Changes in 7.41.0 - February 25 2015

Changes:

• NetWare build: added TLS-SRP enabled build
• winbuild: Added option to build with c-ares
• Added --cert-status
• Added CURLOPT_SSL_VERIFYSTATUS
• sasl: implement EXTERNAL authentication mechanism

Bugfixes:

• sasl_gssapi: Fixed build on NetBSD with built-in GSS-API
• FTP: fix IPv6 host using link-local address
• FTP: if EPSV fails on IPV6 connections, bail out
• gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitions
• NSS: fix compiler error when built http2-enabled
• mingw build: allow to pass custom CFLAGS
• add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS
• curl_schannel.c: mark session as removed from cache if not freed
• Curl_pretransfer: reset expected transfer sizes
• curl.h: remove extra space
• curl_endian: Fixed build when 64-bit integers are not supported
• checksrc.bat: Better detection of Perl installation
• build-openssl.bat: Added check for Perl installation
• http_negotiate: Return CURLcode in Curl_input_negotiate() instead of int
• http_negotiate: Added empty decoded challenge message info text
• vtls: Removed unimplemented overrides of curlssl_close_all()
• sasl_gssapi: Fixed memory leak with local SPN variable
• http_negotiate: Use dynamic buffer for SPN generation
• ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP
• openssl: do public key pinning check independently
• timeval: typecast for better type (on Amiga)
• ipv6: enclose AF_INET6 uses with proper #ifdefs for ipv6
• SASL: common URL option and auth capabilities decoders for all protocols
• BoringSSL: fix build
• BoringSSL: detected by configure, switches off NTLM
• openvms: Handle openssl/0.8.9zb version parsing
• configure: detect libresssl
• configure: remove detection of the old yassl emulation API
• curl_setup: Disable SMB/CIFS support when HTTP only
• imap: remove automatic password setting: it breaks external sasl authentication
• sasl: remove XOAUTH2 from default enabled authentication mechanism
• runtests: identify BoringSSL and libressl
• security: avoid compiler warning
• ldap: build with BoringSSL
• des: Added Curl_des_set_odd_parity()
• CURLOPT_SEEKFUNCTION.3: also when server closes a connection
• CURLOPT_HTTP_VERSION.3: CURL_HTTP_VERSION_2_0 added in 7.33.0
• build: Removed unused Visual Studio bscmake settings
• build: Enabled DEBUGBUILD in Visual Studio debug builds
• build: Renamed top level Visual Studio solution files
• build: Removed Visual Studio SuppressStartupBanner directive for VC8+
• libcurl-symbols: first basic shot for autogenerated docs
• Makefile.am: fix 'make distcheck'
• getpass_r: read from stdin, not stdout!
• getpass: protect include with proper #ifdef
• opts: CURLOPT_CAINFO availability depends on SSL engine
• more cleanup of 'CURLcode result' return code
• MD4: replace implementation
• MD5: replace implementation
• openssl: SSL_SESSION->ssl_version no longer exist
• md5: use axTLS's own MD5 functions when available
• schannel: Removed curl_ prefix from source files
• curl.1: add warning when using -H and redirects
• curl.1: clarify that -X is used for all requests
• gskit: Fix exclusive SSLv3 option
• polarssl: Fix exclusive SSL protocol version options
• http2: Fix bug that associated stream canceled on PUSH_PROMISE
• ftp: accept all 2xx responses to the PORT command
• configure: allow both --with-ca-bundle and --with-ca-path
• cmake: install the dll file to the correct directory
• nss: fix NPN/ALPN protocol negotiation
• polarssl: fix ALPN protocol negotiation
• cmake: Fix generation of tool_hugehelp.c on windows
• cmake: fix winsock2 detection on windows
• gnutls: fix build with HTTP2
• connect: fix a spurious connect failure on dual-stacked hosts
• test: test 530 is now less timing dependent
• telnet: invalid use of custom read function if not set

Further