushkin

- [Svyatoslav Mishyn brought this change]

  docs: fix unescaped '\n' in man pages
  
  Closes https://github.com/bagder/curl/pull/459

Daniel Stenberg (27 Sep 2015)
- http2: set TCP_NODELAY unconditionally
  
  For a single-stream download from localhost, we managed to increase
  transfer speed from 1.6MB/sec to around 400MB/sec, mostly because of
  this single fix.

- http2: avoid superfluous Curl_expire() calls
  
  ... only call it when there is data arriving for another handle than the
  one that is currently driving it.
  
  Improves single-stream download performance quite a lot.
  
  Thanks-to: Tatsuhiro Tsujikawa
  Bug: http://curl.haxx.se/mail/lib-2015-09/0097.html

- readwrite_data: set a max number of loops
  
  ... as otherwise a really fast pipe can "lock" one transfer for some
  protocols, like with HTTP/2.

- [Sergei Nikulov brought this change]

  CI: Added AppVeyor-CI for curl
  
  Closes #439

- FTP: fix uploading ASCII with unknown size
  
  ... don't try to increase the supposed file size on newlines if we don't
  know what file size it is!
  
  Patch-by: lzsiga

- [Tatsuhiro Tsujikawa brought this change]

  build: fix failures with -Wcast-align and -Werror
  
  Closes #457

- [Tatsuhiro Tsujikawa brought this change]

  curl-confopts.m4: Add missing ')'
  
  ... for CURL_CHECK_OPTION_RT
  
  Closes #456

Jay Satiro (25 Sep 2015)
- curl_easy_getinfo.3: Add brief description for each CURLINFO

Daniel Stenberg (23 Sep 2015)
- [Jakub Zakrzewski brought this change]

  CMake: Ensure discovered include dirs are considered
  
  ...during header checks. Otherwise some following header tests
  (incorrectly) fail.
  
  Closes #436

- [Jakub Zakrzewski brought this change]

  CMake: Put "winsock2.h" before "windows.h" during configure checks
  
  "windows.h" includes "winsock.h" what causes many redefinition errors
  if "winsock2.h" is included afterwards and can cause build to fail.

- tests: disable 1510 due to CI-problems on github

- [Mike Crowe brought this change]

  gnutls: Report actual GnuTLS error message for certificate errors
  
  If GnuTLS fails to read the certificate then include whatever reason it
  provides in the failure message reported to the client.
  
  Signed-off-by: Mike Crowe <mac@mcrowe.com>

- RELEASE-NOTES: synced with 6b56901b56e

- [Mike Crowe brought this change]

  gnutls: Support CURLOPT_KEYPASSWD
  
  The gnutls vtls back-end was previously ignoring any password set via
  CURLOPT_KEYPASSWD. Presumably this was because
  gnutls_certificate_set_x509_key_file did not support encrypted keys.
  
  gnutls now has a gnutls_certificate_set_x509_key_file2 function that
  does support encrypted keys. Let's determine at compile time whether the
  available gnutls supports this new function. If it does then use it to
  pass the password. If it does not then emit a helpful diagnostic if a
  password is set. This is preferable to the previous behaviour of just
  failing to read the certificate without giving a reason in that case.
  
  Signed-off-by: Mike Crowe <mac@mcrowe.com>

- CURLINFO_TLS_SESSION: always return backend info
  
  ... even for those that don't support providing anything in the
  'internals' struct member since it offers a convenient way for
  applications to figure this out.

- [Daniel Hwang brought this change]

  tool: remove redundant libcurl check
  
  The easysrc generation is run only when --libcurl is initialized.
  
  Ref: https://github.com/bagder/curl/issues/429
  
  Closes #448

- [Richard van den Berg brought this change]

  CURLOPT_PROXY.3: A proxy given as env variable gets no special treatment
  
  Closes #449

- TODO: 5.7 More compressions
  
  Like for example brotli, as being implemented in Firefox now.

Jay Satiro (21 Sep 2015)
- tool_operate: Don't call easysrc cleanup unless --libcurl
  
  - Review of 4d95491.
  
  The author changed it so easysrc only initializes when --libcurl but did
  not do the same for the call to easysrc cleanup.
  
  Ref: https://github.com/bagder/curl/issues/429

Daniel Stenberg (20 Sep 2015)
- [Viktor Szakats brought this change]

  CURLOPT_PINNEDPUBLICKEY.3: replace test.com with example.com
  
  closes #443

- KNOWN_BUGS: 91 "curl_easy_perform hangs with imap and PolarSSL"
  
  Closes #334

- KNOWN_BUGS: add link to #85

- tests: disable 1801 until fixed
  
  It is unreliable and causes CI problems on github
  
  Closes #380

- RELEASE-NOTES: synced with 4d95491636ee

- [Daniel Lee Hwang brought this change]

  tool: generate easysrc only on --libcurl
  
  Code should only be generated when --libcurl is used.
  
  Bug: https://github.com/bagder/curl/issues/429
  Reported-by: @greafhe, Jay Satiro
  
  Closes #429
  Closes #442

Jay Satiro (19 Sep 2015)
- vtls: Change designator name for server's pubkey hash
  
  - Change the designator name we use to show the base64 encoded sha256
  hash of the server's public key from 'pinnedpubkey' to
  'public key hash'.
  
  Though the server's public key hash is only shown when comparing pinned
  public key hashes, the server's hash may not match one of the pinned.

Daniel Stenberg (19 Sep 2015)
- [Isaac Boukris brought this change]

  NTLM: Reset auth-done when using a fresh connection
  
  With NTLM a new connection will always require authentication.
  Fixes #435

- [Daniel Hwang brought this change]

  ssl: add server cert's "sha256//" hash to verbose
  
  Add a "pinnedpubkey" section to the "Server Certificate" verbose
  
  Bug: https://github.com/bagder/curl/issues/410
  Reported-by: W. Mark Kubacki
  
  Closes #430
  Closes #410

- [Jakub Zakrzewski brought this change]

  openldap: only part of LDAP query results received
  
  Introduced with commit 65d141e6da5c6003a1592bbc87ee550b0ad75c2f
  
  Closes #440

- [Alessandro Ghedini brought this change]

  openssl: don't output certinfo data

- [Alessandro Ghedini brought this change]

  openssl: refactor certificate parsing to use OpenSSL memory BIO
  
  Fixes #427

Kamil Dudka (18 Sep 2015)
- nss: prevent NSS from incorrectly re-using a session
  
  Without this workaround, NSS re-uses a session cache entry despite the
  server name does not match.  This causes SNI host name to differ from
  the actual host name.  Consequently, certain servers (e.g. github.com)
  respond by 400 to such requests.
  
  Bug: https://bugzilla.mozilla.org/1202264

- nss: check return values of NSS functions

Daniel Stenberg (17 Sep 2015)
- CURLOPT_PINNEDPUBLICKEY.3: mention error code

- openssl: build with < 0.9.8
  
  ... without sha256 support and no define saying so.
  
  Reported-by: Rajkumar Mandal

- libcurl-errors.3: add two missing error codes
  
  CURLE_SSL_PINNEDPUBKEYNOTMATCH and CURLE_SSL_INVALIDCERTSTATUS

Jay Satiro (14 Sep 2015)
- CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example
  
  - Show how a certificate can be obtained using OpenSSL.
  
  Bug: https://github.com/bagder/curl/pull/430
  Reported-by: Daniel Hwang

Daniel Stenberg (13 Sep 2015)
- http2: removed unused function

- CURLINFO_ACTIVESOCKET.3: mention it replaces *LASTSOCKET

- opts: add CURLINFO_* man pages to dist

- opts: 19 more CURLINFO_* options made into stand-alone man pages

- RELEASE-NOTES: synced with fad9604613

- curl: customrequest_helper: deal with NULL custom method

- [Svyatoslav Mishyn brought this change]

  CURLOPT_FNMATCH_FUNCTION.3: fix typo
  
  s => is
  
  Closes #428

- curl: point out unnecessary uses of -X in verbose mode
  
  It uses 'Note:' as a prefix as opposed to the common 'Warning:' to take
  down the tone a bit.
  
  It adds a warning for using -XHEAD on other methods becasue that may
  lead to a hanging connection.

Jay Satiro (10 Sep 2015)
- curl_sspi: fix possibly undefined CRYPT_E_REVOKED
  
  Bug: https://github.com/bagder/curl/pull/411
  Reported-by: Viktor Szakats

- buildconf.bat: fix syntax error

- [Benjamin Kircher brought this change]

  winbuild: run buildconf.bat if necessary

- [Svyatoslav Mishyn brought this change]

  docs: fix argument type for CURLINFO_SPEED_*, CURLINFO_SIZE_*
  
  long => double

Daniel Stenberg (8 Sep 2015)
- [Sergei Nikulov brought this change]

  cmake: IPv6 : disable Unix header check on Windows platform
  
  Closes #409

- parse_proxy: reject illegal port numbers
  
  If the port number in the proxy string ended weirdly or the number is
  too large, skip it. Mostly as a means to bail out early if a "bare" IPv6
  numerical address is used without enclosing brackets.
  
  Also mention the bracket requirement for IPv6 numerical addresses to the
  man page for CURLOPT_PROXY.
  
  Closes #415
  
  Reported-by: Marcel Raad

- FTP: do_more: add check for wait_data_conn in upload case
  
  In some timing-dependnt cases when a 4xx response immediately followed
  after a 150 when a STOR was issued, this function would wrongly return
  'complete == true' while 'wait_data_conn' was still set.
  
  Closes #405
  
  Reported-by: Patricia Muscalu

- [Svyatoslav Mishyn brought this change]

  CURLOPT_TLSAUTH_TYPE.3: update description
  
  Closes #414
  Closes #413

- [Svyatoslav Mishyn brought this change]

  CURLOPT_PATH_AS_IS.3: fix typo
  
  leavit => leaveit
  
  closes #412

- [Svyatoslav Mishyn brought this change]

  CURLINFO_SSL_VERIFYRESULT.3: add short description

- [Svyatoslav Mishyn brought this change]

  CURLINFO_SSL_ENGINES.3: add short description

- [Svyatoslav Mishyn brought this change]

  CURLINFO_CONTENT_LENGTH_UPLOAD.3: replace "receive" with "get" for consistency

- [Svyatoslav Mishyn brought this change]

  CURLINFO_REDIRECT_TIME.3: remove redundant '!'

Kamil Dudka (4 Sep 2015)
- Revert "has: generate the curl/has.h header"
  
  This reverts commit a60bde79f9adeb135d5c642a07f0d783fbfbbc25 I have
  pushed by mistake.  Apologies for my incompetent use of the git repo!

- nss: do not directly access SSL_ImplementedCiphers[]
  
  It causes dynamic linking issues at run-time after an update of NSS.
  
  Bug: https://lists.fedoraproject.org/pipermail/devel/2015-September/214117.html

- [Daniel Stenberg brought this change]

  has: generate the curl/has.h header
  
  changed macro name, moved and renamed script to become docs/libcurl/has.pl,
  generate code that is checksrc compliant

Daniel Stenberg (3 Sep 2015)
- gitignore: ignore more generated VC Makefiles

- projects/Windows/.gitignore: ignore generated files for release

- http2: don't pass on Connection: headers
  
  RFC 7540 section 8.1.2.2 states: "An endpoint MUST NOT generate an
  HTTP/2 message containing connection-specific header fields; any message
  containing connection-specific header fields MUST be treated as
  malformed"
  
  Closes #401

- curl.1: update RFC references

- CURLOPT_POSTREDIR.3: update RFC number and section

- CURLOPT_FOLLOWLOCATION.3: mention methods for redirects
  
  and some general cleaning up

- [Marcel Raad brought this change]

  inet_pton.c: Fix MSVC run-time check failure (2)
  
  This fixes another run-time check failure because of a narrowing cast on
  Visual C++.
  
  Closes #408

Jay Satiro (3 Sep 2015)
- docs: Warn about any-domain cookies and multiple transfers
  
  - Warn that cookies without a domain are sent to any domain:
  CURLOPT_COOKIELIST, CURLOPT_COOKIEFILE, --cookie
  
  - Note that imported Set-Cookie cookies without a domain are no longer
  exported:
  CURLINFO_COOKIELIST, CURLOPT_COOKIEJAR, --cookie-jar

Steve Holme (2 Sep 2015)
- tool_sdecls.h: Fixed compilation warning from commit 4a889441d3
  
  tool_sdecls.h:139 warning: comma at end of enumerator list

Daniel Stenberg (2 Sep 2015)
- opts: 8 more CURLINFO* options as stand-alone man pages

- RELEASE-NOTES: synced with c764cb4add1a8

- man-pages: more SEE ALSO links

- opts: more CURLINFO_* options as stand-alone man pages

Steve Holme (31 Aug 2015)
- sasl: Only define Curl_sasl_digest_get_pair() when CRYPTO_AUTH enabled
  
  Introduced in commit 59f3f92ba6 this function is only implemented when
  CURL_DISABLE_CRYPTO_AUTH is not defined. As such we shouldn't define
  the function in the header file either.

- sasl: Updated SPN variables and comments for consistency
  
  In places the "host name" and "realm" variable was referred to as
  "instance" whilst in others it was referred to as "host".

Daniel Stenberg (30 Aug 2015)
- configure: check for HMAC_Update in openssl
  
  Turns out HMAC_Init is now deprecated in openssl master (and I spelled
  HMAC_Init_ex wrong in previous commit)

Steve Holme (30 Aug 2015)
- win32: Use DES_set_odd_parity() from OpenSSL/BoringSSL by default
  
  Set HAVE_DES_SET_ODD_PARITY when using OpenSSL/BoringSSL as native
  Windows builds don't use the autoconf tools.

- des: Fixed compilation warning from commit 613e5022fe
  
  curl_ntlm_core.c:150: warning 'Curl_des_set_odd_parity' undefined;
                        assuming extern returning int

- buildconf.bat: Fixed double blank line in 'curl manual' warning output

- makefiles: Added our standard copyright header
  
  But kept the original author, when they were specified in a comment, as
  the initial copyright holder.

Jay Satiro (29 Aug 2015)
- CURLOPT_FILETIME.3: CURLINFO_FILETIME has its own manpage now

Daniel Stenberg (29 Aug 2015)
- CURLINFO_RESPONSE_CODE.3: added short description

- opts: 7 initial CURLINFO_* options as stand-alone man pages

- [Nikolai Kondrashov brought this change]

  libcurl.m4: Put braces around empty if body
  
  Put braces around empty "if" body in libcurl.m4 check to avoid warning:
  
          suggest braces around empty body in an 'if' statement
  
  and make it work with -Werror builds.
  
  Closes #402

- [Svyatoslav Mishyn brought this change]

  curl_easy_escape.3: escape '\n'
  
  Closes #398

- [Svyatoslav Mishyn brought this change]

  curl_easy_{escape,setopt}.3: fix example
  
  remove redundant '}'

- [Sergei Nikulov brought this change]

  cmake: added Windows SSL support
  
  Closes #399

- curl: point out the conflicting HTTP methods if used
  
  It isn't always clear to the user which options that cause the HTTP
  methods to conflict so by spelling them out it should hopefully be
  easier to understand why curl complains.

- curl: clarify that users can only specify one _METHOD_

- [Svyatoslav Mishyn brought this change]

  curl_easy_{escape,unescape}.3: "char *" vs. "const char *"
  
  Closes #395

Patrick Monnerat (24 Aug 2015)
- os400: include new options in wrappers and update ILE/RPG binding.

Daniel Stenberg (24 Aug 2015)
- KNOWN_BUGS: #2, not reading a HEAD response-body is not a bug
  
  ... since HTTP is forbidden to return any such.

- KNOWN_BUGS: #78 zero-length files is already fixed!

- [Razvan Cojocaru brought this change]

  getinfo: added CURLINFO_ACTIVESOCKET
  
  This patch addresses known bug #76, where on 64-bit Windows SOCKET is 64
  bits wide, but long is only 32, making CURLINFO_LASTSOCKET unreliable.
  
  Signed-off-by: Razvan Cojocaru <rcojocaru@bitdefender.com>

- http2: remove dead code
  
  Leftovers from when we removed the private socket hash.
  
  Coverity CID 1317365, "Logically dead code"

- ntlm: mark deliberate switch case fall-through
  
  Coverity CID 1317367, "Missing break in switch"

- http2: on_frame_recv: get a proper 'conn' for the debug logging
  
  "Explicit null dereferenced (FORWARD_NULL)"
  
  Coverity CID 1317366

- RELEASE-NOTES: synced with 2acaf3c804

Dan Fandrich (23 Aug 2015)
- tool: fix memory leak with --proto-default option

Jay Satiro (22 Aug 2015)
- [Nathaniel Waisbrot brought this change]

  CURLOPT_DEFAULT_PROTOCOL: added
  
  - Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default
  protocol for schemeless URLs.
  
  - Add new tool option --proto-default to expose
  CURLOPT_DEFAULT_PROTOCOL.
  
  In the case of schemeless URLs libcurl will behave in this way:
  
  When the option is used libcurl will use the supplied default.
  
  When the option is not used, libcurl will follow its usual plan of
  guessing from the hostname and falling back to 'http'.

- runtests: Allow for spaces in server-verify curl custom path

Daniel Stenberg (22 Aug 2015)
- NTLM: recent boringssl brought DES_set_odd_parity back
  
  ... so improve the #ifdefs for using our local implementation.

- configure: detect latest boringssl
  
  Since boringssl brought back DES_set_odd_parity again, it cannot be used
  to differentiate from boringssl. Using the OPENSSL_IS_BORINGSSL define
  seems better anyway.
  
  URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/
  Original-patch-by: Bertrand Simonnet
  
  Closes #393

- configure: change functions to detect openssl (clones)
  
  ... since boringssl moved the former ones and the check started to fail.
  
  URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/
  Original-patch-by: Bertrand Simonnet

- [Alessandro Ghedini brought this change]

  openssl: handle lack of server cert when strict checking disabled
  
  If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER
  and CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server
  doesn't present a certificate at all.
  
  Closes #392

- ftp: clear the do_more bit when the server has connected
  
  The multi state machine would otherwise go into the DO_MORE state after
  DO, even for the case when the FTP state machine had already performed
  those duties, which caused libcurl to get stuck in that state and fail
  miserably. This occured for for active ftp uploads.
  
  Reported-by: Patricia Muscalu

- [Jactry Zeng brought this change]

  travis.yml: Add OS X testbot.

- [Rémy Léone brought this change]

  travis: Upgrading to container based build
  
  http://docs.travis-ci.com/user/migrating-from-legacy
  
  Closes #388

- RELEASE-NOTES: synced with 14ff86256b13e

- [Erik Janssen brought this change]

  rtsp: stop reading empty DESCRIBE responses
  
  Based-on-patch-by: Jim Hollinger

- [Erik Janssen brought this change]

  rtsp: support basic/digest authentication

- [Sam Roth brought this change]

  CURLMOPT_PUSHFUNCTION.3: fix argument types
  
  Closes #389
  Closes #386

- [Marcel Raad brought this change]

  inet_pton.c: Fix MSVC run-time check failure
  
  Visual Studio complains with a message box:
  
  "Run-Time Check Failure #1 - A cast to a smaller data type has caused a
  loss of data.  If this was intentional, you should mask the source of
  the cast with the appropriate bitmask.
  
  For example:
  char c = (i & 0xFF);
  
  Changing the code in this way will not affect the quality of the
  resulting optimized code."
  
  This is because only 'val' is cast to unsigned char, so the "& 0xff" has
  no effect.
  
  Closes #387

Jay Satiro (18 Aug 2015)
- docs: Update the redirect protocols disabled by default
  
  - Clarify that FILE and SCP are disabled by default since 7.19.4
  - Add that SMB and SMBS are disabled by default since 7.40.0
  - Add CURLPROTO_SMBS to the list of protocols

- gitignore: Sort for readability
  
  find . -name .gitignore -print0 | xargs -i -0 sort -o '{}' '{}'

Daniel Stenberg (15 Aug 2015)
- curl_easy_getinfo.3: fix superfluous space
  
  ... and changed "oriented" to "related"
  
  Closes #378

- CURLOPT_HTTP_VERSION.3: connection re-use goes before version

- [Daniel Kahn Gillmor brought this change]

  curl.1: Document weaknesses in SSLv2 and SSLv3
  
  Acknowledge that SSLv3 is also widely considered to be insecure.
  
  Also, provide references for people who want to know more about why it's
  insecure.

Steve Holme (14 Aug 2015)
- generate.bat: Added support for generating only the prerequisite files

- generate.bat: Only call buildconf.bat if it exists

- generate.bat: Fixed issues when ran in directories with special chars

Daniel Stenberg (14 Aug 2015)
- [Brad King brought this change]

  cmake: Fix CurlTests check for gethostbyname_r with 5 arguments
  
  Fix the check code to pass 5 arguments instead of 6.  This typo was
  introduced by commit aebfd4cfbf (cmake: fix gethostby{addr,name}_r in
  CurlTests, 2014-10-31).

Steve Holme (14 Aug 2015)
- * buildconf.bat: Fixed issues when ran in directories with special chars
  
  Bug: https://github.com/bagder/curl/pull/379
  Reported-by: Daniel Seither

Jay Satiro (13 Aug 2015)
- curl_global_init_mem.3: Stronger thread safety warning
  
  Bug: http://curl.haxx.se/mail/lib-2015-08/0016.html
  Reported-by: Eric Ridge

Daniel Stenberg (12 Aug 2015)
- [Svyatoslav Mishyn brought this change]

  curl_multi_add_handle.3: fix a typo
  
  "can not" => "cannot"
  
  closes #377

- [Alessandro Ghedini brought this change]

  docs: fix typos
  
  closes #376

- bump: start working toward 7.45.0

- THANKS: remove duplicate name

- THANKS-filter: merge Todd's names

- THANKS: 13 new contributors from the 7.44.0 RELEASE-NOTES

Version 7.44.0 (11 Aug 2015)

Daniel Stenberg (11 Aug 2015)
- RELEASE-NOTES: synced with c75a1e775061

- [Svyatoslav Mishyn brought this change]

  curl_formget.3: correct return code
  
  Closes #375

- [Svyatoslav Mishyn brought this change]

  libcurl-tutorial.3: fix formatting
  
  Closes #374

- [Svyatoslav Mishyn brought this change]

  curl_easy_recv.3: fix formatting

- [Anders Bakken brought this change]

  http2: discard frames with no SessionHandle
  
  Return 0 instead of NGHTTP2_ERR_CALLBACK_FAILURE if we can't locate the
  SessionHandle. Apparently mod_h2 will sometimes send a frame for a
  stream_id we're finished with.
  
  Use nghttp2_session_get_stream_user_data and
  nghttp2_session_set_stream_user_data to identify SessionHandles instead
  of a hash.
  
  Closes #372

- RELEASE-NOTES: synced with 9ee40ce2aba

- [Viktor Szakats brought this change]

  build: refer to fixed libidn versions
  
  closes #371

- Revert "configure: disable libidn by default"
  
  This reverts commit e6749055d65398315fd77f5b5b8234c5552ac2d3.
  
  ... since libidn has since been fixed.

- [Jakub Zakrzewski brought this change]

  CMake: s/HAVE_GSS_API/HAVE_GSSAPI/ to match header define
  
  Otherwise the build only pretended to use GSS-API
  
  Closes #370

- SFTP: fix range request off-by-one in size check
  
  Reported-by: Tim Stack
  
  Closes #359

- test46: update cookie expire time
  
  ... since it went old and thus was expired and caused the test to fail!

Steve Holme (9 Aug 2015)
- generate.bat: Use buildconf.bat for prerequisite file generation

- buildconf.bat: Tidy up of comments after recent commits

- buildconf.bat: Added full generation of src\tool_hugehelp.c
  
  Added support for generating the full man page based on code from
  generate.bat.

- buildconf.bat: Added detection of groff, nroff, perl and gzip
  
  To allow for the full generation of tool_hugehelp.c added detection of
  the required programs - based on code from generate.bat.

- buildconf.bat: Move DOS variable clean-up code to separate function
  
  Rather than duplicate future variables, during clean-up of both success
  and error conditions, use a common function that can be called by both.

- RELEASE-NOTES: Synced with 39dcf352d2

- buildconf.bat: Added error messages on failure

- buildconf.bat: Generate and clean files in the same order

- buildconf.bat: Maintain compatibility with DOS based systems
  
  Commit f08e30d7bc broke compatibility with DOS and non Windows NT based
  versions of Windows due to the use of the setlocal command.

Jay Satiro (9 Aug 2015)
- CURLOPT_RESOLVE.3: Note removal support was added in 7.42
  
  Bug: http://curl.haxx.se/mail/lib-2015-08/0019.html
  Reported-by: Inca R

Steve Holme (8 Aug 2015)
- checksrc.bat: Fixed error when missing *.c and *.h files
  
  File Not Found

- checksrc.bat: Fixed incorrect 'lib\vtls' path check in commit 333c36b276

- checksrc.bat: Fixed error when [directory] isn't a curl source directory
  
  The system cannot find the file specified.

- checksrc.bat: Added check for unknown arguments

- scripts: Added missing comments

- scripts: Always perform setlocal and endlocal calls in pairs
  
  Ensure that there isn't a mismatch between setlocal and endlocal calls,
  which could have happened due to setlocal being called after certain
  error conditions were checked for.

- scripts: Allow -help to be specified in any argument
  
  Allow the -help command line argument to be specified in any argument
  and not just as the first.

Daniel Stenberg (6 Aug 2015)
- [juef brought this change]

  curl_multi_remove_handle.3: fix formatting
  
  closes #366

Steve Holme (6 Aug 2015)
- README: Added notes about 'Running DLL based configurations'
  
  ...as well as a TODO for a future enhancement to the project files.
  
  Thanks-to: Jay Satiro

- RELEASE-NOTES: Synced with cf8975387f

- buildconf.bat: Synchronise no repository error with generate.bat

- generate.bat: Added a check for the presence of a git repository

- [Jay Satiro brought this change]

  build: Added wolfSSL configurations to VC10+ project files
  
  URL: https://github.com/bagder/curl/pull/174

- [Jay Satiro brought this change]

  build: Added wolfSSL build script for Visual Studio projects
  
  Added the wolfSSL build script, based on build-openssl.bat, as well as
  the property sheet and header file required for the upcoming additions
  to the Visual Studio project files.

Daniel Stenberg (6 Aug 2015)
- CHANGES: refer to the online changelog
  
  Suggested-by: mc0e

- [Isaac Boukris brought this change]

