Changes in 7.35.0 - January 29 2014

Changes:

• imap/pop3/smtp: Added support for SASL authentication downgrades
• imap/pop3/smtp: Extended the login options to support multiple auth mechanisms
• TheArtOfHttpScripting: major update, converted layout and more
• mprintf: Added support for I, I32 and I64 size specifiers
• makefile: Added support for VC7, VC11 and VC12

Bugfixes:

• SECURITY ADVISORY: re-use of wrong HTTP NTLM connection
• curl_easy_setopt: Fixed OAuth 2.0 Bearer option name
• pop3: Fixed APOP being determined by CAPA response rather than by timestamp
• Curl_pp_readresp: zero terminate line
• FILE: don't wait due to CURLOPT_MAX_RECV_SPEED_LARGE
• docs: mention CURLOPT_MAX_RECV/SEND_SPEED_LARGE don't work for FILE://
• pop3: Fixed auth preference not being honored when CAPA not supported
• imap: Fixed auth preference not being honored when CAPABILITY not supported
• threaded resolver: Use pthread_t * for curl_thread_t
• FILE: we don't support paused transfers using this protocol
• connect: Try all addresses in first connection attempt
• curl_easy_setopt.3: Added SMTP information to CURLOPT_INFILESIZE_LARGE
• OpenSSL: Fix forcing SSLv3 connections
• openssl: allow explicit sslv2 selection
• FTP parselist: fix "total" parser
• conncache: fix possible dereference of null pointer
• multi.c: fix possible dereference of null pointer
• mk-ca-bundle: introduces -d and warns about using this script
• ConnectionExists: fix NTLM check for new connection
• trynextip: fix build for non-IPV6 capable systems
• Curl_updateconninfo: don't do anything for UDP "connections"
• darwinssl: un-break Leopard build after PKCS#12 change
• threaded-resolver: never use NULL hints with getaddrinf
• multi_socket: remind app if timeout didn't run
• OpenSSL: deselect weak ciphers by default
• error message: Sensible message on timeout when transfer size unknown
• curl_easy_setopt.3: mention how to unset CURLOPT_INFILESIZE*
• win32: Fixed use of deprecated function 'GetVersionInfoEx' for VC12
• configure: fix gssapi linking on HP-UX
• chunked-parser: abort on overflows, allow 64 bit chunks
• chunked parsing: relax the CR strictness
• cookie: max-age fixes
• progress bar: always update when at 100%
• progress bar: increase update frequency to 10Hz
• tool: Fixed incorrect return code if command line parser runs out of memory
• tool: Fixed incorrect return code if password prompting runs out of memory
• HTTP POST: omit Content-Length if data size is unknown
• GnuTLS: disable insecure ciphers
• GnuTLS: honor --slv2 and the --tlsv1[.N] switches
• multi: Fixed a memory leak on OOM condition
• netrc: Fixed a memory and file descriptor leak on OOM
• getpass: fix password parsing from console
• TFTP: fix crash on time-out
• hostip: don't remove DNS entries that are in use
• tests: lots of tests fixed to pass the OOM torture tests

Further