27 files changed, 297 insertions, 699 deletions

diff --git a/src/daemon/connection.c b/src/daemon/connection.c
index fc4b7954..d0e09307 100644
--- a/src/daemon/connection.c
+++ b/src/daemon/connection.c
@@ -34,12 +34,6 @@
 // get opaque type
 #include "gnutls_int.h"
 
-// TODO clean
-#undef MAX
-#define MAX(a,b) ((a)<(b)) ? (b) : (a)
-#undef MIN
-#define MIN(a,b) ((a)<(b)) ? (a) : (b)
-
 #ifndef LINUX
 #ifndef MSG_NOSIGNAL
 #define MSG_NOSIGNAL 0
@@ -293,7 +287,7 @@ try_ready_normal_body (struct MHD_Connection *connection)
   ret = response->crc (response->crc_cls,
                        connection->response_write_position,
                        response->data,
-                       MIN (response->data_buffer_size,
+                       MHD_MIN(response->data_buffer_size,
                             response->total_size -
                             connection->response_write_position));
   if (ret == -1)
@@ -1249,7 +1243,7 @@ do_write (struct MHD_Connection *connection)
   return MHD_YES;
 }
 
-static int
+static ssize_t
 MHD_con_read (struct MHD_Connection *connection)
 {
   return RECV (connection->socket_fd,
@@ -1463,7 +1457,6 @@ parse_connection_headers (struct MHD_Connection *connection)
 int
 MHD_connection_handle_read (struct MHD_Connection *connection)
 {
-  int num_bytes;
   connection->last_activity = time (NULL);
   if (connection->state == MHD_CONNECTION_CLOSED)
     return MHD_NO;
@@ -1509,7 +1502,7 @@ MHD_connection_handle_read (struct MHD_Connection *connection)
   return MHD_YES;
 }
 
-static int
+static ssize_t
 MHD_con_write (struct MHD_Connection *connection)
 {
   return SEND (connection->socket_fd,
@@ -2009,7 +2002,7 @@ MHD_connection_handle_idle (struct MHD_Connection *connection)
 
 }
 
-int
+void
 MHD_set_http_calbacks (struct MHD_Connection *connection)
 {
   connection->recv_cls = &MHD_con_read;
diff --git a/src/daemon/connection.h b/src/daemon/connection.h
index 6df81e77..bf78f390 100644
--- a/src/daemon/connection.h
+++ b/src/daemon/connection.h
@@ -40,9 +40,9 @@ MHD_connection_get_fdset (struct MHD_Connection *connection,
                           fd_set * write_fd_set,
                           fd_set * except_fd_set, int *max_fd);
 
-int MHD_set_http_calbacks (struct MHD_Connection *connection);
+void MHD_set_http_calbacks (struct MHD_Connection *connection);
 #if HTTPS_SUPPORT
-int MHD_set_https_calbacks (struct MHD_Connection *connection);
+void MHD_set_https_calbacks (struct MHD_Connection *connection);
 #endif
 
 #endif
diff --git a/src/daemon/connection_https.c b/src/daemon/connection_https.c
index f3b44bc3..7c5fe4cf 100644
--- a/src/daemon/connection_https.c
+++ b/src/daemon/connection_https.c
@@ -32,22 +32,10 @@
 #include "response.h"
 #include "reason_phrase.h"
 
-// get opaque type
+#include "microhttpsd.h"
+/* get opaque type */
 #include "gnutls_int.h"
 
-// TODO clean
-#undef MAX
-#define MAX(a,b) ((a)<(b)) ? (b) : (a)
-#undef MIN
-#define MIN(a,b) ((a)<(b)) ? (a) : (b)
-
-// TODO rm - appears in a switch default clause
-#if EXTRA_CHECKS
-#define EXTRA_CHECK(a) if (!(a)) abort();
-#else
-#define EXTRA_CHECK(a)
-#endif
-
 /* forward declarations used when setting secure connection callbacks */
 int MHD_connection_handle_read (struct MHD_Connection *connection);
 int MHD_connection_handle_write (struct MHD_Connection *connection);
@@ -118,9 +106,6 @@ int
 MHDS_connection_handle_idle (struct MHD_Connection *connection)
 {
   unsigned int timeout;
-  const char *end;
-  char *line;
-  ssize_t msgLength;
   while (1)
     {
 #if HAVE_MESSAGES
@@ -141,7 +126,6 @@ MHDS_connection_handle_idle (struct MHD_Connection *connection)
           break;
 
         default:
-          EXTRA_CHECK (0);
           break;
         }
       break;
@@ -298,7 +282,7 @@ MHDS_connection_handle_write (struct MHD_Connection *connection)
   return MHD_YES;
 }
 
-int
+void
 MHD_set_https_calbacks (struct MHD_Connection *connection)
 {
   connection->recv_cls = &MHDS_con_read;
diff --git a/src/daemon/daemon.c b/src/daemon/daemon.c
index 937cd642..5fd55c22 100644
--- a/src/daemon/daemon.c
+++ b/src/daemon/daemon.c
@@ -31,6 +31,7 @@
 
 #include "gnutls_int.h"
 #include "gnutls_datum.h"
+#include "gnutls_global.h"
 
 /**
  * Default connection limit.
@@ -58,7 +59,7 @@
 /* initialize security aspects of the HTTPS daemon */
 static int
 MHDS_init (struct MHD_Daemon *daemon){
-  gnutls_global_set_log_function (MHD_tls_log_func);
+    gnutls_global_set_log_function (MHD_tls_log_func);
     /* TODO let user access log level */
 
     /* setup server certificate */
@@ -671,11 +672,11 @@ MHD_select (struct MHD_Daemon *daemon, int may_block)
             {
               // TODO call con->read handler
               if (FD_ISSET (ds, &rs))
-                MHD_connection_handle_read (pos);
+                pos->read_handler (pos);
               if ((pos->socket_fd != -1) && (FD_ISSET (ds, &ws)))
-                MHD_connection_handle_write (pos);
+                pos->write_handler (pos);
               if (pos->socket_fd != -1)
-                MHD_connection_handle_idle (pos);
+                pos->idle_handler (pos);
             }
           pos = pos->next;
         }
@@ -856,12 +857,14 @@ MHD_start_daemon (unsigned int options,
   retVal->connection_timeout = 0;       /* no timeout */
   if (options & MHD_USE_SSL)
     {
+      /* lock gnutls_global mutex since it uses reference counting */
+      pthread_mutex_lock (&gnutls_init_mutex);
       gnutls_global_init ();
+      pthread_mutex_unlock (&gnutls_init_mutex);
       gnutls_priority_init (&retVal->priority_cache,
                             "NONE:+AES-256-CBC:+RSA:+SHA1:+COMP-NULL", NULL);
     }
 
-
   /* initializes the argument pointer variable */
   va_start (ap, dh_cls);
   /*
@@ -910,8 +913,14 @@ MHD_start_daemon (unsigned int options,
           break;
         default:
 #if HAVE_MESSAGES
-          fprintf (stderr,
+          if (opt > MHD_HTTPS_OPTION_START && opt < MHD_HTTPS_OPTION_END) {
+            fprintf (stderr,
+                    "Error: HTTPS option given while compiling without HTTPS support\n");
+          }
+          else {
+            fprintf (stderr,
                    "Invalid MHD_OPTION argument! (Did you terminate the list with MHD_OPTION_END?)\n");
+          }
 #endif
           abort ();
         }
@@ -1001,7 +1010,11 @@ MHD_stop_daemon (struct MHD_Daemon *daemon)
   if (daemon->options & MHD_USE_SSL)
     {
       gnutls_priority_deinit (daemon->priority_cache);
+
+      /* lock gnutls_global mutex since it uses reference counting */
+      pthread_mutex_lock (&gnutls_init_mutex);
       gnutls_global_deinit ();
+      pthread_mutex_unlock (&gnutls_init_mutex);
     }
 #endif
 
diff --git a/src/daemon/https/Makefile.am b/src/daemon/https/Makefile.am
index ec37f95b..4725c405 100644
--- a/src/daemon/https/Makefile.am
+++ b/src/daemon/https/Makefile.am
@@ -1,19 +1,18 @@
 SUBDIRS = minitasn1 opencdk openpgp lgl x509 tls . 
 
-AM_CPPFLAGS = -I./includes \
+AM_CPPFLAGS = \
+-I$(top_srcdir)/src/include \
+-I$(top_srcdir)/src/daemon/https/tls \
 -I$(top_srcdir)/src/daemon/https/lgl \
 -I$(top_srcdir)/src/daemon/https/x509 \
 -I$(top_srcdir)/src/daemon/https/openpgp \
 -I$(top_srcdir)/src/daemon/https/opencdk \
--I$(top_srcdir)/src/daemon/https/tls \
--I$(top_srcdir)/src/daemon/https/includes \
--I$(top_srcdir)/src/daemon/https/cfg 
+-I$(top_srcdir)/src/daemon/https/includes
 
 noinst_LTLIBRARIES = libhttps.la
 
 libhttps_la_SOURCES = \
-https_common.c \
-errcodes.c 
+https_common.c
 
 libhttps_la_LIBADD = \
 opencdk/libopencdk.la \
diff --git a/src/daemon/https/errcodes b/src/daemon/https/errcodes
deleted file mode 100644
index 65774f43..00000000
--- a/src/daemon/https/errcodes
+++ /dev/null
@@ -1,131 +0,0 @@
-#! /bin/sh
-
-# errcodes - temporary wrapper script for .libs/errcodes
-# Generated by ltmain.sh - GNU libtool 1.5.26 Debian 1.5.26-3 (1.1220.2.493 2008/02/01 16:58:18)
-#
-# The errcodes program cannot be directly executed until all the libtool
-# libraries that it depends on are installed.
-#
-# This wrapper script should never be moved out of the build directory.
-# If it is, it will not operate correctly.
-
-# Sed substitution that helps us do robust quoting.  It backslashifies
-# metacharacters that are still active within double-quoted strings.
-Xsed='/bin/sed -e 1s/^X//'
-sed_quote_subst='s/\([\\`\\"$\\\\]\)/\\\1/g'
-
-# Be Bourne compatible (taken from Autoconf:_AS_BOURNE_COMPATIBLE).
-if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
-  emulate sh
-  NULLCMD=:
-  # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
-  # is contrary to our usage.  Disable this feature.
-  alias -g '${1+"$@"}'='"$@"'
-  setopt NO_GLOB_SUBST
-else
-  case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac
-fi
-BIN_SH=xpg4; export BIN_SH # for Tru64
-DUALCASE=1; export DUALCASE # for MKS sh
-
-# The HP-UX ksh and POSIX shell print the target directory to stdout
-# if CDPATH is set.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-relink_command="(cd /home/lama/workbench/programming/c/gnunet/gnutls-2.2.3/src; { test -z \"\${LIBRARY_PATH+set}\" || unset LIBRARY_PATH || { LIBRARY_PATH=; export LIBRARY_PATH; }; }; { test -z \"\${COMPILER_PATH+set}\" || unset COMPILER_PATH || { COMPILER_PATH=; export COMPILER_PATH; }; }; { test -z \"\${GCC_EXEC_PREFIX+set}\" || unset GCC_EXEC_PREFIX || { GCC_EXEC_PREFIX=; export GCC_EXEC_PREFIX; }; }; { test -z \"\${LD_RUN_PATH+set}\" || unset LD_RUN_PATH || { LD_RUN_PATH=; export LD_RUN_PATH; }; }; { test -z \"\${LD_LIBRARY_PATH+set}\" || unset LD_LIBRARY_PATH || { LD_LIBRARY_PATH=; export LD_LIBRARY_PATH; }; }; PATH=\"/usr/lib/distcc:/usr/local/bin:/usr/bin:/bin:/usr/games\"; export PATH; gcc -std=gnu99 -g -O2 -D_REENTRANT -D_THREAD_SAFE -pipe -g -O2 -D_REENTRANT -D_THREAD_SAFE -Wno-pointer-sign -o \$progdir/\$file errcodes.o  ../lib/.libs/libgnutls.so /usr/lib/libgcrypt.so -L/usr/lib /usr/lib/libtasn1.so  -Wl,--rpath -Wl,/home/lama/workbench/programming/c/gnunet/gnutls-2.2.3/lib/.libs -Wl,--rpath -Wl,/home/lama/workbench/programming/c/gnunet/gnutls-2.2.3/build/lib ) "
-
-# This environment variable determines our operation mode.
-if test "$libtool_install_magic" = "%%%MAGIC variable%%%"; then
-  # install mode needs the following variable:
-  notinst_deplibs=' ../lib/libgnutls.la'
-else
-  # When we are sourced in execute mode, $file and $echo are already set.
-  if test "$libtool_execute_magic" != "%%%MAGIC variable%%%"; then
-    echo="echo"
-    file="$0"
-    # Make sure echo works.
-    if test "X$1" = X--no-reexec; then
-      # Discard the --no-reexec flag, and continue.
-      shift
-    elif test "X`($echo '\t') 2>/dev/null`" = 'X\t'; then
-      # Yippee, $echo works!
-      :
-    else
-      # Restart under the correct shell, and then maybe $echo will work.
-      exec /bin/sh "$0" --no-reexec ${1+"$@"}
-    fi
-  fi
-
-  # Find the directory that this script lives in.
-  thisdir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`
-  test "x$thisdir" = "x$file" && thisdir=.
-
-  # Follow symbolic links until we get to the real thisdir.
-  file=`ls -ld "$file" | /bin/sed -n 's/.*-> //p'`
-  while test -n "$file"; do
-    destdir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`
-
-    # If there was a directory component, then change thisdir.
-    if test "x$destdir" != "x$file"; then
-      case "$destdir" in
-      [\\/]* | [A-Za-z]:[\\/]*) thisdir="$destdir" ;;
-      *) thisdir="$thisdir/$destdir" ;;
-      esac
-    fi
-
-    file=`$echo "X$file" | $Xsed -e 's%^.*/%%'`
-    file=`ls -ld "$thisdir/$file" | /bin/sed -n 's/.*-> //p'`
-  done
-
-  # Try to get the absolute directory name.
-  absdir=`cd "$thisdir" && pwd`
-  test -n "$absdir" && thisdir="$absdir"
-
-  program=lt-'errcodes'
-  progdir="$thisdir/.libs"
-
-  if test ! -f "$progdir/$program" || \
-     { file=`ls -1dt "$progdir/$program" "$progdir/../$program" 2>/dev/null | /bin/sed 1q`; \
-       test "X$file" != "X$progdir/$program"; }; then
-
-    file="$$-$program"
-
-    if test ! -d "$progdir"; then
-      mkdir "$progdir"
-    else
-      rm -f "$progdir/$file"
-    fi
-
-    # relink executable if necessary
-    if test -n "$relink_command"; then
-      if relink_command_output=`eval $relink_command 2>&1`; then :
-      else
-        echo "$relink_command_output" >&2
-        rm -f "$progdir/$file"
-        exit 1
-      fi
-    fi
-
-    mv -f "$progdir/$file" "$progdir/$program" 2>/dev/null ||
-    { rm -f "$progdir/$program";
-      mv -f "$progdir/$file" "$progdir/$program"; }
-    rm -f "$progdir/$file"
-  fi
-
-  if test -f "$progdir/$program"; then
-    if test "$libtool_execute_magic" != "%%%MAGIC variable%%%"; then
-      # Run the actual program with our arguments.
-
-      exec "$progdir/$program" ${1+"$@"}
-
-      $echo "$0: cannot exec $program $*"
-      exit 1
-    fi
-  else
-    # The program doesn't exist.
-    $echo "$0: error: \`$progdir/$program' does not exist" 1>&2
-    $echo "This script is just a wrapper for $program." 1>&2
-    echo "See the libtool documentation for more information." 1>&2
-    exit 1
-  fi
-fi
diff --git a/src/daemon/https/errcodes.c b/src/daemon/https/errcodes.c
deleted file mode 100644
index 0177eccc..00000000
--- a/src/daemon/https/errcodes.c
+++ /dev/null
@@ -1,24 +0,0 @@
-#if HAVE_CONFIG_H
-#include "config.h"
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <gnutls.h>
-
-const char *_gnutls_strerror (int);
-
-typedef struct
-{
-  char name[128];
-  int error_index;
-} error_name;
-
-static int
-compar (const void *_n1, const void *_n2)
-{
-  const error_name *n1 = (const error_name *) _n1,
-    *n2 = (const error_name *) _n2;
-  return strcmp (n1->name, n2->name);
-}
diff --git a/src/daemon/https/includes/extra.h b/src/daemon/https/includes/extra.h
index ca0cb5b4..0c363259 100644
--- a/src/daemon/https/includes/extra.h
+++ b/src/daemon/https/includes/extra.h
@@ -27,9 +27,9 @@
  */
 
 #ifndef GNUTLS_EXTRA_H
-# define GNUTLS_EXTRA_H
+#define GNUTLS_EXTRA_H
 
-#include <gnutls.h>
+#include "gnutls.h"
 
 #ifdef __cplusplus
 extern "C"
@@ -38,7 +38,7 @@ extern "C"
 
 #define LIBGNUTLS_EXTRA_VERSION LIBGNUTLS_VERSION
 
-/* Openpgp certificate stuff 
+/* Openpgp certificate stuff
  */
 
   typedef enum gnutls_openpgp_crt_fmt
@@ -175,7 +175,7 @@ extern "C"
 
   int gnutls_global_init_extra (void);
 
-/* returns libgnutls-extra version (call it with a NULL argument) 
+/* returns libgnutls-extra version (call it with a NULL argument)
  */
   const char *gnutls_extra_check_version (const char *req_version);
 
diff --git a/src/daemon/https/includes/gnutls.h b/src/daemon/https/includes/gnutls.h
index 5178609b..df34e72c 100644
--- a/src/daemon/https/includes/gnutls.h
+++ b/src/daemon/https/includes/gnutls.h
@@ -32,9 +32,8 @@
  * gcrypt.h
  */
 
-
 #ifndef GNUTLS_H
-# define GNUTLS_H
+#define GNUTLS_H
 
 #ifdef __cplusplus
 extern "C"
@@ -49,8 +48,6 @@ extern "C"
 
 #define LIBGNUTLS_VERSION_NUMBER 0x020203
 
-
-
 /* Get size_t. */
 #include <stddef.h>
 /* Get ssize_t. */
@@ -67,33 +64,7 @@ extern "C"
 #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC
 #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128
 
-  typedef enum gnutls_cipher_algorithm
-  {
-    GNUTLS_CIPHER_UNKNOWN = 0,
-    GNUTLS_CIPHER_NULL = 1,
-    GNUTLS_CIPHER_ARCFOUR_128,
-    GNUTLS_CIPHER_3DES_CBC,
-    GNUTLS_CIPHER_AES_128_CBC,
-    GNUTLS_CIPHER_AES_256_CBC,
-    GNUTLS_CIPHER_ARCFOUR_40,
-    GNUTLS_CIPHER_CAMELLIA_128_CBC,
-    GNUTLS_CIPHER_CAMELLIA_256_CBC,
-    GNUTLS_CIPHER_RC2_40_CBC = 90,
-    GNUTLS_CIPHER_DES_CBC
-  } gnutls_cipher_algorithm_t;
-
-  typedef enum
-  {
-    GNUTLS_KX_UNKNOWN = 0,
-    GNUTLS_KX_RSA = 1,
-    GNUTLS_KX_DHE_DSS,
-    GNUTLS_KX_DHE_RSA,
-    GNUTLS_KX_ANON_DH,
-    GNUTLS_KX_SRP,
-    GNUTLS_KX_RSA_EXPORT,
-    GNUTLS_KX_SRP_RSA,
-    GNUTLS_KX_SRP_DSS,
-  } gnutls_kx_algorithm_t;
+#include "microhttpsd.h"
 
   typedef enum
   {
@@ -101,57 +72,16 @@ extern "C"
     GNUTLS_PARAMS_DH
   } gnutls_params_type_t;
 
-  typedef enum
-  {
-    GNUTLS_CRD_CERTIFICATE = 1,
-    GNUTLS_CRD_ANON,
-    GNUTLS_CRD_SRP,
-    GNUTLS_CRD_PSK,
-    GNUTLS_CRD_IA
-  } gnutls_credentials_type_t;
-
+/* TODO clean
 #define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1
 #define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1
-
-  typedef enum
-  {
-    GNUTLS_MAC_UNKNOWN = 0,
-    GNUTLS_MAC_NULL = 1,
-    GNUTLS_MAC_MD5,
-    GNUTLS_MAC_SHA1,
-    //GNUTLS_MAC_RMD160,
-    //GNUTLS_MAC_MD2,
-    GNUTLS_MAC_SHA256,
-    //GNUTLS_MAC_SHA384,
-    //GNUTLS_MAC_SHA512
-  } gnutls_mac_algorithm_t;
-
-  /* The enumerations here should have the same value with
-     gnutls_mac_algorithm_t.
-   */
-  typedef enum
-  {
-    GNUTLS_DIG_NULL = GNUTLS_MAC_NULL,
-    GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5,
-    GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1,
-    GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256,
-  } gnutls_digest_algorithm_t;
+*/
 
   /* exported for other gnutls headers. This is the maximum number of
    * algorithms (ciphers, kx or macs).
    */
 #define GNUTLS_MAX_ALGORITHM_NUM 16
-
 #define GNUTLS_COMP_ZLIB GNUTLS_COMP_DEFLATE
-  typedef enum
-  {
-    GNUTLS_COMP_UNKNOWN = 0,
-    GNUTLS_COMP_NULL = 1,
-    GNUTLS_COMP_DEFLATE,
-    GNUTLS_COMP_LZO             /* only available if gnutls-extra has
-                                   been initialized
-                                 */
-  } gnutls_compression_method_t;
 
   typedef enum
   {
@@ -251,36 +181,12 @@ extern "C"
     GNUTLS_SHUT_WR = 1
   } gnutls_close_request_t;
 
-#define GNUTLS_TLS1 GNUTLS_TLS1_0
-  typedef enum
-  {
-    GNUTLS_SSL3 = 1,
-    GNUTLS_TLS1_0,
-    GNUTLS_TLS1_1,
-    GNUTLS_TLS1_2,
-    GNUTLS_VERSION_UNKNOWN = 0xff
-  } gnutls_protocol_t;
-
-  typedef enum
-  {
-    GNUTLS_CRT_UNKNOWN = 0,
-    GNUTLS_CRT_X509 = 1,
-    GNUTLS_CRT_OPENPGP
-  } gnutls_certificate_type_t;
-
   typedef enum
   {
     GNUTLS_X509_FMT_DER,
     GNUTLS_X509_FMT_PEM
   } gnutls_x509_crt_fmt_t;
 
-  typedef enum
-  {
-    GNUTLS_PK_UNKNOWN = 0,
-    GNUTLS_PK_RSA = 1,
-    //GNUTLS_PK_DSA
-  } gnutls_pk_algorithm_t;
-
   const char *gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm);
 
 #define GNUTLS_SIGN_RSA_SHA GNUTLS_SIGN_RSA_SHA1
diff --git a/src/daemon/https/lgl/Makefile.am b/src/daemon/https/lgl/Makefile.am
index 1edb75ae..ff8d1856 100644
--- a/src/daemon/https/lgl/Makefile.am
+++ b/src/daemon/https/lgl/Makefile.am
@@ -1,6 +1,7 @@
 SUBDIRS = . 
 
 AM_CPPFLAGS = -std=c99 \
+-I$(top_srcdir)/src/include \
 -I$(GCRYPT_CPPFLAGS)
 
 # gc-gnulib.c
diff --git a/src/daemon/https/minitasn1/Makefile.am b/src/daemon/https/minitasn1/Makefile.am
index fc924cc4..6c58730d 100644
--- a/src/daemon/https/minitasn1/Makefile.am
+++ b/src/daemon/https/minitasn1/Makefile.am
@@ -1,5 +1,6 @@
 
-AM_CPPFLAGS = -I./includes \
+AM_CPPFLAGS = \
+-I$(top_srcdir)/src/include \
 -I$(top_srcdir)/src/daemon/https/lgl \
 -I$(top_srcdir)/src/daemon/https/tls \
 -I$(top_srcdir)/src/daemon/https/includes 
diff --git a/src/daemon/https/opencdk/Makefile.am b/src/daemon/https/opencdk/Makefile.am
index b69a151f..b6e67470 100644
--- a/src/daemon/https/opencdk/Makefile.am
+++ b/src/daemon/https/opencdk/Makefile.am
@@ -1,4 +1,6 @@
-AM_CPPFLAGS = -I$(top_srcdir)/lib \
+AM_CPPFLAGS = \
+-I$(top_srcdir)/src/include \
+-I$(top_srcdir)/lib \
 -I$(top_srcdir)/lgl \
 -I$(GCRYPT_CPPFLAGS)
 
diff --git a/src/daemon/https/openpgp/Makefile.am b/src/daemon/https/openpgp/Makefile.am
index 94c27ac1..66380444 100644
--- a/src/daemon/https/openpgp/Makefile.am
+++ b/src/daemon/https/openpgp/Makefile.am
@@ -1,6 +1,7 @@
 SUBDIRS = .
 
-AM_CPPFLAGS = -I./includes \
+AM_CPPFLAGS = \
+-I$(top_srcdir)/src/include \
 -I$(top_srcdir)/src/daemon/https/includes \
 -I$(top_srcdir)/src/daemon/https/lgl \
 -I$(top_srcdir)/src/daemon/https/x509 \
diff --git a/src/daemon/https/tls/Makefile.am b/src/daemon/https/tls/Makefile.am
index ca847aa2..ceecb1ba 100644
--- a/src/daemon/https/tls/Makefile.am
+++ b/src/daemon/https/tls/Makefile.am
@@ -1,12 +1,13 @@
 SUBDIRS = .
 
 AM_CPPFLAGS = \
--I$(top_srcdir)/src/daemon/https/includes \
+-I$(top_srcdir)/src/include \
+-I$(top_srcdir)/src/daemon/https/tls \
 -I$(top_srcdir)/src/daemon/https/lgl \
 -I$(top_srcdir)/src/daemon/https/x509 \
--I$(top_srcdir)/src/daemon/https/tls \
 -I$(top_srcdir)/src/daemon/https/openpgp \
 -I$(top_srcdir)/src/daemon/https/opencdk \
+-I$(top_srcdir)/src/daemon/https/includes \
 -I$(GCRYPT_CPPFLAGS)
 
 noinst_LTLIBRARIES = libtls.la
diff --git a/src/daemon/https/tls/defines.h b/src/daemon/https/tls/defines.h
index a53ce2e4..43e96766 100644
--- a/src/daemon/https/tls/defines.h
+++ b/src/daemon/https/tls/defines.h
@@ -48,7 +48,7 @@ typedef int ssize_t;
 #include <sys/socket.h>
 #include <time.h>
 
-// TODO check if these should go into config.h
+/* TODO check if these should go into config.h */
 #define SIZEOF_UNSIGNED_INT 4
 #define SIZEOF_UNSIGNED_LONG 8
 #define SIZEOF_UNSIGNED_LONG_INT SIZEOF_UNSIGNED_LONG
diff --git a/src/daemon/https/tls/gnutls_global.c b/src/daemon/https/tls/gnutls_global.c
index 822293ac..d244213e 100644
--- a/src/daemon/https/tls/gnutls_global.c
+++ b/src/daemon/https/tls/gnutls_global.c
@@ -60,10 +60,10 @@ ASN1_TYPE _gnutls_gnutls_asn;
  *
  * This is the function where you set the logging function gnutls
  * is going to use. This function only accepts a character array.
- * Normally you may not use this function since it is only used 
+ * Normally you may not use this function since it is only used
  * for debugging purposes.
  *
- * gnutls_log_func is of the form, 
+ * gnutls_log_func is of the form,
  * void (*gnutls_log_func)( int level, const char*);
  **/
 void
@@ -74,7 +74,7 @@ gnutls_global_set_log_function (gnutls_log_func log_func)
 
 /**
  * gnutls_global_set_log_level - This function sets the logging level
- * @level: it's an integer from 0 to 9. 
+ * @level: it's an integer from 0 to 9.
  *
  * This is the function that allows you to set the log level.
  * The level is an integer between 0 and 9. Higher values mean
@@ -90,15 +90,6 @@ gnutls_global_set_log_level (int level)
   _gnutls_log_level = level;
 }
 
-#ifdef DEBUG
-/* default logging function */
-static void
-dlog (int level, const char *str)
-{
-  fputs (str, stderr);
-}
-#endif
-
 extern gnutls_alloc_function gnutls_secure_malloc;
 extern gnutls_alloc_function gnutls_malloc;
 extern gnutls_free_function gnutls_free;
@@ -121,7 +112,7 @@ int _gnutls_is_secure_mem_null (const void *);
  * is going to use. By default the libc's allocation functions (malloc(), free()),
  * are used by gnutls, to allocate both sensitive and not sensitive data.
  * This function is provided to set the memory allocation functions to
- * something other than the defaults (ie the gcrypt allocation functions). 
+ * something other than the defaults (ie the gcrypt allocation functions).
  *
  * This function must be called before gnutls_global_init() is called.
  *
@@ -182,7 +173,7 @@ static int _gnutls_init = 0;
  *
  * Note that this function will also initialize libgcrypt, if it has not
  * been initialized before. Thus if you want to manually initialize libgcrypt
- * you must do it before calling this function. This is useful in cases you 
+ * you must do it before calling this function. This is useful in cases you
  * want to disable libgcrypt's internal lockings etc.
  *
  * This function increment a global counter, so that
@@ -209,7 +200,7 @@ gnutls_global_init (void)
   char c;
 
   if (_gnutls_init++)
-    return;
+    return 0;
 
 #if HAVE_WINSOCK
   {
@@ -235,7 +226,6 @@ gnutls_global_init (void)
   }
 #endif
 
-
   // bindtextdomain("mhd", "./");
 
   if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P) == 0)
@@ -285,14 +275,13 @@ gnutls_global_init (void)
     }
 
 #ifdef DEBUG
-  gnutls_global_set_log_function (dlog);
+  gnutls_global_set_log_function (MHD_tls_log_func());
 #endif
 
-  /* initialize parser 
+  /* initialize parser
    * This should not deal with files in the final
    * version.
    */
-
   res = asn1_array2tree(pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
   if (res != ASN1_SUCCESS)
     {
@@ -315,7 +304,7 @@ gnutls_global_init (void)
 }
 
 /**
- * gnutls_global_deinit - This function deinitializes the global data 
+ * gnutls_global_deinit - This function deinitializes the global data
  *
  * This function deinitializes the global data, that were initialized
  * using gnutls_global_init().
@@ -339,7 +328,7 @@ gnutls_global_deinit (void)
   _gnutls_init--;
 }
 
-/* These functions should be elsewere. Kept here for 
+/* These functions should be elsewere. Kept here for
  * historical reasons.
  */
 
@@ -348,12 +337,12 @@ gnutls_global_deinit (void)
  * @pull_func: a callback function similar to read()
  * @session: gnutls session
  *
- * This is the function where you set a function for gnutls 
+ * This is the function where you set a function for gnutls
  * to receive data. Normally, if you use berkeley style sockets,
- * do not need to use this function since the default (recv(2)) will 
+ * do not need to use this function since the default (recv(2)) will
  * probably be ok.
  *
- * PULL_FUNC is of the form, 
+ * PULL_FUNC is of the form,
  * ssize_t (*gnutls_pull_func)(gnutls_transport_ptr_t, void*, size_t);
  **/
 void
@@ -373,8 +362,8 @@ gnutls_transport_set_pull_function (gnutls_session_t session,
  * sockets, you do not need to use this function since
  * the default (send(2)) will probably be ok. Otherwise you should
  * specify this function for gnutls to be able to send data.
- *  
- * PUSH_FUNC is of the form, 
+ *
+ * PUSH_FUNC is of the form,
  * ssize_t (*gnutls_push_func)(gnutls_transport_ptr_t, const void*, size_t);
  **/
 void
diff --git a/src/daemon/https/tls/gnutls_global.h b/src/daemon/https/tls/gnutls_global.h
index 3305ebad..05026a70 100644
--- a/src/daemon/https/tls/gnutls_global.h
+++ b/src/daemon/https/tls/gnutls_global.h
@@ -27,12 +27,15 @@
 
 #include <libtasn1.h>
 
+/* this mutex is used to synchronize threads attemting call gnutls_global_init / gnutls_global_deinit */
+pthread_mutex_t gnutls_init_mutex;
+
 int gnutls_is_secure_memory (const void *mem);
 
 extern ASN1_TYPE _gnutls_pkix1_asn;
 extern ASN1_TYPE _gnutls_gnutls_asn;
 
-/* removed const from node_asn* to 
+/* removed const from node_asn* to
  * prevent warnings, since libtasn1 doesn't
  * use the const keywork in its functions.
  */
diff --git a/src/daemon/https/tls/gnutls_int.h b/src/daemon/https/tls/gnutls_int.h
index c1e501a0..1bd6205d 100644
--- a/src/daemon/https/tls/gnutls_int.h
+++ b/src/daemon/https/tls/gnutls_int.h
@@ -23,12 +23,13 @@
  */
 
 #ifndef GNUTLS_INT_H
-
 #define GNUTLS_INT_H
 
 #include <defines.h>
 
 #include "gnutls.h"
+#include "microhttpsd.h"
+
 #include "extra.h"
 #include "gnutls_mem.h"
 
@@ -36,6 +37,8 @@
  */
 #define KEYRING_HACK
 
+#define MAX(X,Y) ((X) > (Y) ? (X) : (Y));
+
 #define MAX32 4294967295
 #define MAX24 16777215
 #define MAX16 65535
@@ -49,7 +52,7 @@
 #define TLS_MAX_SESSION_ID_SIZE 32
 #define TLS_MASTER_SIZE 48
 
-/* The maximum digest size of hash algorithms. 
+/* The maximum digest size of hash algorithms.
  */
 #define MAX_HASH_SIZE 64
 
@@ -112,7 +115,7 @@ typedef struct
 #include <gnutls_mpi.h>
 
 typedef enum change_cipher_spec_t
-  { 
+  {
     GNUTLS_TYPE_CHANGE_CIPHER_SPEC = 1
   } change_cipher_spec_t;
 
@@ -176,7 +179,7 @@ typedef struct auth_cred_st
   {
     gnutls_credentials_type_t algorithm;
 
-    /* the type of credentials depends on algorithm 
+    /* the type of credentials depends on algorithm
      */
     void *credentials;
     struct auth_cred_st *next;
@@ -202,9 +205,9 @@ struct gnutls_key_st
      */
     mpi_t rsa[2];
 
-    /* this is used to hold the peers authentication data 
+    /* this is used to hold the peers authentication data
      */
-    /* auth_info_t structures SHOULD NOT contain malloced 
+    /* auth_info_t structures SHOULD NOT contain malloced
      * elements. Check gnutls_session_pack.c, and gnutls_auth.c.
      * Rememember that this should be calloced!
      */
@@ -287,13 +290,13 @@ typedef enum tls_ext_parse_type_t
     EXTENSION_TLS
   } tls_ext_parse_type_t;
 
-/* auth_info_t structures now MAY contain malloced 
+/* auth_info_t structures now MAY contain malloced
  * elements.
  */
 
 /* This structure and auth_info_t, are stored in the resume database,
  * and are restored, in case of resume.
- * Holds all the required parameters to resume the current 
+ * Holds all the required parameters to resume the current
  * session.
  */
 
@@ -321,7 +324,7 @@ typedef struct
     gnutls_mac_algorithm_t write_mac_algorithm;
     gnutls_compression_method_t write_compression_algorithm;
 
-    /* this is the ciphersuite we are going to use 
+    /* this is the ciphersuite we are going to use
      * moved here from internals in order to be restored
      * on resume;
      */
@@ -511,7 +514,7 @@ typedef struct
 
     /* this is the highest version available
      * to the peer. (advertized version).
-     * This is obtained by the Handshake Client Hello 
+     * This is obtained by the Handshake Client Hello
      * message. (some implementations read the Record version)
      */
     uint8_t adv_version_major;
@@ -523,8 +526,8 @@ typedef struct
      */
     int send_cert_req;
 
-    /* bits to use for DHE and DHA 
-     * use _gnutls_dh_get_prime_bits() and gnutls_dh_set_prime_bits() 
+    /* bits to use for DHE and DHA
+     * use _gnutls_dh_get_prime_bits() and gnutls_dh_set_prime_bits()
      * to access it.
      */
     uint16_t dh_prime_bits;
diff --git a/src/daemon/https/tls/gnutls_str.h b/src/daemon/https/tls/gnutls_str.h
index c805d70f..62415557 100644
--- a/src/daemon/https/tls/gnutls_str.h
+++ b/src/daemon/https/tls/gnutls_str.h
@@ -23,12 +23,10 @@
  */
 
 #ifndef GNUTLS_STR_H
-# define GNUTLS_STR_H
+#define GNUTLS_STR_H
 
 #include <gnutls_int.h>
 
-#define MAX(X,Y) ((X) > (Y) ? (X) : (Y));
-
 void _gnutls_str_cpy (char *dest, size_t dest_tot_size, const char *src);
 void _gnutls_mem_cpy (char *dest, size_t dest_tot_size, const char *src,
                       size_t src_size);
diff --git a/src/daemon/https/x509/Makefile.am b/src/daemon/https/x509/Makefile.am
index c3a30f03..6121dd51 100644
--- a/src/daemon/https/x509/Makefile.am
+++ b/src/daemon/https/x509/Makefile.am
@@ -1,5 +1,6 @@
 
-AM_CPPFLAGS = -I./includes \
+AM_CPPFLAGS = \
+-I$(top_srcdir)/src/include \
 -I$(top_srcdir)/src/daemon/https/includes \
 -I$(top_srcdir)/src/daemon/https/minitasn1 \
 -I$(top_srcdir)/src/daemon/https/lgl \
diff --git a/src/daemon/https/x509/x509.h b/src/daemon/https/x509/x509.h
index c9bb22ef..8cef1d30 100644
--- a/src/daemon/https/x509/x509.h
+++ b/src/daemon/https/x509/x509.h
@@ -23,7 +23,7 @@
  */
 
 #ifndef X509_H
-# define X509_H
+#define X509_H
 
 #define MIN(X,Y) ((X) > (Y) ? (Y) : (X));
 
@@ -781,8 +781,8 @@ typedef struct gnutls_x509_crt_int
 
 typedef struct gnutls_x509_privkey_int
   {
-    mpi_t params[MAX_PRIV_PARAMS_SIZE]; /* the size of params depends on the public 
-     * key algorithm 
+    mpi_t params[MAX_PRIV_PARAMS_SIZE]; /* the size of params depends on the public
+     * key algorithm
      */
     /*
      * RSA: [0] is modulus
diff --git a/src/daemon/internal.h b/src/daemon/internal.h
index af6d05fe..a9b19d6b 100644
--- a/src/daemon/internal.h
+++ b/src/daemon/internal.h
@@ -50,8 +50,8 @@
 #include <pthread.h>
 
 // TODO unify with other dec
-#define MAX(a,b) ((a)<(b)) ? (b) : (a)
-#define MIN(a,b) ((a)<(b)) ? (a) : (b)
+#define MHD_MAX(a,b) ((a)<(b)) ? (b) : (a)
+#define MHD_MIN(a,b) ((a)<(b)) ? (a) : (b)
 
 /**
  * Size by which MHD usually tries to increment read/write buffers.
@@ -533,6 +533,7 @@ struct MHD_Connection
   unsigned int current_chunk_offset;
 
   /* handlers used for processing read, write & idle connection operations */
+  /* TODO fix sig */
   int (*read_handler) (struct MHD_Connection * connection);
 
   int (*write_handler) (struct MHD_Connection * connection);
@@ -543,9 +544,9 @@ struct MHD_Connection
    * function pointers to the appropriate send & receive funtions
    * according to whether this is a HTTPS / HTTP daemon
    */
-  int (*recv_cls) (struct MHD_Connection * connection);
+  ssize_t (*recv_cls) (struct MHD_Connection * connection);
 
-  int (*send_cls) (struct MHD_Connection * connection);
+  ssize_t (*send_cls) (struct MHD_Connection * connection);
 
 #if HTTPS_SUPPORT
   /* TODO rename as this might be an SSL connection */
@@ -626,7 +627,7 @@ struct MHD_Daemon
      */
   unsigned short port;
 
-#ifdef HTTPS_SUPPORT
+#if HTTPS_SUPPORT
   /* server credintials */
   gnutls_certificate_credentials_t x509_cret;
 
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h
index f65b0aba..128df4d2 100644
--- a/src/include/microhttpd.h
+++ b/src/include/microhttpd.h
@@ -73,10 +73,6 @@
 #include "plibc.h"
 #endif
 
-#if HTTPS_SUPPORT
-#include "gnutls.h"
-#endif
-
 #ifdef __cplusplus
 extern "C"
 {
@@ -349,8 +345,8 @@ enum MHD_OPTION
    */
   MHD_OPTION_PER_IP_CONNECTION_LIMIT = 5,
 
-#if HTTPS_SUPPORT
-  // TODO rename
+  MHD_HTTPS_OPTION_START = 6,
+
   /**
    * Filename for the private key (key.pem) to be used by the
    * HTTPS daemon.  This option should be followed by an
@@ -358,7 +354,7 @@ enum MHD_OPTION
    * not be released until the application terminates.
    * This should be used in conjunction with 'MHD_OPTION_HTTPS_CERT_PATH'.
    */
-  MHD_OPTION_HTTPS_KEY_PATH = 6,
+  MHD_OPTION_HTTPS_KEY_PATH,
 
   /**
    * Filename for the certificate (cert.pem) to be used by the
@@ -367,7 +363,7 @@ enum MHD_OPTION
    * not be released until the application terminates.
    * This should be used in conjunction with 'MHD_OPTION_HTTPS_KEY_PATH'.
    */
-  MHD_OPTION_HTTPS_CERT_PATH = 7,
+  MHD_OPTION_HTTPS_CERT_PATH,
 
   /**
      * Memory pointer for the private key (key.pem) to be used by the
@@ -375,7 +371,7 @@ enum MHD_OPTION
      * "const char*" argument.
      * This should be used in conjunction with 'MHD_OPTION_HTTPS_MEM_CERT'.
      */
-  MHD_OPTION_HTTPS_MEM_KEY = 8,
+  MHD_OPTION_HTTPS_MEM_KEY,
 
   /**
   * Memory pointer for the certificate (cert.pem) to be used by the
@@ -383,8 +379,7 @@ enum MHD_OPTION
   * "const char*" argument.
   * This should be used in conjunction with 'MHD_OPTION_HTTPS_MEM_KEY'.
   */
-  MHD_OPTION_HTTPS_MEM_CERT = 9,
-
+  MHD_OPTION_HTTPS_MEM_CERT,
 
   /*
    * Memory pointer to a zero terminated int array representing the
@@ -399,7 +394,8 @@ enum MHD_OPTION
    * "const int *" argument.
    */
   MHDS_KX_PRIORITY,
-#endif
+
+  MHD_HTTPS_OPTION_END,
 };
 
 /**
@@ -746,20 +742,6 @@ MHD_get_connection_values (struct MHD_Connection *connection,
                            enum MHD_ValueKind kind,
                            MHD_KeyValueIterator iterator, void *iterator_cls);
 
-#if HTTPS_SUPPORT
-/* get cipher spec for this connection */
-gnutls_cipher_algorithm_t MHDS_get_session_cipher (struct MHD_Connection * session );
-
-gnutls_kx_algorithm_t MHDS_get_session_kx (struct MHD_Connection * session );
-gnutls_mac_algorithm_t MHDS_get_session_mac (struct MHD_Connection * session );
-gnutls_compression_method_t MHDS_get_session_compression (struct MHD_Connection * session );
-gnutls_certificate_type_t MHDS_get_session_cert_type (struct MHD_Connection * session );
-
-//TODO impl
-size_t MHDS_get_key_size (struct MHD_Daemon * daemon, gnutls_cipher_algorithm_t algorithm);
-size_t MHDS_get_mac_key_size (struct MHD_Daemon * daemon, gnutls_mac_algorithm_t algorithm);
-#endif
-
 /**
  * Get a particular header value.  If multiple
  * values match the kind, return any one of them.
diff --git a/src/include/microhttpsd.h b/src/include/microhttpsd.h
new file mode 100644
index 00000000..1586c32a
--- /dev/null
+++ b/src/include/microhttpsd.h
@@ -0,0 +1,139 @@
+/*
+     This file is part of libmicrohttpd
+     (C) 2006, 2007, 2008 Christian Grothoff (and other contributing authors)
+
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation; either
+     version 2.1 of the License, or (at your option) any later version.
+
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+
+/**
+ * @file microhttpsd.h
+ * @brief public interface to libmicrohttpd
+ * @author Sagie Amir
+ *
+ */
+
+#ifndef MHD_MICROHTTPSD_H
+#define MHD_MICROHTTPSD_H
+
+#include "microhttpd.h"
+
+ typedef enum gnutls_cipher_algorithm
+  {
+    GNUTLS_CIPHER_UNKNOWN = 0,
+    GNUTLS_CIPHER_NULL = 1,
+    GNUTLS_CIPHER_ARCFOUR_128,
+    GNUTLS_CIPHER_3DES_CBC,
+    GNUTLS_CIPHER_AES_128_CBC,
+    GNUTLS_CIPHER_AES_256_CBC,
+    GNUTLS_CIPHER_ARCFOUR_40,
+    GNUTLS_CIPHER_CAMELLIA_128_CBC,
+    GNUTLS_CIPHER_CAMELLIA_256_CBC,
+    GNUTLS_CIPHER_RC2_40_CBC = 90,
+    GNUTLS_CIPHER_DES_CBC
+  } gnutls_cipher_algorithm_t;
+
+  typedef enum
+  {
+    GNUTLS_KX_UNKNOWN = 0,
+    GNUTLS_KX_RSA = 1,
+    GNUTLS_KX_DHE_DSS,
+    GNUTLS_KX_DHE_RSA,
+    GNUTLS_KX_ANON_DH,
+    GNUTLS_KX_SRP,
+    GNUTLS_KX_RSA_EXPORT,
+    GNUTLS_KX_SRP_RSA,
+    GNUTLS_KX_SRP_DSS,
+  } gnutls_kx_algorithm_t;
+
+  typedef enum
+  {
+    GNUTLS_CRD_CERTIFICATE = 1,
+    GNUTLS_CRD_ANON,
+    GNUTLS_CRD_SRP,
+    GNUTLS_CRD_PSK,
+    GNUTLS_CRD_IA
+  } gnutls_credentials_type_t;
+
+  typedef enum
+  {
+    GNUTLS_MAC_UNKNOWN = 0,
+    GNUTLS_MAC_NULL = 1,
+    GNUTLS_MAC_MD5,
+    GNUTLS_MAC_SHA1,
+    GNUTLS_MAC_SHA256,
+    //GNUTLS_MAC_SHA384,
+    //GNUTLS_MAC_SHA512
+  } gnutls_mac_algorithm_t;
+
+  /* The enumerations here should have the same value with
+     gnutls_mac_algorithm_t.
+   */
+  typedef enum
+  {
+    GNUTLS_DIG_NULL = GNUTLS_MAC_NULL,
+    GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5,
+    GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1,
+    GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256,
+  } gnutls_digest_algorithm_t;
+
+
+  typedef enum
+  {
+    GNUTLS_COMP_UNKNOWN = 0,
+    GNUTLS_COMP_NULL = 1,
+    GNUTLS_COMP_DEFLATE,
+    GNUTLS_COMP_LZO   /* only available if gnutls-extra has
+           been initialized
+         */
+  } gnutls_compression_method_t;
+
+#define GNUTLS_TLS1 GNUTLS_TLS1_0
+  typedef enum
+  {
+    GNUTLS_SSL3 = 1,
+    GNUTLS_TLS1_0,
+    GNUTLS_TLS1_1,
+    GNUTLS_TLS1_2,
+    GNUTLS_VERSION_UNKNOWN = 0xff
+  } gnutls_protocol_t;
+
+  typedef enum
+  {
+    GNUTLS_CRT_UNKNOWN = 0,
+    GNUTLS_CRT_X509 = 1,
+    GNUTLS_CRT_OPENPGP
+  } gnutls_certificate_type_t;
+
+  typedef enum
+  {
+    GNUTLS_PK_UNKNOWN = 0,
+    GNUTLS_PK_RSA = 1,
+    //GNUTLS_PK_DSA
+  } gnutls_pk_algorithm_t;
+
+/* get cipher spec for this connection */
+gnutls_cipher_algorithm_t MHDS_get_session_cipher (struct MHD_Connection * session );
+
+gnutls_kx_algorithm_t MHDS_get_session_kx (struct MHD_Connection * session );
+gnutls_mac_algorithm_t MHDS_get_session_mac (struct MHD_Connection * session );
+gnutls_compression_method_t MHDS_get_session_compression (struct MHD_Connection * session );
+gnutls_certificate_type_t MHDS_get_session_cert_type (struct MHD_Connection * session );
+
+//TODO impl
+size_t MHDS_get_key_size (struct MHD_Daemon * daemon, gnutls_cipher_algorithm_t algorithm);
+size_t MHDS_get_mac_key_size (struct MHD_Daemon * daemon, gnutls_mac_algorithm_t algorithm);
+
+#endif
+
diff --git a/src/testcurl/https/Makefile.am b/src/testcurl/https/Makefile.am
index 4dab41dc..cfa51a56 100644
--- a/src/testcurl/https/Makefile.am
+++ b/src/testcurl/https/Makefile.am
@@ -1,24 +1,31 @@
 SUBDIRS = .
 
 AM_CPPFLAGS = \
+-I$(top_srcdir)/src/include \
 -I$(top_srcdir)/src/daemon/https/includes \
--I$(top_srcdir)/src/daemon \
--I$(top_srcdir)/src/include
+-I$(top_srcdir)/src/daemon
+
 
 check_PROGRAMS = \
-  daemon_https_test_get \
-  mhds_test_session_info
+  mhds_get_test \
+  mhds_session_info_test
 
 TESTS = $(check_PROGRAMS)
 
-daemon_https_test_get_SOURCES = \
-  daemon_https_test_get.c
-daemon_https_test_get_LDADD  = \
+mhds_get_test_SOURCES = \
+  mhds_get_test.c
+mhds_get_test_LDADD  = \
   $(top_builddir)/src/daemon/libmicrohttpd.la \
   @LIBCURL@
   
-mhds_test_session_info_SOURCES = \
-  mhds_test_session_info.c
-mhds_test_session_info_LDADD  = \
+mhds_session_info_test_SOURCES = \
+  mhds_session_info_test.c
+mhds_session_info_test_LDADD  = \
   $(top_builddir)/src/daemon/libmicrohttpd.la \
   @LIBCURL@
+  
+mhds_multi_daemon_test_SOURCES = \
+  mhds_multi_daemon_test.c
+mhds_multi_daemon_test_LDADD  = \
+  $(top_builddir)/src/daemon/libmicrohttpd.la \
+  @LIBCURL@  
diff --git a/src/testcurl/https/daemon_https_test_get.c b/src/testcurl/https/mhds_multi_daemon_test.c
index 981fc705..0652201c 100644
--- a/src/testcurl/https/daemon_https_test_get.c
+++ b/src/testcurl/https/mhds_multi_daemon_test.c
@@ -19,14 +19,14 @@
  */
 
 /**
- * @file daemon_HTTPS_test_get.c
+ * @file mhds_multi_daemon_test.c
  * @brief  Testcase for libmicrohttpd GET operations
  * @author Sagie Amir
  */
 
 #include "config.h"
 #include "plibc.h"
-#include "microhttpd.h"
+#include "microhttpsd.h"
 #include <errno.h>
 
 #include <curl/curl.h>
@@ -134,7 +134,6 @@ http_ahc (void *cls, struct MHD_Connection *connection,
           const char *version, unsigned int *upload_data_size, void **ptr)
 {
   static int aptr;
-  static char full_url[MAX_URL_LEN];
   struct MHD_Response *response;
   int ret;
   FILE *file;
@@ -178,7 +177,8 @@ http_ahc (void *cls, struct MHD_Connection *connection,
  * @param test_fd: file to attempt transfering
  */
 static int
-test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version)
+test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version,
+                 int port)
 {
   CURL *c;
   struct CBC cbc;
@@ -215,11 +215,11 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version)
   cbc.pos = 0;
 
   /* construct url - this might use doc_path */
-  sprintf (url, "%s%s/%s", "https://localhost:42433",
-           doc_path, test_file_name);
+  sprintf (url, "%s:%d%s/%s", "https://localhost", port, doc_path,
+           test_file_name);
 
   c = curl_easy_init ();
-  // curl_easy_setopt (c, CURLOPT_VERBOSE, 1);
+  curl_easy_setopt (c, CURLOPT_VERBOSE, 1);
   curl_easy_setopt (c, CURLOPT_URL, url);
   curl_easy_setopt (c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
   curl_easy_setopt (c, CURLOPT_TIMEOUT, 10L);
@@ -260,80 +260,51 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version)
   return 0;
 }
 
-/* perform a HTTP GET request via SSL/TLS */
+/*
+ * assert initiating two separate daemons and having one shut down
+ * doesn't affect the other
+ */
 int
-test_secure_get (FILE * test_fd, char *cipher_suite, int proto_version)
+test_concurent_daemon_pair (FILE * test_fd, char *cipher_suite,
+                            int proto_version)
 {
 
   int ret;
-  struct MHD_Daemon *d;
-  d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
-                        MHD_USE_DEBUG, 42433,
-                        NULL, NULL, &http_ahc, NULL,
-                        MHD_OPTION_HTTPS_MEM_KEY, key_pem,
-                        MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END);
-
-  if (d == NULL)
+  struct MHD_Daemon *d1;
+  struct MHD_Daemon *d2;
+  d1 = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
+                         MHD_USE_DEBUG, 42433,
+                         NULL, NULL, &http_ahc, NULL,
+                         MHD_OPTION_HTTPS_MEM_KEY, key_pem,
+                         MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END);
+
+  if (d1 == NULL)
     {
       fprintf (stderr, MHD_E_SERVER_INIT);
       return -1;
     }
 
-  ret = test_daemon_get (test_fd, cipher_suite, proto_version);
-  MHD_stop_daemon (d);
-  return ret;
-}
-
-/* test server works with key & certificate files */
-int
-test_file_certificates (FILE * test_fd, char *cipher_suite, int proto_version)
-{
-  int ret;
-  struct MHD_Daemon *d;
-  FILE *cert_fd, *key_fd;
-  char cert_path[255], key_path[255];
-
-  sprintf (cert_path, "%s/%s", get_current_dir_name (), "cert.pem");
-  sprintf (key_path, "%s/%s", get_current_dir_name (), "key.pem");
-
-  if (NULL == (key_fd = fopen (key_path, "w+")))
-    {
-      fprintf (stderr, MHD_E_KEY_FILE_CREAT);
-      return -1;
-    }
-  if (NULL == (cert_fd = fopen (cert_path, "w+")))
-    {
-      fprintf (stderr, MHD_E_CERT_FILE_CREAT);
-      return -1;
-    }
-
-  fwrite (key_pem, strlen (key_pem), sizeof (char), key_fd);
-  fwrite (cert_pem, strlen (cert_pem), sizeof (char), cert_fd);
-  fclose (key_fd);
-  fclose (cert_fd);
-
-  d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
-                        MHD_USE_DEBUG, 42433,
-                        NULL, NULL, &http_ahc, NULL,
-                        MHD_OPTION_HTTPS_KEY_PATH, key_path,
-                        MHD_OPTION_HTTPS_CERT_PATH, cert_path,
-                        MHD_OPTION_END);
+  d2 = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
+                         MHD_USE_DEBUG, 42434,
+                         NULL, NULL, &http_ahc, NULL,
+                         MHD_OPTION_HTTPS_MEM_KEY, key_pem,
+                         MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END);
 
-  if (d == NULL)
+  if (d2 == NULL)
     {
       fprintf (stderr, MHD_E_SERVER_INIT);
       return -1;
     }
 
-  ret = test_daemon_get (test_fd, cipher_suite, proto_version);
-  MHD_stop_daemon (d);
+  ret += test_daemon_get (test_fd, cipher_suite, proto_version, 42433);
+  ret += test_daemon_get (test_fd, cipher_suite, proto_version, 42434);
 
-  remove (cert_path);
-  remove (key_path);
+  MHD_stop_daemon (d2);
+  ret += test_daemon_get (test_fd, cipher_suite, proto_version, 42433);
+  MHD_stop_daemon (d1);
   return ret;
 }
 
-/* setup a temporary transfer test file */
 FILE *
 setupTestFile ()
 {
@@ -383,11 +354,7 @@ main (int argc, char *const *argv)
     }
 
   errorCount +=
-    test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1);
-  errorCount +=
-    test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_SSLv3);
-  errorCount +=
-    test_file_certificates (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1);
+    test_concurent_daemon_pair (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1);
 
   if (errorCount != 0)
     fprintf (stderr, "Error (code: %u)\n", errorCount);
diff --git a/src/testcurl/https/mhds_test_session_info.c b/src/testcurl/https/mhds_test_session_info.c
deleted file mode 100644
index 35266a19..00000000
--- a/src/testcurl/https/mhds_test_session_info.c
+++ /dev/null
@@ -1,238 +0,0 @@
-/*
- This file is part of libmicrohttpd
- (C) 2007 Christian Grothoff
-
- libmicrohttpd is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published
- by the Free Software Foundation; either version 2, or (at your
- option) any later version.
-
- libmicrohttpd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with libmicrohttpd; see the file COPYING.  If not, write to the
- Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- Boston, MA 02111-1307, USA.
- */
-
-/**
- * @file mhds_test_session_info.c
- * @brief  Testcase for libmicrohttpd GET operations
- * @author Sagie Amir
- */
-
-#include "config.h"
-#include "plibc.h"
-#include "microhttpd.h"
-#include <errno.h>
-
-#include <curl/curl.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <fcntl.h>
-#include <unistd.h>
-
-#define BUF_SIZE 1024
-#define MAX_URL_LEN 255
-
-#define EMPTY_PAGE "<html><head><title>Empty page</title></head><body>Empty page</body></html>"
-
-/* Test Certificate */
-const char cert_pem[] =
-  "-----BEGIN CERTIFICATE-----\n"
-  "MIICpjCCAZCgAwIBAgIESEPtjjALBgkqhkiG9w0BAQUwADAeFw0wODA2MDIxMjU0\n"
-  "MzhaFw0wOTA2MDIxMjU0NDZaMAAwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC\n"
-  "AQC03TyUvK5HmUAirRp067taIEO4bibh5nqolUoUdo/LeblMQV+qnrv/RNAMTx5X\n"
-  "fNLZ45/kbM9geF8qY0vsPyQvP4jumzK0LOJYuIwmHaUm9vbXnYieILiwCuTgjaud\n"
-  "3VkZDoQ9fteIo+6we9UTpVqZpxpbLulBMh/VsvX0cPJ1VFC7rT59o9hAUlFf9jX/\n"
-  "GmKdYI79MtgVx0OPBjmmSD6kicBBfmfgkO7bIGwlRtsIyMznxbHu6VuoX/eVxrTv\n"
-  "rmCwgEXLWRZ6ru8MQl5YfqeGXXRVwMeXU961KefbuvmEPccgCxm8FZ1C1cnDHFXh\n"
-  "siSgAzMBjC/b6KVhNQ4KnUdZAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n"
-  "BBYEFJcUvpjvE5fF/yzUshkWDpdYiQh/MAsGCSqGSIb3DQEBBQOCAQEARP7eKSB2\n"
-  "RNd6XjEjK0SrxtoTnxS3nw9sfcS7/qD1+XHdObtDFqGNSjGYFB3Gpx8fpQhCXdoN\n"
-  "8QUs3/5ZVa5yjZMQewWBgz8kNbnbH40F2y81MHITxxCe1Y+qqHWwVaYLsiOTqj2/\n"
-  "0S3QjEJ9tvklmg7JX09HC4m5QRYfWBeQLD1u8ZjA1Sf1xJriomFVyRLI2VPO2bNe\n"
-  "JDMXWuP+8kMC7gEvUnJ7A92Y2yrhu3QI3bjPk8uSpHea19Q77tul1UVBJ5g+zpH3\n"
-  "OsF5p0MyaVf09GTzcLds5nE/osTdXGUyHJapWReVmPm3Zn6gqYlnzD99z+DPIgIV\n"
-  "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n";
-
-const char key_pem[] =
-  "-----BEGIN RSA PRIVATE KEY-----\n"
-  "MIIEowIBAAKCAQEAtN08lLyuR5lAIq0adOu7WiBDuG4m4eZ6qJVKFHaPy3m5TEFf\n"
-  "qp67/0TQDE8eV3zS2eOf5GzPYHhfKmNL7D8kLz+I7psytCziWLiMJh2lJvb2152I\n"
-  "niC4sArk4I2rnd1ZGQ6EPX7XiKPusHvVE6VamacaWy7pQTIf1bL19HDydVRQu60+\n"
-  "faPYQFJRX/Y1/xpinWCO/TLYFcdDjwY5pkg+pInAQX5n4JDu2yBsJUbbCMjM58Wx\n"
-  "7ulbqF/3lca0765gsIBFy1kWeq7vDEJeWH6nhl10VcDHl1PetSnn27r5hD3HIAsZ\n"
-  "vBWdQtXJwxxV4bIkoAMzAYwv2+ilYTUOCp1HWQIDAQABAoIBAArOQv3R7gmqDspj\n"
-  "lDaTFOz0C4e70QfjGMX0sWnakYnDGn6DU19iv3GnX1S072ejtgc9kcJ4e8VUO79R\n"
-  "EmqpdRR7k8dJr3RTUCyjzf/C+qiCzcmhCFYGN3KRHA6MeEnkvRuBogX4i5EG1k5l\n"
-  "/5t+YBTZBnqXKWlzQLKoUAiMLPg0eRWh+6q7H4N7kdWWBmTpako7TEqpIwuEnPGx\n"
-  "u3EPuTR+LN6lF55WBePbCHccUHUQaXuav18NuDkcJmCiMArK9SKb+h0RqLD6oMI/\n"
-  "dKD6n8cZXeMBkK+C8U/K0sN2hFHACsu30b9XfdnljgP9v+BP8GhnB0nCB6tNBCPo\n"
-  "32srOwECgYEAxWh3iBT4lWqL6bZavVbnhmvtif4nHv2t2/hOs/CAq8iLAw0oWGZc\n"
-  "+JEZTUDMvFRlulr0kcaWra+4fN3OmJnjeuFXZq52lfMgXBIKBmoSaZpIh2aDY1Rd\n"
-  "RbEse7nQl9hTEPmYspiXLGtnAXW7HuWqVfFFP3ya8rUS3t4d07Hig8ECgYEA6ou6\n"
-  "OHiBRTbtDqLIv8NghARc/AqwNWgEc9PelCPe5bdCOLBEyFjqKiT2MttnSSUc2Zob\n"
-  "XhYkHC6zN1Mlq30N0e3Q61YK9LxMdU1vsluXxNq2rfK1Scb1oOlOOtlbV3zA3VRF\n"
-  "hV3t1nOA9tFmUrwZi0CUMWJE/zbPAyhwWotKyZkCgYEAh0kFicPdbABdrCglXVae\n"
-  "SnfSjVwYkVuGd5Ze0WADvjYsVkYBHTvhgRNnRJMg+/vWz3Sf4Ps4rgUbqK8Vc20b\n"
-  "AU5G6H6tlCvPRGm0ZxrwTWDHTcuKRVs+pJE8C/qWoklE/AAhjluWVoGwUMbPGuiH\n"
-  "6Gf1bgHF6oj/Sq7rv/VLZ8ECgYBeq7ml05YyLuJutuwa4yzQ/MXfghzv4aVyb0F3\n"
-  "QCdXR6o2IYgR6jnSewrZKlA9aPqFJrwHNR6sNXlnSmt5Fcf/RWO/qgJQGLUv3+rG\n"
-  "7kuLTNDR05azSdiZc7J89ID3Bkb+z2YkV+6JUiPq/Ei1+nDBEXb/m+/HqALU/nyj\n"
-  "P3gXeQKBgBusb8Rbd+KgxSA0hwY6aoRTPRt8LNvXdsB9vRcKKHUFQvxUWiUSS+L9\n"
-  "/Qu1sJbrUquKOHqksV5wCnWnAKyJNJlhHuBToqQTgKXjuNmVdYSe631saiI7PHyC\n"
-  "eRJ6DxULPxABytJrYCRrNqmXi5TCiqR2mtfalEMOPxz8rUU8dYyx\n"
-  "-----END RSA PRIVATE KEY-----\n";
-
-struct MHD_Daemon *d;
-
-struct CBC
-{
-  char *buf;
-  size_t pos;
-  size_t size;
-};
-
-static size_t
-copyBuffer (void *ptr, size_t size, size_t nmemb, void *ctx)
-{
-  struct CBC *cbc = ctx;
-
-  if (cbc->pos + size * nmemb > cbc->size)
-    return 0;                   /* overflow */
-  memcpy (&cbc->buf[cbc->pos], ptr, size * nmemb);
-  cbc->pos += size * nmemb;
-  return size * nmemb;
-}
-
-/* HTTP access handler call back */
-static int
-query_session_ahc (void *cls, struct MHD_Connection *connection,
-                   const char *url, const char *method,
-                   const char *upload_data, const char *version,
-                   unsigned int *upload_data_size, void **ptr)
-{
-  struct MHD_Response *response;
-  int ret;
-
-  /* assert actual connection cipher is the one negotiated */
-  if (MHDS_get_session_cipher (connection) != GNUTLS_CIPHER_AES_256_CBC)
-    {
-      fprintf (stderr, "Error: requested cipher mismatch. %s\n",
-               strerror (errno));
-      return -1;
-    }
-
-  // TODO should these be hard coded into the server ?
-  if (MHDS_get_session_mac (connection) != GNUTLS_MAC_SHA1)
-    {
-      fprintf (stderr, "Error: requested mac algorithm mismatch. %s\n",
-               strerror (errno));
-      return -1;
-    }
-  if (MHDS_get_session_compression (connection) != GNUTLS_COMP_NULL)
-    {
-      fprintf (stderr, "Error: requested compression mismatch. %s\n",
-               strerror (errno));
-      return -1;
-    }
-  if (MHDS_get_session_cert_type (connection) != GNUTLS_CRT_X509)
-    {
-      fprintf (stderr, "Error: requested certificate mismatch. %s\n",
-               strerror (errno));
-      return -1;
-    }
-
-  response = MHD_create_response_from_data (strlen (EMPTY_PAGE),
-                                            (void *) EMPTY_PAGE,
-                                            MHD_NO, MHD_NO);
-  ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
-  MHD_destroy_response (response);
-  return ret;
-}
-
-static int
-test_query_session ()
-{
-
-  CURL *c;
-  struct CBC cbc;
-  CURLcode errornum;
-  char url[] = "https://localhost:42433/";
-
-  if (NULL == (cbc.buf = malloc (sizeof (char) * 255)))
-    return 16;
-  cbc.size = 255;
-  cbc.pos = 0;
-
-  /* setup test */
-  d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
-                        MHD_USE_DEBUG, 42433,
-                        NULL, NULL, &query_session_ahc, NULL,
-                        MHD_OPTION_HTTPS_MEM_KEY, key_pem,
-                        MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END);
-
-  if (d == NULL)
-    return 2;
-
-  c = curl_easy_init ();
-  //curl_easy_setopt (c, CURLOPT_VERBOSE, 1);
-  curl_easy_setopt (c, CURLOPT_URL, url);
-  curl_easy_setopt (c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
-  curl_easy_setopt (c, CURLOPT_TIMEOUT, 10L);
-  curl_easy_setopt (c, CURLOPT_CONNECTTIMEOUT, 10L);
-  curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, &copyBuffer);
-  curl_easy_setopt (c, CURLOPT_FILE, &cbc);
-  /* TLS options */
-  curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3);
-  curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, "AES256-SHA");
-  /* currently skip any peer authentication */
-  curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0);
-  curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0);
-
-  curl_easy_setopt (c, CURLOPT_FAILONERROR, 1);
-
-  // NOTE: use of CONNECTTIMEOUT without also
-  //   setting NOSIGNAL results in really weird
-  //   crashes on my system!
-  curl_easy_setopt (c, CURLOPT_NOSIGNAL, 1);
-  if (CURLE_OK != (errornum = curl_easy_perform (c)))
-    {
-      fprintf (stderr, "curl_easy_perform failed: `%s'\n",
-               curl_easy_strerror (errornum));
-      curl_easy_cleanup (c);
-      MHD_stop_daemon (d);
-      return 4;
-    }
-
-  curl_easy_cleanup (c);
-  MHD_stop_daemon (d);
-
-  return 0;
-}
-
-int
-main (int argc, char *const *argv)
-{
-  FILE *test_fd;
-  unsigned int errorCount = 0;
-
-  if (0 != curl_global_init (CURL_GLOBAL_ALL))
-    {
-      fprintf (stderr, "Error (code: %u)\n", errorCount);
-      return 8;
-    }
-
-  errorCount += test_query_session (test_fd);
-  if (errorCount != 0)
-    fprintf (stderr, "Error (code: %u)\n", errorCount);
-
-  curl_global_cleanup ();
-
-  return errorCount != 0;
-}