Imported Upstream version 1.21upstream/1.21

76 files changed, 2573 insertions, 1155 deletions

diff --git a/src/Makefile.am b/src/Makefile.am
index 3af12e6..322a3db 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,5 +1,5 @@
 # Makefile for `wget' utility
-# Copyright (C) 1995-2011, 2015, 2018-2019 Free Software Foundation,
+# Copyright (C) 1995-2011, 2015, 2018-2020 Free Software Foundation,
 # Inc.
 
 # This program is free software; you can redistribute it and/or modify
@@ -45,7 +45,7 @@ endif
 # The following line is losing on some versions of make!
 DEFS     = @DEFS@ -DSYSTEM_WGETRC=\"$(sysconfdir)/wgetrc\" -DLOCALEDIR=\"$(localedir)\"
 
-EXTRA_DIST = css.l css.c css_.c build_info.c.in
+EXTRA_DIST = css.l css.c css_.c build_info.c.in build_info.c
 
 bin_PROGRAMS = wget
 wget_SOURCES = connect.c convert.c cookies.c ftp.c	\
@@ -62,12 +62,12 @@ wget_SOURCES = connect.c convert.c cookies.c ftp.c	\
 		exits.h version.h metalink.h xattr.h
 nodist_wget_SOURCES = version.c
 EXTRA_wget_SOURCES = iri.c
-LDADD = $(LIBOBJS) ../lib/libgnu.a $(GETADDRINFO_LIB) $(HOSTENT_LIB)\
+LDADD = $(CODE_COVERAGE_LIBS) $(LIBOBJS) ../lib/libgnu.a $(GETADDRINFO_LIB) $(HOSTENT_LIB)\
  $(INET_NTOP_LIB) $(LIBSOCKET) $(LIB_CLOCK_GETTIME) $(LIB_CRYPTO)\
  $(LIB_NANOSLEEP) $(LIB_POSIX_SPAWN) $(LIB_SELECT) $(LIBICONV) $(LIBINTL)\
  $(LIBTHREAD) $(LIBUNISTRING) $(SERVENT_LIB)
-AM_CPPFLAGS = -I$(top_builddir)/lib -I$(top_srcdir)/lib
-
+AM_CPPFLAGS = -I$(top_builddir)/lib -I$(top_srcdir)/lib $(CODE_COVERAGE_CPPFLAGS)
+AM_CFLAGS = $(WERROR_CFLAGS) $(WARN_CFLAGS) $(CODE_COVERAGE_CFLAGS)
 
 ../lib/libgnu.a:
 	cd ../lib && $(MAKE) $(AM_MAKEFLAGS)
@@ -104,7 +104,7 @@ distclean-local:
 check_LIBRARIES = libunittest.a
 libunittest_a_SOURCES = $(wget_SOURCES) build_info.c
 nodist_libunittest_a_SOURCES = version.c
-libunittest_a_CPPFLAGS = -DTESTING "-I$(top_builddir)/lib" "-I$(top_srcdir)/lib"
+libunittest_a_CPPFLAGS = -DTESTING "-I$(top_builddir)/lib" "-I$(top_srcdir)/lib" $(CODE_COVERAGE_CPPLAGS)
 libunittest_a_LIBADD = $(LIBOBJS)
 
 CLEANFILES = *~ *.bak core core.[0-9]* build_info.c version.c
diff --git a/src/Makefile.in b/src/Makefile.in
index a4f021b..3e7c745 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.16.1 from Makefile.am.
+# Makefile.in generated by automake 1.16.2 from Makefile.am.
 # @configure_input@
 
-# Copyright (C) 1994-2018 Free Software Foundation, Inc.
+# Copyright (C) 1994-2020 Free Software Foundation, Inc.
 
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,7 @@
 @SET_MAKE@
 
 # Makefile for `wget' utility
-# Copyright (C) 1995-2011, 2015, 2018-2019 Free Software Foundation,
+# Copyright (C) 1995-2011, 2015, 2018-2020 Free Software Foundation,
 # Inc.
 
 # This program is free software; you can redistribute it and/or modify
@@ -125,34 +125,45 @@ subdir = src
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/00gnulib.m4 \
 	$(top_srcdir)/m4/__inline.m4 \
-	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/af_alg.m4 \
-	$(top_srcdir)/m4/alloca.m4 $(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/access.m4 \
+	$(top_srcdir)/m4/af_alg.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
 	$(top_srcdir)/m4/asm-underscore.m4 $(top_srcdir)/m4/base32.m4 \
 	$(top_srcdir)/m4/btowc.m4 $(top_srcdir)/m4/builtin-expect.m4 \
-	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/clock_time.m4 \
-	$(top_srcdir)/m4/close.m4 $(top_srcdir)/m4/codeset.m4 \
-	$(top_srcdir)/m4/dirname.m4 \
-	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/canonicalize.m4 \
+	$(top_srcdir)/m4/chdir-long.m4 $(top_srcdir)/m4/clock_time.m4 \
+	$(top_srcdir)/m4/close.m4 $(top_srcdir)/m4/closedir.m4 \
+	$(top_srcdir)/m4/codeset.m4 $(top_srcdir)/m4/ctype.m4 \
+	$(top_srcdir)/m4/d-ino.m4 $(top_srcdir)/m4/dirent_h.m4 \
+	$(top_srcdir)/m4/dirfd.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup.m4 \
+	$(top_srcdir)/m4/dup2.m4 $(top_srcdir)/m4/eaccess.m4 \
 	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/environ.m4 \
 	$(top_srcdir)/m4/errno_h.m4 $(top_srcdir)/m4/error.m4 \
 	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
 	$(top_srcdir)/m4/extern-inline.m4 \
-	$(top_srcdir)/m4/fatal-signal.m4 $(top_srcdir)/m4/fcntl-o.m4 \
-	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
-	$(top_srcdir)/m4/fflush.m4 $(top_srcdir)/m4/flexmember.m4 \
+	$(top_srcdir)/m4/fatal-signal.m4 $(top_srcdir)/m4/fchdir.m4 \
+	$(top_srcdir)/m4/fcntl-o.m4 $(top_srcdir)/m4/fcntl.m4 \
+	$(top_srcdir)/m4/fcntl_h.m4 $(top_srcdir)/m4/fdopendir.m4 \
+	$(top_srcdir)/m4/fflush.m4 $(top_srcdir)/m4/filenamecat.m4 \
+	$(top_srcdir)/m4/findprog-in.m4 $(top_srcdir)/m4/flexmember.m4 \
 	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/flock.m4 \
 	$(top_srcdir)/m4/fnmatch.m4 $(top_srcdir)/m4/fnmatch_h.m4 \
 	$(top_srcdir)/m4/fopen.m4 $(top_srcdir)/m4/fpurge.m4 \
-	$(top_srcdir)/m4/freading.m4 $(top_srcdir)/m4/fseek.m4 \
-	$(top_srcdir)/m4/fseeko.m4 $(top_srcdir)/m4/fstat.m4 \
+	$(top_srcdir)/m4/freading.m4 $(top_srcdir)/m4/free.m4 \
+	$(top_srcdir)/m4/fseek.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/fstatat.m4 \
 	$(top_srcdir)/m4/ftell.m4 $(top_srcdir)/m4/ftello.m4 \
 	$(top_srcdir)/m4/futimens.m4 $(top_srcdir)/m4/getaddrinfo.m4 \
+	$(top_srcdir)/m4/getcwd-abort-bug.m4 \
+	$(top_srcdir)/m4/getcwd-path-max.m4 $(top_srcdir)/m4/getcwd.m4 \
 	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
 	$(top_srcdir)/m4/getgroups.m4 $(top_srcdir)/m4/getline.m4 \
-	$(top_srcdir)/m4/getopt.m4 $(top_srcdir)/m4/getpass.m4 \
-	$(top_srcdir)/m4/getprogname.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/getopt.m4 $(top_srcdir)/m4/getpagesize.m4 \
+	$(top_srcdir)/m4/getpass.m4 $(top_srcdir)/m4/getprogname.m4 \
+	$(top_srcdir)/m4/getrandom.m4 $(top_srcdir)/m4/gettext.m4 \
 	$(top_srcdir)/m4/gettime.m4 $(top_srcdir)/m4/gettimeofday.m4 \
-	$(top_srcdir)/m4/gl-openssl.m4 $(top_srcdir)/m4/glibc21.m4 \
+	$(top_srcdir)/m4/gl-openssl.m4 \
 	$(top_srcdir)/m4/gnulib-common.m4 \
 	$(top_srcdir)/m4/gnulib-comp.m4 \
 	$(top_srcdir)/m4/group-member.m4 \
@@ -160,9 +171,10 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/00gnulib.m4 \
 	$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/iconv_h.m4 \
 	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
 	$(top_srcdir)/m4/inline.m4 $(top_srcdir)/m4/intlmacosx.m4 \
-	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes-pri.m4 \
-	$(top_srcdir)/m4/inttypes.m4 $(top_srcdir)/m4/inttypes_h.m4 \
-	$(top_srcdir)/m4/ioctl.m4 $(top_srcdir)/m4/iswblank.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/ioctl.m4 \
+	$(top_srcdir)/m4/isblank.m4 $(top_srcdir)/m4/iswblank.m4 \
+	$(top_srcdir)/m4/iswdigit.m4 $(top_srcdir)/m4/iswxdigit.m4 \
 	$(top_srcdir)/m4/langinfo_h.m4 $(top_srcdir)/m4/largefile.m4 \
 	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
 	$(top_srcdir)/m4/lib-prefix.m4 \
@@ -172,16 +184,15 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/00gnulib.m4 \
 	$(top_srcdir)/m4/link.m4 $(top_srcdir)/m4/localcharset.m4 \
 	$(top_srcdir)/m4/locale-fr.m4 $(top_srcdir)/m4/locale-ja.m4 \
 	$(top_srcdir)/m4/locale-zh.m4 $(top_srcdir)/m4/locale_h.m4 \
-	$(top_srcdir)/m4/localeconv.m4 \
-	$(top_srcdir)/m4/localtime-buffer.m4 $(top_srcdir)/m4/lock.m4 \
-	$(top_srcdir)/m4/longlong.m4 $(top_srcdir)/m4/lseek.m4 \
-	$(top_srcdir)/m4/lstat.m4 $(top_srcdir)/m4/malloc.m4 \
-	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/mbchar.m4 \
-	$(top_srcdir)/m4/mbiter.m4 $(top_srcdir)/m4/mbrtowc.m4 \
-	$(top_srcdir)/m4/mbsinit.m4 $(top_srcdir)/m4/mbsrtowcs.m4 \
-	$(top_srcdir)/m4/mbstate_t.m4 $(top_srcdir)/m4/mbtowc.m4 \
-	$(top_srcdir)/m4/md4.m4 $(top_srcdir)/m4/md5.m4 \
-	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memrchr.m4 \
+	$(top_srcdir)/m4/localeconv.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/lstat.m4 \
+	$(top_srcdir)/m4/malloc.m4 $(top_srcdir)/m4/malloca.m4 \
+	$(top_srcdir)/m4/mbchar.m4 $(top_srcdir)/m4/mbiter.m4 \
+	$(top_srcdir)/m4/mbrtowc.m4 $(top_srcdir)/m4/mbsinit.m4 \
+	$(top_srcdir)/m4/mbsrtowcs.m4 $(top_srcdir)/m4/mbstate_t.m4 \
+	$(top_srcdir)/m4/mbtowc.m4 $(top_srcdir)/m4/md4.m4 \
+	$(top_srcdir)/m4/md5.m4 $(top_srcdir)/m4/memchr.m4 \
+	$(top_srcdir)/m4/mempcpy.m4 $(top_srcdir)/m4/memrchr.m4 \
 	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mkdir.m4 \
 	$(top_srcdir)/m4/mkostemp.m4 $(top_srcdir)/m4/mkstemp.m4 \
 	$(top_srcdir)/m4/mktime.m4 $(top_srcdir)/m4/mmap-anon.m4 \
@@ -191,30 +202,38 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/00gnulib.m4 \
 	$(top_srcdir)/m4/netinet_in_h.m4 \
 	$(top_srcdir)/m4/nl_langinfo.m4 $(top_srcdir)/m4/nls.m4 \
 	$(top_srcdir)/m4/nocrash.m4 $(top_srcdir)/m4/off_t.m4 \
-	$(top_srcdir)/m4/open-cloexec.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/openat.m4 $(top_srcdir)/m4/opendir.m4 \
 	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pipe.m4 \
 	$(top_srcdir)/m4/pipe2.m4 $(top_srcdir)/m4/po.m4 \
-	$(top_srcdir)/m4/posix_spawn.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/posix_spawn.m4 \
+	$(top_srcdir)/m4/posix_spawn_faction_addchdir.m4 \
+	$(top_srcdir)/m4/printf.m4 \
 	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
 	$(top_srcdir)/m4/quote.m4 $(top_srcdir)/m4/quotearg.m4 \
 	$(top_srcdir)/m4/raise.m4 $(top_srcdir)/m4/rawmemchr.m4 \
-	$(top_srcdir)/m4/regex.m4 $(top_srcdir)/m4/sched_h.m4 \
-	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/select.m4 \
-	$(top_srcdir)/m4/servent.m4 $(top_srcdir)/m4/sh-filename.m4 \
-	$(top_srcdir)/m4/sha1.m4 $(top_srcdir)/m4/sha256.m4 \
-	$(top_srcdir)/m4/sha512.m4 $(top_srcdir)/m4/sig_atomic_t.m4 \
-	$(top_srcdir)/m4/sigaction.m4 $(top_srcdir)/m4/signal_h.m4 \
+	$(top_srcdir)/m4/readdir.m4 $(top_srcdir)/m4/readlink.m4 \
+	$(top_srcdir)/m4/realloc.m4 $(top_srcdir)/m4/regex.m4 \
+	$(top_srcdir)/m4/rewinddir.m4 $(top_srcdir)/m4/save-cwd.m4 \
+	$(top_srcdir)/m4/sched_h.m4 $(top_srcdir)/m4/secure_getenv.m4 \
+	$(top_srcdir)/m4/select.m4 $(top_srcdir)/m4/servent.m4 \
+	$(top_srcdir)/m4/setlocale_null.m4 \
+	$(top_srcdir)/m4/sh-filename.m4 $(top_srcdir)/m4/sha1.m4 \
+	$(top_srcdir)/m4/sha256.m4 $(top_srcdir)/m4/sha512.m4 \
+	$(top_srcdir)/m4/sig_atomic_t.m4 $(top_srcdir)/m4/sigaction.m4 \
+	$(top_srcdir)/m4/signal_h.m4 \
 	$(top_srcdir)/m4/signalblocking.m4 $(top_srcdir)/m4/sigpipe.m4 \
 	$(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/snprintf.m4 \
 	$(top_srcdir)/m4/socketlib.m4 $(top_srcdir)/m4/sockets.m4 \
 	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
 	$(top_srcdir)/m4/spawn-pipe.m4 $(top_srcdir)/m4/spawn_h.m4 \
 	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
-	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/std-gnu11.m4 \
-	$(top_srcdir)/m4/stdalign.m4 $(top_srcdir)/m4/stdbool.m4 \
-	$(top_srcdir)/m4/stddef_h.m4 $(top_srcdir)/m4/stdint.m4 \
-	$(top_srcdir)/m4/stdint_h.m4 $(top_srcdir)/m4/stdio_h.m4 \
-	$(top_srcdir)/m4/stdlib_h.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
 	$(top_srcdir)/m4/strchrnul.m4 $(top_srcdir)/m4/strdup.m4 \
 	$(top_srcdir)/m4/strerror.m4 $(top_srcdir)/m4/strerror_r.m4 \
 	$(top_srcdir)/m4/string_h.m4 $(top_srcdir)/m4/strings_h.m4 \
@@ -223,6 +242,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/00gnulib.m4 \
 	$(top_srcdir)/m4/strtok_r.m4 $(top_srcdir)/m4/strtol.m4 \
 	$(top_srcdir)/m4/strtoll.m4 $(top_srcdir)/m4/symlink.m4 \
 	$(top_srcdir)/m4/sys_file_h.m4 $(top_srcdir)/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/m4/sys_random_h.m4 \
 	$(top_srcdir)/m4/sys_select_h.m4 \
 	$(top_srcdir)/m4/sys_socket_h.m4 \
 	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
@@ -236,14 +256,17 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/00gnulib.m4 \
 	$(top_srcdir)/m4/unlocked-io.m4 $(top_srcdir)/m4/utime.m4 \
 	$(top_srcdir)/m4/utime_h.m4 $(top_srcdir)/m4/utimens.m4 \
 	$(top_srcdir)/m4/utimes.m4 $(top_srcdir)/m4/vasnprintf.m4 \
-	$(top_srcdir)/m4/vasprintf.m4 $(top_srcdir)/m4/vsnprintf.m4 \
-	$(top_srcdir)/m4/wait-process.m4 $(top_srcdir)/m4/waitpid.m4 \
-	$(top_srcdir)/m4/warn-on-use.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/vasprintf.m4 $(top_srcdir)/m4/visibility.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/wait-process.m4 \
+	$(top_srcdir)/m4/waitpid.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
 	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wcrtomb.m4 \
 	$(top_srcdir)/m4/wctype_h.m4 $(top_srcdir)/m4/wcwidth.m4 \
-	$(top_srcdir)/m4/wget.m4 $(top_srcdir)/m4/wint_t.m4 \
-	$(top_srcdir)/m4/write.m4 $(top_srcdir)/m4/xalloc.m4 \
-	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/xstrndup.m4 \
+	$(top_srcdir)/m4/wget.m4 $(top_srcdir)/m4/wget_manywarnings.m4 \
+	$(top_srcdir)/m4/wint_t.m4 $(top_srcdir)/m4/wmemchr.m4 \
+	$(top_srcdir)/m4/wmempcpy.m4 $(top_srcdir)/m4/write.m4 \
+	$(top_srcdir)/m4/xalloc.m4 $(top_srcdir)/m4/xsize.m4 \
+	$(top_srcdir)/m4/xstrndup.m4 $(top_srcdir)/m4/zzgnulib.m4 \
 	$(top_srcdir)/configure.ac
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
@@ -427,8 +450,8 @@ am__can_run_installinfo = \
     n|no|NO) false;; \
     *) (install-info --version) >/dev/null 2>&1;; \
   esac
-am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \
-	$(LISP)config.h.in
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) \
+	config.h.in
 # Read a list of newline-separated strings from the standard input,
 # and print each of them once, without duplicates.  Input order is
 # *not* preserved.
@@ -475,6 +498,7 @@ CARES_LIBS = @CARES_LIBS@
 CC = @CC@
 CCDEPMODE = @CCDEPMODE@
 CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
 COMMENT_IF_NO_POD2MAN = @COMMENT_IF_NO_POD2MAN@
 CONFIG_INCLUDE = @CONFIG_INCLUDE@
 CPP = @CPP@
@@ -503,11 +527,13 @@ GETADDRINFO_LIB = @GETADDRINFO_LIB@
 GETOPT_CDEFS_H = @GETOPT_CDEFS_H@
 GETOPT_H = @GETOPT_H@
 GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
-GLIBC21 = @GLIBC21@
 GMSGFMT = @GMSGFMT@
 GMSGFMT_015 = @GMSGFMT_015@
 GNULIB_ACCEPT = @GNULIB_ACCEPT@
 GNULIB_ACCEPT4 = @GNULIB_ACCEPT4@
+GNULIB_ACCESS = @GNULIB_ACCESS@
+GNULIB_ALIGNED_ALLOC = @GNULIB_ALIGNED_ALLOC@
+GNULIB_ALPHASORT = @GNULIB_ALPHASORT@
 GNULIB_ATOLL = @GNULIB_ATOLL@
 GNULIB_BIND = @GNULIB_BIND@
 GNULIB_BTOWC = @GNULIB_BTOWC@
@@ -516,8 +542,12 @@ GNULIB_CANONICALIZE_FILE_NAME = @GNULIB_CANONICALIZE_FILE_NAME@
 GNULIB_CHDIR = @GNULIB_CHDIR@
 GNULIB_CHOWN = @GNULIB_CHOWN@
 GNULIB_CLOSE = @GNULIB_CLOSE@
+GNULIB_CLOSEDIR = @GNULIB_CLOSEDIR@
 GNULIB_CONNECT = @GNULIB_CONNECT@
+GNULIB_COPY_FILE_RANGE = @GNULIB_COPY_FILE_RANGE@
+GNULIB_CREAT = @GNULIB_CREAT@
 GNULIB_CTIME = @GNULIB_CTIME@
+GNULIB_DIRFD = @GNULIB_DIRFD@
 GNULIB_DPRINTF = @GNULIB_DPRINTF@
 GNULIB_DUP = @GNULIB_DUP@
 GNULIB_DUP2 = @GNULIB_DUP2@
@@ -525,6 +555,13 @@ GNULIB_DUP3 = @GNULIB_DUP3@
 GNULIB_DUPLOCALE = @GNULIB_DUPLOCALE@
 GNULIB_ENVIRON = @GNULIB_ENVIRON@
 GNULIB_EUIDACCESS = @GNULIB_EUIDACCESS@
+GNULIB_EXECL = @GNULIB_EXECL@
+GNULIB_EXECLE = @GNULIB_EXECLE@
+GNULIB_EXECLP = @GNULIB_EXECLP@
+GNULIB_EXECV = @GNULIB_EXECV@
+GNULIB_EXECVE = @GNULIB_EXECVE@
+GNULIB_EXECVP = @GNULIB_EXECVP@
+GNULIB_EXECVPE = @GNULIB_EXECVPE@
 GNULIB_EXPLICIT_BZERO = @GNULIB_EXPLICIT_BZERO@
 GNULIB_FACCESSAT = @GNULIB_FACCESSAT@
 GNULIB_FCHDIR = @GNULIB_FCHDIR@
@@ -534,6 +571,7 @@ GNULIB_FCLOSE = @GNULIB_FCLOSE@
 GNULIB_FCNTL = @GNULIB_FCNTL@
 GNULIB_FDATASYNC = @GNULIB_FDATASYNC@
 GNULIB_FDOPEN = @GNULIB_FDOPEN@
+GNULIB_FDOPENDIR = @GNULIB_FDOPENDIR@
 GNULIB_FFLUSH = @GNULIB_FFLUSH@
 GNULIB_FFS = @GNULIB_FFS@
 GNULIB_FFSL = @GNULIB_FFSL@
@@ -549,6 +587,7 @@ GNULIB_FPURGE = @GNULIB_FPURGE@
 GNULIB_FPUTC = @GNULIB_FPUTC@
 GNULIB_FPUTS = @GNULIB_FPUTS@
 GNULIB_FREAD = @GNULIB_FREAD@
+GNULIB_FREE_POSIX = @GNULIB_FREE_POSIX@
 GNULIB_FREOPEN = @GNULIB_FREOPEN@
 GNULIB_FSCANF = @GNULIB_FSCANF@
 GNULIB_FSEEK = @GNULIB_FSEEK@
@@ -568,19 +607,23 @@ GNULIB_GETCWD = @GNULIB_GETCWD@
 GNULIB_GETDELIM = @GNULIB_GETDELIM@
 GNULIB_GETDOMAINNAME = @GNULIB_GETDOMAINNAME@
 GNULIB_GETDTABLESIZE = @GNULIB_GETDTABLESIZE@
+GNULIB_GETENTROPY = @GNULIB_GETENTROPY@
 GNULIB_GETGROUPS = @GNULIB_GETGROUPS@
 GNULIB_GETHOSTNAME = @GNULIB_GETHOSTNAME@
 GNULIB_GETLINE = @GNULIB_GETLINE@
 GNULIB_GETLOADAVG = @GNULIB_GETLOADAVG@
 GNULIB_GETLOGIN = @GNULIB_GETLOGIN@
 GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@
+GNULIB_GETOPT_POSIX = @GNULIB_GETOPT_POSIX@
 GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@
 GNULIB_GETPASS = @GNULIB_GETPASS@
 GNULIB_GETPEERNAME = @GNULIB_GETPEERNAME@
+GNULIB_GETRANDOM = @GNULIB_GETRANDOM@
 GNULIB_GETSOCKNAME = @GNULIB_GETSOCKNAME@
 GNULIB_GETSOCKOPT = @GNULIB_GETSOCKOPT@
 GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@
 GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNULIB_GETUMASK = @GNULIB_GETUMASK@
 GNULIB_GETUSERSHELL = @GNULIB_GETUSERSHELL@
 GNULIB_GL_UNISTD_H_GETOPT = @GNULIB_GL_UNISTD_H_GETOPT@
 GNULIB_GRANTPT = @GNULIB_GRANTPT@
@@ -592,8 +635,11 @@ GNULIB_INET_NTOP = @GNULIB_INET_NTOP@
 GNULIB_INET_PTON = @GNULIB_INET_PTON@
 GNULIB_IOCTL = @GNULIB_IOCTL@
 GNULIB_ISATTY = @GNULIB_ISATTY@
+GNULIB_ISBLANK = @GNULIB_ISBLANK@
 GNULIB_ISWBLANK = @GNULIB_ISWBLANK@
 GNULIB_ISWCTYPE = @GNULIB_ISWCTYPE@
+GNULIB_ISWDIGIT = @GNULIB_ISWDIGIT@
+GNULIB_ISWXDIGIT = @GNULIB_ISWXDIGIT@
 GNULIB_LCHMOD = @GNULIB_LCHMOD@
 GNULIB_LCHOWN = @GNULIB_LCHOWN@
 GNULIB_LINK = @GNULIB_LINK@
@@ -625,10 +671,53 @@ GNULIB_MBSSPN = @GNULIB_MBSSPN@
 GNULIB_MBSSTR = @GNULIB_MBSSTR@
 GNULIB_MBSTOK_R = @GNULIB_MBSTOK_R@
 GNULIB_MBTOWC = @GNULIB_MBTOWC@
+GNULIB_MDA_ACCESS = @GNULIB_MDA_ACCESS@
+GNULIB_MDA_CHDIR = @GNULIB_MDA_CHDIR@
+GNULIB_MDA_CHMOD = @GNULIB_MDA_CHMOD@
+GNULIB_MDA_CLOSE = @GNULIB_MDA_CLOSE@
+GNULIB_MDA_CREAT = @GNULIB_MDA_CREAT@
+GNULIB_MDA_DUP = @GNULIB_MDA_DUP@
+GNULIB_MDA_DUP2 = @GNULIB_MDA_DUP2@
+GNULIB_MDA_ECVT = @GNULIB_MDA_ECVT@
+GNULIB_MDA_EXECL = @GNULIB_MDA_EXECL@
+GNULIB_MDA_EXECLE = @GNULIB_MDA_EXECLE@
+GNULIB_MDA_EXECLP = @GNULIB_MDA_EXECLP@
+GNULIB_MDA_EXECV = @GNULIB_MDA_EXECV@
+GNULIB_MDA_EXECVE = @GNULIB_MDA_EXECVE@
+GNULIB_MDA_EXECVP = @GNULIB_MDA_EXECVP@
+GNULIB_MDA_EXECVPE = @GNULIB_MDA_EXECVPE@
+GNULIB_MDA_FCLOSEALL = @GNULIB_MDA_FCLOSEALL@
+GNULIB_MDA_FCVT = @GNULIB_MDA_FCVT@
+GNULIB_MDA_FDOPEN = @GNULIB_MDA_FDOPEN@
+GNULIB_MDA_FILENO = @GNULIB_MDA_FILENO@
+GNULIB_MDA_GCVT = @GNULIB_MDA_GCVT@
+GNULIB_MDA_GETCWD = @GNULIB_MDA_GETCWD@
+GNULIB_MDA_GETPID = @GNULIB_MDA_GETPID@
+GNULIB_MDA_GETW = @GNULIB_MDA_GETW@
+GNULIB_MDA_ISATTY = @GNULIB_MDA_ISATTY@
+GNULIB_MDA_LSEEK = @GNULIB_MDA_LSEEK@
+GNULIB_MDA_MEMCCPY = @GNULIB_MDA_MEMCCPY@
+GNULIB_MDA_MKDIR = @GNULIB_MDA_MKDIR@
+GNULIB_MDA_MKTEMP = @GNULIB_MDA_MKTEMP@
+GNULIB_MDA_OPEN = @GNULIB_MDA_OPEN@
+GNULIB_MDA_PUTENV = @GNULIB_MDA_PUTENV@
+GNULIB_MDA_PUTW = @GNULIB_MDA_PUTW@
+GNULIB_MDA_READ = @GNULIB_MDA_READ@
+GNULIB_MDA_RMDIR = @GNULIB_MDA_RMDIR@
+GNULIB_MDA_STRDUP = @GNULIB_MDA_STRDUP@
+GNULIB_MDA_SWAB = @GNULIB_MDA_SWAB@
+GNULIB_MDA_TEMPNAM = @GNULIB_MDA_TEMPNAM@
+GNULIB_MDA_TZSET = @GNULIB_MDA_TZSET@
+GNULIB_MDA_UMASK = @GNULIB_MDA_UMASK@
+GNULIB_MDA_UNLINK = @GNULIB_MDA_UNLINK@
+GNULIB_MDA_UTIME = @GNULIB_MDA_UTIME@
+GNULIB_MDA_WCSDUP = @GNULIB_MDA_WCSDUP@
+GNULIB_MDA_WRITE = @GNULIB_MDA_WRITE@
 GNULIB_MEMCHR = @GNULIB_MEMCHR@
 GNULIB_MEMMEM = @GNULIB_MEMMEM@
 GNULIB_MEMPCPY = @GNULIB_MEMPCPY@
 GNULIB_MEMRCHR = @GNULIB_MEMRCHR@
+GNULIB_MKDIR = @GNULIB_MKDIR@
 GNULIB_MKDIRAT = @GNULIB_MKDIRAT@
 GNULIB_MKDTEMP = @GNULIB_MKDTEMP@
 GNULIB_MKFIFO = @GNULIB_MKFIFO@
@@ -647,6 +736,7 @@ GNULIB_OBSTACK_PRINTF = @GNULIB_OBSTACK_PRINTF@
 GNULIB_OBSTACK_PRINTF_POSIX = @GNULIB_OBSTACK_PRINTF_POSIX@
 GNULIB_OPEN = @GNULIB_OPEN@
 GNULIB_OPENAT = @GNULIB_OPENAT@
+GNULIB_OPENDIR = @GNULIB_OPENDIR@
 GNULIB_OVERRIDES_STRUCT_STAT = @GNULIB_OVERRIDES_STRUCT_STAT@
 GNULIB_OVERRIDES_WINT_T = @GNULIB_OVERRIDES_WINT_T@
 GNULIB_PCLOSE = @GNULIB_PCLOSE@
@@ -654,6 +744,7 @@ GNULIB_PERROR = @GNULIB_PERROR@
 GNULIB_PIPE = @GNULIB_PIPE@
 GNULIB_PIPE2 = @GNULIB_PIPE2@
 GNULIB_POPEN = @GNULIB_POPEN@
+GNULIB_POSIX_MEMALIGN = @GNULIB_POSIX_MEMALIGN@
 GNULIB_POSIX_OPENPT = @GNULIB_POSIX_OPENPT@
 GNULIB_POSIX_SPAWN = @GNULIB_POSIX_SPAWN@
 GNULIB_POSIX_SPAWNATTR_DESTROY = @GNULIB_POSIX_SPAWNATTR_DESTROY@
@@ -674,6 +765,7 @@ GNULIB_POSIX_SPAWNP = @GNULIB_POSIX_SPAWNP@
 GNULIB_POSIX_SPAWN_FILE_ACTIONS_ADDCHDIR = @GNULIB_POSIX_SPAWN_FILE_ACTIONS_ADDCHDIR@
 GNULIB_POSIX_SPAWN_FILE_ACTIONS_ADDCLOSE = @GNULIB_POSIX_SPAWN_FILE_ACTIONS_ADDCLOSE@
 GNULIB_POSIX_SPAWN_FILE_ACTIONS_ADDDUP2 = @GNULIB_POSIX_SPAWN_FILE_ACTIONS_ADDDUP2@
+GNULIB_POSIX_SPAWN_FILE_ACTIONS_ADDFCHDIR = @GNULIB_POSIX_SPAWN_FILE_ACTIONS_ADDFCHDIR@
 GNULIB_POSIX_SPAWN_FILE_ACTIONS_ADDOPEN = @GNULIB_POSIX_SPAWN_FILE_ACTIONS_ADDOPEN@
 GNULIB_POSIX_SPAWN_FILE_ACTIONS_DESTROY = @GNULIB_POSIX_SPAWN_FILE_ACTIONS_DESTROY@
 GNULIB_POSIX_SPAWN_FILE_ACTIONS_INIT = @GNULIB_POSIX_SPAWN_FILE_ACTIONS_INIT@
@@ -695,6 +787,7 @@ GNULIB_RANDOM = @GNULIB_RANDOM@
 GNULIB_RANDOM_R = @GNULIB_RANDOM_R@
 GNULIB_RAWMEMCHR = @GNULIB_RAWMEMCHR@
 GNULIB_READ = @GNULIB_READ@
+GNULIB_READDIR = @GNULIB_READDIR@
 GNULIB_READLINK = @GNULIB_READLINK@
 GNULIB_READLINKAT = @GNULIB_READLINKAT@
 GNULIB_REALLOCARRAY = @GNULIB_REALLOCARRAY@
@@ -705,9 +798,12 @@ GNULIB_RECVFROM = @GNULIB_RECVFROM@
 GNULIB_REMOVE = @GNULIB_REMOVE@
 GNULIB_RENAME = @GNULIB_RENAME@
 GNULIB_RENAMEAT = @GNULIB_RENAMEAT@
+GNULIB_REWINDDIR = @GNULIB_REWINDDIR@
 GNULIB_RMDIR = @GNULIB_RMDIR@
 GNULIB_RPMATCH = @GNULIB_RPMATCH@
+GNULIB_SCANDIR = @GNULIB_SCANDIR@
 GNULIB_SCANF = @GNULIB_SCANF@
+GNULIB_SCHED_YIELD = @GNULIB_SCHED_YIELD@
 GNULIB_SECURE_GETENV = @GNULIB_SECURE_GETENV@
 GNULIB_SELECT = @GNULIB_SELECT@
 GNULIB_SEND = @GNULIB_SEND@
@@ -715,9 +811,12 @@ GNULIB_SENDTO = @GNULIB_SENDTO@
 GNULIB_SETENV = @GNULIB_SETENV@
 GNULIB_SETHOSTNAME = @GNULIB_SETHOSTNAME@
 GNULIB_SETLOCALE = @GNULIB_SETLOCALE@
+GNULIB_SETLOCALE_NULL = @GNULIB_SETLOCALE_NULL@
 GNULIB_SETSOCKOPT = @GNULIB_SETSOCKOPT@
 GNULIB_SHUTDOWN = @GNULIB_SHUTDOWN@
+GNULIB_SIGABBREV_NP = @GNULIB_SIGABBREV_NP@
 GNULIB_SIGACTION = @GNULIB_SIGACTION@
+GNULIB_SIGDESCR_NP = @GNULIB_SIGDESCR_NP@
 GNULIB_SIGNAL_H_SIGPIPE = @GNULIB_SIGNAL_H_SIGPIPE@
 GNULIB_SIGPROCMASK = @GNULIB_SIGPROCMASK@
 GNULIB_SLEEP = @GNULIB_SLEEP@
@@ -733,6 +832,7 @@ GNULIB_STRCASESTR = @GNULIB_STRCASESTR@
 GNULIB_STRCHRNUL = @GNULIB_STRCHRNUL@
 GNULIB_STRDUP = @GNULIB_STRDUP@
 GNULIB_STRERROR = @GNULIB_STRERROR@
+GNULIB_STRERRORNAME_NP = @GNULIB_STRERRORNAME_NP@
 GNULIB_STRERROR_R = @GNULIB_STRERROR_R@
 GNULIB_STRFTIME = @GNULIB_STRFTIME@
 GNULIB_STRNCAT = @GNULIB_STRNCAT@
@@ -782,6 +882,7 @@ GNULIB_VSCANF = @GNULIB_VSCANF@
 GNULIB_VSNPRINTF = @GNULIB_VSNPRINTF@
 GNULIB_VSPRINTF_POSIX = @GNULIB_VSPRINTF_POSIX@
 GNULIB_WAITPID = @GNULIB_WAITPID@
+GNULIB_WARN_CFLAGS = @GNULIB_WARN_CFLAGS@
 GNULIB_WCPCPY = @GNULIB_WCPCPY@
 GNULIB_WCPNCPY = @GNULIB_WCPNCPY@
 GNULIB_WCRTOMB = @GNULIB_WCRTOMB@
@@ -818,6 +919,7 @@ GNULIB_WMEMCHR = @GNULIB_WMEMCHR@
 GNULIB_WMEMCMP = @GNULIB_WMEMCMP@
 GNULIB_WMEMCPY = @GNULIB_WMEMCPY@
 GNULIB_WMEMMOVE = @GNULIB_WMEMMOVE@
+GNULIB_WMEMPCPY = @GNULIB_WMEMPCPY@
 GNULIB_WMEMSET = @GNULIB_WMEMSET@
 GNULIB_WRITE = @GNULIB_WRITE@
 GNULIB__EXIT = @GNULIB__EXIT@
@@ -828,22 +930,33 @@ GPGME_CONFIG = @GPGME_CONFIG@
 GPGME_LIBS = @GPGME_LIBS@
 GREP = @GREP@
 HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
 HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ALPHASORT = @HAVE_ALPHASORT@
 HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
 HAVE_ATOLL = @HAVE_ATOLL@
 HAVE_BTOWC = @HAVE_BTOWC@
 HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
 HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
 HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_CLOSEDIR = @HAVE_CLOSEDIR@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
 HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_DIRFD = @HAVE_DECL_DIRFD@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
 HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
 HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
 HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FDOPENDIR = @HAVE_DECL_FDOPENDIR@
 HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
 HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
 HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
 HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
 HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
 HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
 HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
 HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
@@ -880,13 +993,15 @@ HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
 HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
 HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
 HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
 HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
 HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DIRENT_H = @HAVE_DIRENT_H@
 HAVE_DPRINTF = @HAVE_DPRINTF@
-HAVE_DUP2 = @HAVE_DUP2@
 HAVE_DUP3 = @HAVE_DUP3@
 HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
 HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
 HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
 HAVE_FACCESSAT = @HAVE_FACCESSAT@
 HAVE_FCHDIR = @HAVE_FCHDIR@
@@ -894,6 +1009,7 @@ HAVE_FCHMODAT = @HAVE_FCHMODAT@
 HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
 HAVE_FCNTL = @HAVE_FCNTL@
 HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FDOPENDIR = @HAVE_FDOPENDIR@
 HAVE_FEATURES_H = @HAVE_FEATURES_H@
 HAVE_FFS = @HAVE_FFS@
 HAVE_FFSL = @HAVE_FFSL@
@@ -909,19 +1025,23 @@ HAVE_FTELLO = @HAVE_FTELLO@
 HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
 HAVE_FUTIMENS = @HAVE_FUTIMENS@
 HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
 HAVE_GETGROUPS = @HAVE_GETGROUPS@
 HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
 HAVE_GETLOGIN = @HAVE_GETLOGIN@
 HAVE_GETOPT_H = @HAVE_GETOPT_H@
 HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
 HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETRANDOM = @HAVE_GETRANDOM@
 HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
 HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
 HAVE_GRANTPT = @HAVE_GRANTPT@
 HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
 HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
 HAVE_INITSTATE = @HAVE_INITSTATE@
 HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
 HAVE_ISWBLANK = @HAVE_ISWBLANK@
 HAVE_ISWCNTRL = @HAVE_ISWCNTRL@
 HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
@@ -937,7 +1057,6 @@ HAVE_LIBSSL = @HAVE_LIBSSL@
 HAVE_LIBUNISTRING = @HAVE_LIBUNISTRING@
 HAVE_LINK = @HAVE_LINK@
 HAVE_LINKAT = @HAVE_LINKAT@
-HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@
 HAVE_LSTAT = @HAVE_LSTAT@
 HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
 HAVE_MBRLEN = @HAVE_MBRLEN@
@@ -947,7 +1066,6 @@ HAVE_MBSLEN = @HAVE_MBSLEN@
 HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
 HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
 HAVE_MBTOWC = @HAVE_MBTOWC@
-HAVE_MEMCHR = @HAVE_MEMCHR@
 HAVE_MEMPCPY = @HAVE_MEMPCPY@
 HAVE_MKDIRAT = @HAVE_MKDIRAT@
 HAVE_MKDTEMP = @HAVE_MKDTEMP@
@@ -966,16 +1084,19 @@ HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
 HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
 HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
 HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OPENDIR = @HAVE_OPENDIR@
 HAVE_OS_H = @HAVE_OS_H@
 HAVE_PCLOSE = @HAVE_PCLOSE@
 HAVE_PIPE = @HAVE_PIPE@
 HAVE_PIPE2 = @HAVE_PIPE2@
 HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
 HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
 HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
 HAVE_POSIX_SPAWN = @HAVE_POSIX_SPAWN@
 HAVE_POSIX_SPAWNATTR_T = @HAVE_POSIX_SPAWNATTR_T@
 HAVE_POSIX_SPAWN_FILE_ACTIONS_ADDCHDIR = @HAVE_POSIX_SPAWN_FILE_ACTIONS_ADDCHDIR@
+HAVE_POSIX_SPAWN_FILE_ACTIONS_ADDFCHDIR = @HAVE_POSIX_SPAWN_FILE_ACTIONS_ADDFCHDIR@
 HAVE_POSIX_SPAWN_FILE_ACTIONS_T = @HAVE_POSIX_SPAWN_FILE_ACTIONS_T@
 HAVE_PREAD = @HAVE_PREAD@
 HAVE_PSELECT = @HAVE_PSELECT@
@@ -989,19 +1110,25 @@ HAVE_RANDOM = @HAVE_RANDOM@
 HAVE_RANDOM_H = @HAVE_RANDOM_H@
 HAVE_RANDOM_R = @HAVE_RANDOM_R@
 HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READDIR = @HAVE_READDIR@
 HAVE_READLINK = @HAVE_READLINK@
 HAVE_READLINKAT = @HAVE_READLINKAT@
 HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
 HAVE_REALPATH = @HAVE_REALPATH@
 HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_REWINDDIR = @HAVE_REWINDDIR@
 HAVE_RPMATCH = @HAVE_RPMATCH@
 HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCANDIR = @HAVE_SCANDIR@
 HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
 HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
 HAVE_SETENV = @HAVE_SETENV@
 HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
 HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
 HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
 HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
 HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
 HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
@@ -1016,6 +1143,7 @@ HAVE_STPNCPY = @HAVE_STPNCPY@
 HAVE_STRCASECMP = @HAVE_STRCASECMP@
 HAVE_STRCASESTR = @HAVE_STRCASESTR@
 HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
 HAVE_STRINGS_H = @HAVE_STRINGS_H@
 HAVE_STRPBRK = @HAVE_STRPBRK@
 HAVE_STRPTIME = @HAVE_STRPTIME@
@@ -1041,6 +1169,7 @@ HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
 HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
 HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
 HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_RANDOM_H = @HAVE_SYS_RANDOM_H@
 HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
 HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
 HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
@@ -1049,11 +1178,9 @@ HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
 HAVE_TIMEGM = @HAVE_TIMEGM@
 HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
 HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
-HAVE_TZSET = @HAVE_TZSET@
 HAVE_UNISTD_H = @HAVE_UNISTD_H@
 HAVE_UNLINKAT = @HAVE_UNLINKAT@
 HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
-HAVE_UNSIGNED_LONG_LONG_INT = @HAVE_UNSIGNED_LONG_LONG_INT@
 HAVE_USLEEP = @HAVE_USLEEP@
 HAVE_UTIME = @HAVE_UTIME@
 HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
@@ -1061,6 +1188,7 @@ HAVE_UTIME_H = @HAVE_UTIME_H@
 HAVE_VALGRIND = @HAVE_VALGRIND@
 HAVE_VASPRINTF = @HAVE_VASPRINTF@
 HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
 HAVE_WCHAR_H = @HAVE_WCHAR_H@
 HAVE_WCHAR_T = @HAVE_WCHAR_T@
 HAVE_WCPCPY = @HAVE_WCPCPY@
@@ -1099,6 +1227,7 @@ HAVE_WMEMCHR = @HAVE_WMEMCHR@
 HAVE_WMEMCMP = @HAVE_WMEMCMP@
 HAVE_WMEMCPY = @HAVE_WMEMCPY@
 HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
 HAVE_WMEMSET = @HAVE_WMEMSET@
 HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
 HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
@@ -1131,14 +1260,15 @@ LIBICONV = @LIBICONV@
 LIBINTL = @LIBINTL@
 LIBMULTITHREAD = @LIBMULTITHREAD@
 LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
 LIBPSL_CFLAGS = @LIBPSL_CFLAGS@
 LIBPSL_LIBS = @LIBPSL_LIBS@
-LIBPTH = @LIBPTH@
-LIBPTH_PREFIX = @LIBPTH_PREFIX@
+LIBPTHREAD = @LIBPTHREAD@
 LIBS = @LIBS@
 LIBSOCKET = @LIBSOCKET@
 LIBSSL = @LIBSSL@
 LIBSSL_PREFIX = @LIBSSL_PREFIX@
+LIBSTDTHREAD = @LIBSTDTHREAD@
 LIBTHREAD = @LIBTHREAD@
 LIBUNISTRING = @LIBUNISTRING@
 LIBUNISTRING_PREFIX = @LIBUNISTRING_PREFIX@
@@ -1151,9 +1281,15 @@ LIBUNISTRING_UNIWIDTH_H = @LIBUNISTRING_UNIWIDTH_H@
 LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
 LIB_CRYPTO = @LIB_CRYPTO@
 LIB_FUZZING_ENGINE = @LIB_FUZZING_ENGINE@
+LIB_GETRANDOM = @LIB_GETRANDOM@
+LIB_HARD_LOCALE = @LIB_HARD_LOCALE@
+LIB_MBRTOWC = @LIB_MBRTOWC@
 LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_NL_LANGINFO = @LIB_NL_LANGINFO@
 LIB_POSIX_SPAWN = @LIB_POSIX_SPAWN@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
 LIB_SELECT = @LIB_SELECT@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
 LIMITS_H = @LIMITS_H@
 LOCALCHARSET_TESTS_ENVIRONMENT = @LOCALCHARSET_TESTS_ENVIRONMENT@
 LOCALE_FR = @LOCALE_FR@
@@ -1165,7 +1301,6 @@ LTLIBICONV = @LTLIBICONV@
 LTLIBINTL = @LTLIBINTL@
 LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
 LTLIBOBJS = @LTLIBOBJS@
-LTLIBPTH = @LTLIBPTH@
 LTLIBSSL = @LTLIBSSL@
 LTLIBTHREAD = @LTLIBTHREAD@
 LTLIBUNISTRING = @LTLIBUNISTRING@
@@ -1180,6 +1315,8 @@ NETINET_IN_H = @NETINET_IN_H@
 NETTLE_LIBS = @NETTLE_LIBS@
 NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
 NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_DIRENT_H = @NEXT_AS_FIRST_DIRECTIVE_DIRENT_H@
 NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
 NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
 NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
@@ -1203,6 +1340,7 @@ NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
 NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
 NEXT_AS_FIRST_DIRECTIVE_SYS_FILE_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_FILE_H@
 NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_RANDOM_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_RANDOM_H@
 NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
 NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
 NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
@@ -1215,6 +1353,8 @@ NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
 NEXT_AS_FIRST_DIRECTIVE_UTIME_H = @NEXT_AS_FIRST_DIRECTIVE_UTIME_H@
 NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
 NEXT_AS_FIRST_DIRECTIVE_WCTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_WCTYPE_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_DIRENT_H = @NEXT_DIRENT_H@
 NEXT_ERRNO_H = @NEXT_ERRNO_H@
 NEXT_FCNTL_H = @NEXT_FCNTL_H@
 NEXT_FLOAT_H = @NEXT_FLOAT_H@
@@ -1238,6 +1378,7 @@ NEXT_STRINGS_H = @NEXT_STRINGS_H@
 NEXT_STRING_H = @NEXT_STRING_H@
 NEXT_SYS_FILE_H = @NEXT_SYS_FILE_H@
 NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_RANDOM_H = @NEXT_SYS_RANDOM_H@
 NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
 NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
 NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
@@ -1274,7 +1415,6 @@ POSUB = @POSUB@
 PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
 PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
 PRIPTR_PREFIX = @PRIPTR_PREFIX@
-PRI_MACROS_BROKEN = @PRI_MACROS_BROKEN@
 PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
 PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
 PYTHON = @PYTHON@
@@ -1283,26 +1423,41 @@ PYTHON_PLATFORM = @PYTHON_PLATFORM@
 PYTHON_PREFIX = @PYTHON_PREFIX@
 PYTHON_VERSION = @PYTHON_VERSION@
 RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
 REPLACE_BTOWC = @REPLACE_BTOWC@
 REPLACE_CALLOC = @REPLACE_CALLOC@
 REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
 REPLACE_CHOWN = @REPLACE_CHOWN@
 REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CLOSEDIR = @REPLACE_CLOSEDIR@
+REPLACE_CREAT = @REPLACE_CREAT@
 REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DIRFD = @REPLACE_DIRFD@
 REPLACE_DPRINTF = @REPLACE_DPRINTF@
 REPLACE_DUP = @REPLACE_DUP@
 REPLACE_DUP2 = @REPLACE_DUP2@
 REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
 REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
 REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
 REPLACE_FCLOSE = @REPLACE_FCLOSE@
 REPLACE_FCNTL = @REPLACE_FCNTL@
 REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FDOPENDIR = @REPLACE_FDOPENDIR@
 REPLACE_FFLUSH = @REPLACE_FFLUSH@
 REPLACE_FNMATCH = @REPLACE_FNMATCH@
 REPLACE_FOPEN = @REPLACE_FOPEN@
 REPLACE_FPRINTF = @REPLACE_FPRINTF@
 REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
 REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
 REPLACE_FREOPEN = @REPLACE_FREOPEN@
 REPLACE_FSEEK = @REPLACE_FSEEK@
@@ -1314,6 +1469,7 @@ REPLACE_FTELLO = @REPLACE_FTELLO@
 REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
 REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
 REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
 REPLACE_GETCWD = @REPLACE_GETCWD@
 REPLACE_GETDELIM = @REPLACE_GETDELIM@
 REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
@@ -1323,6 +1479,7 @@ REPLACE_GETLINE = @REPLACE_GETLINE@
 REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
 REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
 REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETRANDOM = @REPLACE_GETRANDOM@
 REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
 REPLACE_GMTIME = @REPLACE_GMTIME@
 REPLACE_ICONV = @REPLACE_ICONV@
@@ -1335,6 +1492,8 @@ REPLACE_IOCTL = @REPLACE_IOCTL@
 REPLACE_ISATTY = @REPLACE_ISATTY@
 REPLACE_ISWBLANK = @REPLACE_ISWBLANK@
 REPLACE_ISWCNTRL = @REPLACE_ISWCNTRL@
+REPLACE_ISWDIGIT = @REPLACE_ISWDIGIT@
+REPLACE_ISWXDIGIT = @REPLACE_ISWXDIGIT@
 REPLACE_ITOLD = @REPLACE_ITOLD@
 REPLACE_LCHOWN = @REPLACE_LCHOWN@
 REPLACE_LINK = @REPLACE_LINK@
@@ -1366,12 +1525,15 @@ REPLACE_NULL = @REPLACE_NULL@
 REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
 REPLACE_OPEN = @REPLACE_OPEN@
 REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_OPENDIR = @REPLACE_OPENDIR@
 REPLACE_PERROR = @REPLACE_PERROR@
 REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
 REPLACE_POSIX_SPAWN = @REPLACE_POSIX_SPAWN@
 REPLACE_POSIX_SPAWN_FILE_ACTIONS_ADDCHDIR = @REPLACE_POSIX_SPAWN_FILE_ACTIONS_ADDCHDIR@
 REPLACE_POSIX_SPAWN_FILE_ACTIONS_ADDCLOSE = @REPLACE_POSIX_SPAWN_FILE_ACTIONS_ADDCLOSE@
 REPLACE_POSIX_SPAWN_FILE_ACTIONS_ADDDUP2 = @REPLACE_POSIX_SPAWN_FILE_ACTIONS_ADDDUP2@
+REPLACE_POSIX_SPAWN_FILE_ACTIONS_ADDFCHDIR = @REPLACE_POSIX_SPAWN_FILE_ACTIONS_ADDFCHDIR@
 REPLACE_POSIX_SPAWN_FILE_ACTIONS_ADDOPEN = @REPLACE_POSIX_SPAWN_FILE_ACTIONS_ADDOPEN@
 REPLACE_PREAD = @REPLACE_PREAD@
 REPLACE_PRINTF = @REPLACE_PRINTF@
@@ -1394,6 +1556,7 @@ REPLACE_REMOVE = @REPLACE_REMOVE@
 REPLACE_RENAME = @REPLACE_RENAME@
 REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
 REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
 REPLACE_SELECT = @REPLACE_SELECT@
 REPLACE_SETENV = @REPLACE_SETENV@
 REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
@@ -1409,6 +1572,7 @@ REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
 REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
 REPLACE_STRDUP = @REPLACE_STRDUP@
 REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
 REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
 REPLACE_STRFTIME = @REPLACE_STRFTIME@
 REPLACE_STRNCAT = @REPLACE_STRNCAT@
@@ -1447,12 +1611,12 @@ REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
 REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
 REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
 REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
 REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
 REPLACE_WCTOB = @REPLACE_WCTOB@
 REPLACE_WCTOMB = @REPLACE_WCTOMB@
 REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
 REPLACE_WRITE = @REPLACE_WRITE@
-SCHED_H = @SCHED_H@
 SED = @SED@
 SERVENT_LIB = @SERVENT_LIB@
 SET_MAKE = @SET_MAKE@
@@ -1472,14 +1636,15 @@ UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
 UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
 UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
 UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
 UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
 UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
 USE_NLS = @USE_NLS@
-UTIME_H = @UTIME_H@
 UUID_CFLAGS = @UUID_CFLAGS@
 UUID_LIBS = @UUID_LIBS@
 VALGRIND_TESTS = @VALGRIND_TESTS@
 VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
 WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
 WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
 WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
@@ -1542,6 +1707,7 @@ program_transform_name = @program_transform_name@
 psdir = @psdir@
 pyexecdir = @pyexecdir@
 pythondir = @pythondir@
+runstatedir = @runstatedir@
 sbindir = @sbindir@
 sharedstatedir = @sharedstatedir@
 srcdir = @srcdir@
@@ -1553,7 +1719,7 @@ top_srcdir = @top_srcdir@
 @IRI_IS_ENABLED_TRUE@IRI_OBJ = iri.c
 @METALINK_IS_ENABLED_TRUE@METALINK_OBJ = metalink.c
 @WITH_XATTR_TRUE@XATTR_OBJ = xattr.c
-EXTRA_DIST = css.l css.c css_.c build_info.c.in
+EXTRA_DIST = css.l css.c css_.c build_info.c.in build_info.c
 wget_SOURCES = connect.c convert.c cookies.c ftp.c	\
 		css_.c css-url.c	\
 		ftp-basic.c ftp-ls.c hash.c host.c hsts.c html-parse.c html-url.c	\
@@ -1569,17 +1735,18 @@ wget_SOURCES = connect.c convert.c cookies.c ftp.c	\
 
 nodist_wget_SOURCES = version.c
 EXTRA_wget_SOURCES = iri.c
-LDADD = $(LIBOBJS) ../lib/libgnu.a $(GETADDRINFO_LIB) $(HOSTENT_LIB)\
+LDADD = $(CODE_COVERAGE_LIBS) $(LIBOBJS) ../lib/libgnu.a $(GETADDRINFO_LIB) $(HOSTENT_LIB)\
  $(INET_NTOP_LIB) $(LIBSOCKET) $(LIB_CLOCK_GETTIME) $(LIB_CRYPTO)\
  $(LIB_NANOSLEEP) $(LIB_POSIX_SPAWN) $(LIB_SELECT) $(LIBICONV) $(LIBINTL)\
  $(LIBTHREAD) $(LIBUNISTRING) $(SERVENT_LIB)
 
-AM_CPPFLAGS = -I$(top_builddir)/lib -I$(top_srcdir)/lib
+AM_CPPFLAGS = -I$(top_builddir)/lib -I$(top_srcdir)/lib $(CODE_COVERAGE_CPPFLAGS)
+AM_CFLAGS = $(WERROR_CFLAGS) $(WARN_CFLAGS) $(CODE_COVERAGE_CFLAGS)
 ESCAPEQUOTE = sed -e 's/[\\"]/\\&/g' -e 's/\\"/"/' -e 's/\\";$$/";/'
 check_LIBRARIES = libunittest.a
 libunittest_a_SOURCES = $(wget_SOURCES) build_info.c
 nodist_libunittest_a_SOURCES = version.c
-libunittest_a_CPPFLAGS = -DTESTING "-I$(top_builddir)/lib" "-I$(top_srcdir)/lib"
+libunittest_a_CPPFLAGS = -DTESTING "-I$(top_builddir)/lib" "-I$(top_srcdir)/lib" $(CODE_COVERAGE_CPPLAGS)
 libunittest_a_LIBADD = $(LIBOBJS)
 CLEANFILES = *~ *.bak core core.[0-9]* build_info.c version.c
 all: config.h
@@ -1771,15 +1938,17 @@ $(am__depfiles_remade):
 am--depfiles: $(am__depfiles_remade)
 
 .c.o:
-@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
 @am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
 
 .c.obj:
-@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
 @am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
diff --git a/src/config.h.in b/src/config.h.in
index 1dcbf68..936d100 100644
--- a/src/config.h.in
+++ b/src/config.h.in
@@ -18,17 +18,9 @@
 /* Define to the number of bits in type 'wint_t'. */
 #undef BITSIZEOF_WINT_T
 
-/* Define to one of `_getb67', `GETB67', `getb67' for Cray-2 and Cray-YMP
-   systems. This function is required for `alloca.c' support on those systems.
-   */
-#undef CRAY_STACKSEG_END
-
 /* Define to 1 if using `alloca.c'. */
 #undef C_ALLOCA
 
-/* Define to 1 if the C locale may have encoding errors. */
-#undef C_LOCALE_MAYBE_EILSEQ
-
 /* Define as the bit index in the word where to find bit 0 of the exponent of
    'double'. */
 #undef DBL_EXPBIT0_BIT
@@ -36,9 +28,22 @@
 /* Define as the word index where to find the exponent of 'double'. */
 #undef DBL_EXPBIT0_WORD
 
+/* the name of the file descriptor member of DIR */
+#undef DIR_FD_MEMBER_NAME
+
+#ifdef DIR_FD_MEMBER_NAME
+# define DIR_TO_FD(Dir_p) ((Dir_p)->DIR_FD_MEMBER_NAME)
+#else
+# define DIR_TO_FD(Dir_p) -1
+#endif
+
+
 /* Define to 1 if // is a file system root distinct from /. */
 #undef DOUBLE_SLASH_IS_DISTINCT_ROOT
 
+/* Define if struct dirent has a member d_ino that actually works. */
+#undef D_INO_IN_DIRENT
+
 /* Define if you want the debug output support compiled in. */
 #undef ENABLE_DEBUG
 
@@ -69,12 +74,10 @@
 #undef FCNTL_DUPFD_BUGGY
 
 /* Define to nothing if C supports flexible array members, and to 1 if it does
-   not. That way, with a declaration like 'struct s { int n; double
+   not. That way, with a declaration like 'struct s { int n; short
    d[FLEXIBLE_ARRAY_MEMBER]; };', the struct hack can be used with pre-C99
-   compilers. When computing the size of such an object, don't use 'sizeof
-   (struct s)' as it overestimates the size. Use 'offsetof (struct s, d)'
-   instead. Don't use 'offsetof (struct s, d[0])', as this doesn't work with
-   MSVC and with C++ compilers. */
+   compilers. Use 'FLEXSIZEOF (struct s, d, N * sizeof (short))' to calculate
+   the size in bytes of such a struct containing an N-element array. */
 #undef FLEXIBLE_ARRAY_MEMBER
 
 /* Define to 1 if fopen() fails to recognize a trailing slash. */
@@ -94,6 +97,10 @@
 /* Define to 1 if nl_langinfo (YESEXPR) returns a non-empty string. */
 #undef FUNC_NL_LANGINFO_YESEXPR_WORKS
 
+/* Define to 1 if realpath() can malloc memory, always gives an absolute path,
+   and handles trailing slash correctly. */
+#undef FUNC_REALPATH_WORKS
+
 /* Define to 1 if futimesat mishandles a NULL file name. */
 #undef FUTIMESAT_NULL_BUG
 
@@ -108,9 +115,6 @@
    */
 #undef GETGROUPS_ZERO_BUG
 
-/* Define if gettimeofday clobbers the localtime buffer. */
-#undef GETTIMEOFDAY_CLOBBERS_LOCALTIME
-
 /* Define this to 'void' or 'struct timezone' to match the system's
    declaration of the second argument to gettimeofday. */
 #undef GETTIMEOFDAY_TIMEZONE
@@ -119,10 +123,18 @@
 #undef GL_COMPILE_CRYPTO_STREAM
 
 /* Define to a C preprocessor expression that evaluates to 1 or 0, depending
+   whether the gnulib module canonicalize shall be considered present. */
+#undef GNULIB_CANONICALIZE
+
+/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
    whether the gnulib module dirname shall be considered present. */
 #undef GNULIB_DIRNAME
 
 /* Define to a C preprocessor expression that evaluates to 1 or 0, depending
+   whether the gnulib module fdopendir shall be considered present. */
+#undef GNULIB_FDOPENDIR
+
+/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
    whether the gnulib module fd-safer-flag shall be considered present. */
 #undef GNULIB_FD_SAFER_FLAG
 
@@ -131,10 +143,26 @@
 #undef GNULIB_FFLUSH
 
 /* Define to a C preprocessor expression that evaluates to 1 or 0, depending
+   whether the gnulib module fnmatch-gnu shall be considered present. */
+#undef GNULIB_FNMATCH_GNU
+
+/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
+   whether the gnulib module fopen-gnu shall be considered present. */
+#undef GNULIB_FOPEN_GNU
+
+/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
    whether the gnulib module fscanf shall be considered present. */
 #undef GNULIB_FSCANF
 
 /* Define to a C preprocessor expression that evaluates to 1 or 0, depending
+   whether the gnulib module getcwd shall be considered present. */
+#undef GNULIB_GETCWD
+
+/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
+   whether the gnulib module isblank shall be considered present. */
+#undef GNULIB_ISBLANK
+
+/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
    whether the gnulib module lock shall be considered present. */
 #undef GNULIB_LOCK
 
@@ -147,6 +175,10 @@
 #undef GNULIB_MSVC_NOTHROW
 
 /* Define to a C preprocessor expression that evaluates to 1 or 0, depending
+   whether the gnulib module openat shall be considered present. */
+#undef GNULIB_OPENAT
+
+/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
    whether the gnulib module pipe2-safer shall be considered present. */
 #undef GNULIB_PIPE2_SAFER
 
@@ -174,33 +206,65 @@
    whether the gnulib module strerror_r-posix shall be considered present. */
 #undef GNULIB_STRERROR_R_POSIX
 
+/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
+   whether the gnulib module tempname shall be considered present. */
+#undef GNULIB_TEMPNAME
+
 /* Define to 1 when the gnulib module accept should be tested. */
 #undef GNULIB_TEST_ACCEPT
 
+/* Define to 1 when the gnulib module access should be tested. */
+#undef GNULIB_TEST_ACCESS
+
 /* Define to 1 when the gnulib module bind should be tested. */
 #undef GNULIB_TEST_BIND
 
 /* Define to 1 when the gnulib module btowc should be tested. */
 #undef GNULIB_TEST_BTOWC
 
+/* Define to 1 when the gnulib module canonicalize should be tested. */
+#undef GNULIB_TEST_CANONICALIZE
+
+/* Define to 1 when the gnulib module canonicalize_file_name should be tested.
+   */
+#undef GNULIB_TEST_CANONICALIZE_FILE_NAME
+
+/* Define to 1 when the gnulib module chdir should be tested. */
+#undef GNULIB_TEST_CHDIR
+
 /* Define to 1 when the gnulib module cloexec should be tested. */
 #undef GNULIB_TEST_CLOEXEC
 
 /* Define to 1 when the gnulib module close should be tested. */
 #undef GNULIB_TEST_CLOSE
 
+/* Define to 1 when the gnulib module closedir should be tested. */
+#undef GNULIB_TEST_CLOSEDIR
+
 /* Define to 1 when the gnulib module connect should be tested. */
 #undef GNULIB_TEST_CONNECT
 
+/* Define to 1 when the gnulib module dirfd should be tested. */
+#undef GNULIB_TEST_DIRFD
+
+/* Define to 1 when the gnulib module dup should be tested. */
+#undef GNULIB_TEST_DUP
+
 /* Define to 1 when the gnulib module dup2 should be tested. */
 #undef GNULIB_TEST_DUP2
 
 /* Define to 1 when the gnulib module environ should be tested. */
 #undef GNULIB_TEST_ENVIRON
 
+/* Define to 1 when the gnulib module fchdir should be tested. */
+#undef GNULIB_TEST_FCHDIR
+
 /* Define to 1 when the gnulib module fcntl should be tested. */
 #undef GNULIB_TEST_FCNTL
 
+/* Define to 1 when the gnulib module fdopendir should be tested. */
+#undef GNULIB_TEST_FDOPENDIR
+
 /* Define to 1 when the gnulib module fflush should be tested. */
 #undef GNULIB_TEST_FFLUSH
 
@@ -213,6 +277,9 @@
 /* Define to 1 when the gnulib module fpurge should be tested. */
 #undef GNULIB_TEST_FPURGE
 
+/* Define to 1 when the gnulib module free-posix should be tested. */
+#undef GNULIB_TEST_FREE_POSIX
+
 /* Define to 1 when the gnulib module fseek should be tested. */
 #undef GNULIB_TEST_FSEEK
 
@@ -222,6 +289,9 @@
 /* Define to 1 when the gnulib module fstat should be tested. */
 #undef GNULIB_TEST_FSTAT
 
+/* Define to 1 when the gnulib module fstatat should be tested. */
+#undef GNULIB_TEST_FSTATAT
+
 /* Define to 1 when the gnulib module ftell should be tested. */
 #undef GNULIB_TEST_FTELL
 
@@ -234,6 +304,9 @@
 /* Define to 1 when the gnulib module getaddrinfo should be tested. */
 #undef GNULIB_TEST_GETADDRINFO
 
+/* Define to 1 when the gnulib module getcwd should be tested. */
+#undef GNULIB_TEST_GETCWD
+
 /* Define to 1 when the gnulib module getdelim should be tested. */
 #undef GNULIB_TEST_GETDELIM
 
@@ -246,12 +319,18 @@
 /* Define to 1 when the gnulib module getline should be tested. */
 #undef GNULIB_TEST_GETLINE
 
+/* Define to 1 when the gnulib module getopt-posix should be tested. */
+#undef GNULIB_TEST_GETOPT_POSIX
+
 /* Define to 1 when the gnulib module getpass should be tested. */
 #undef GNULIB_TEST_GETPASS
 
 /* Define to 1 when the gnulib module getpeername should be tested. */
 #undef GNULIB_TEST_GETPEERNAME
 
+/* Define to 1 when the gnulib module getrandom should be tested. */
+#undef GNULIB_TEST_GETRANDOM
+
 /* Define to 1 when the gnulib module getsockname should be tested. */
 #undef GNULIB_TEST_GETSOCKNAME
 
@@ -267,6 +346,12 @@
 /* Define to 1 when the gnulib module iswblank should be tested. */
 #undef GNULIB_TEST_ISWBLANK
 
+/* Define to 1 when the gnulib module iswdigit should be tested. */
+#undef GNULIB_TEST_ISWDIGIT
+
+/* Define to 1 when the gnulib module iswxdigit should be tested. */
+#undef GNULIB_TEST_ISWXDIGIT
+
 /* Define to 1 when the gnulib module link should be tested. */
 #undef GNULIB_TEST_LINK
 
@@ -300,9 +385,15 @@
 /* Define to 1 when the gnulib module memchr should be tested. */
 #undef GNULIB_TEST_MEMCHR
 
+/* Define to 1 when the gnulib module mempcpy should be tested. */
+#undef GNULIB_TEST_MEMPCPY
+
 /* Define to 1 when the gnulib module memrchr should be tested. */
 #undef GNULIB_TEST_MEMRCHR
 
+/* Define to 1 when the gnulib module mkdir should be tested. */
+#undef GNULIB_TEST_MKDIR
+
 /* Define to 1 when the gnulib module mkostemp should be tested. */
 #undef GNULIB_TEST_MKOSTEMP
 
@@ -321,6 +412,12 @@
 /* Define to 1 when the gnulib module open should be tested. */
 #undef GNULIB_TEST_OPEN
 
+/* Define to 1 when the gnulib module openat should be tested. */
+#undef GNULIB_TEST_OPENAT
+
+/* Define to 1 when the gnulib module opendir should be tested. */
+#undef GNULIB_TEST_OPENDIR
+
 /* Define to 1 when the gnulib module pipe should be tested. */
 #undef GNULIB_TEST_PIPE
 
@@ -342,6 +439,10 @@
    tested. */
 #undef GNULIB_TEST_POSIX_SPAWNATTR_SETFLAGS
 
+/* Define to 1 when the gnulib module posix_spawnattr_setpgroup should be
+   tested. */
+#undef GNULIB_TEST_POSIX_SPAWNATTR_SETPGROUP
+
 /* Define to 1 when the gnulib module posix_spawnattr_setsigmask should be
    tested. */
 #undef GNULIB_TEST_POSIX_SPAWNATTR_SETSIGMASK
@@ -349,6 +450,10 @@
 /* Define to 1 when the gnulib module posix_spawnp should be tested. */
 #undef GNULIB_TEST_POSIX_SPAWNP
 
+/* Define to 1 when the gnulib module posix_spawn_file_actions_addchdir should
+   be tested. */
+#undef GNULIB_TEST_POSIX_SPAWN_FILE_ACTIONS_ADDCHDIR
+
 /* Define to 1 when the gnulib module posix_spawn_file_actions_addclose should
    be tested. */
 #undef GNULIB_TEST_POSIX_SPAWN_FILE_ACTIONS_ADDCLOSE
@@ -375,9 +480,21 @@
 /* Define to 1 when the gnulib module rawmemchr should be tested. */
 #undef GNULIB_TEST_RAWMEMCHR
 
+/* Define to 1 when the gnulib module readdir should be tested. */
+#undef GNULIB_TEST_READDIR
+
+/* Define to 1 when the gnulib module readlink should be tested. */
+#undef GNULIB_TEST_READLINK
+
+/* Define to 1 when the gnulib module realloc-posix should be tested. */
+#undef GNULIB_TEST_REALLOC_POSIX
+
 /* Define to 1 when the gnulib module recv should be tested. */
 #undef GNULIB_TEST_RECV
 
+/* Define to 1 when the gnulib module rewinddir should be tested. */
+#undef GNULIB_TEST_REWINDDIR
+
 /* Define to 1 when the gnulib module secure_getenv should be tested. */
 #undef GNULIB_TEST_SECURE_GETENV
 
@@ -387,6 +504,9 @@
 /* Define to 1 when the gnulib module send should be tested. */
 #undef GNULIB_TEST_SEND
 
+/* Define to 1 when the gnulib module setlocale_null should be tested. */
+#undef GNULIB_TEST_SETLOCALE_NULL
+
 /* Define to 1 when the gnulib module setsockopt should be tested. */
 #undef GNULIB_TEST_SETSOCKOPT
 
@@ -405,6 +525,9 @@
 /* Define to 1 when the gnulib module stat should be tested. */
 #undef GNULIB_TEST_STAT
 
+/* Define to 1 when the gnulib module stpcpy should be tested. */
+#undef GNULIB_TEST_STPCPY
+
 /* Define to 1 when the gnulib module strchrnul should be tested. */
 #undef GNULIB_TEST_STRCHRNUL
 
@@ -469,6 +592,12 @@
 /* Define to 1 when the gnulib module wcwidth should be tested. */
 #undef GNULIB_TEST_WCWIDTH
 
+/* Define to 1 when the gnulib module wmemchr should be tested. */
+#undef GNULIB_TEST_WMEMCHR
+
+/* Define to 1 when the gnulib module wmempcpy should be tested. */
+#undef GNULIB_TEST_WMEMPCPY
+
 /* Define to 1 when the gnulib module write should be tested. */
 #undef GNULIB_TEST_WRITE
 
@@ -481,17 +610,27 @@
    whether the gnulib module unistr/u8-uctomb shall be considered present. */
 #undef GNULIB_UNISTR_U8_UCTOMB
 
+/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
+   whether the gnulib module xalloc shall be considered present. */
+#undef GNULIB_XALLOC
+
+/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
+   whether the gnulib module xalloc-die shall be considered present. */
+#undef GNULIB_XALLOC_DIE
+
 /* Define to 1 if you have 'alloca' after including <alloca.h>, a header that
    may be supplied by this distribution. */
 #undef HAVE_ALLOCA
 
-/* Define to 1 if you have <alloca.h> and it should be used (not on Ultrix).
-   */
+/* Define to 1 if <alloca.h> works. */
 #undef HAVE_ALLOCA_H
 
 /* Define to 1 if you have the <arpa/inet.h> header file. */
 #undef HAVE_ARPA_INET_H
 
+/* Define to 1 if you have the <bcrypt.h> header file. */
+#undef HAVE_BCRYPT_H
+
 /* Define to 1 if you have the <bp-sym.h> header file. */
 #undef HAVE_BP_SYM_H
 
@@ -504,14 +643,17 @@
 /* Define to 1 if you have the <byteswap.h> header file. */
 #undef HAVE_BYTESWAP_H
 
+/* Define to 1 if you have the `canonicalize_file_name' function. */
+#undef HAVE_CANONICALIZE_FILE_NAME
+
 /* Define to 1 if you have the `catgets' function. */
 #undef HAVE_CATGETS
 
-/* Define to 1 if you have the MacOS X function CFLocaleCopyCurrent in the
+/* Define to 1 if you have the Mac OS X function CFLocaleCopyCurrent in the
    CoreFoundation framework. */
 #undef HAVE_CFLOCALECOPYCURRENT
 
-/* Define to 1 if you have the MacOS X function CFPreferencesCopyAppValue in
+/* Define to 1 if you have the Mac OS X function CFPreferencesCopyAppValue in
    the CoreFoundation framework. */
 #undef HAVE_CFPREFERENCESCOPYAPPVALUE
 
@@ -521,6 +663,9 @@
 /* Define to 1 if you have the `clock_settime' function. */
 #undef HAVE_CLOCK_SETTIME
 
+/* Define to 1 if you have the `closedir' function. */
+#undef HAVE_CLOSEDIR
+
 /* Define to 1 if you have the `confstr' function. */
 #undef HAVE_CONFSTR
 
@@ -539,6 +684,34 @@
    you don't. */
 #undef HAVE_DECL_CLEARERR_UNLOCKED
 
+/* Define to 1 if you have the declaration of `dirfd', and to 0 if you don't.
+   */
+#undef HAVE_DECL_DIRFD
+
+/* Define to 1 if you have the declaration of `ecvt', and to 0 if you don't.
+   */
+#undef HAVE_DECL_ECVT
+
+/* Define to 1 if you have the declaration of `execvpe', and to 0 if you
+   don't. */
+#undef HAVE_DECL_EXECVPE
+
+/* Define to 1 if you have the declaration of `fchdir', and to 0 if you don't.
+   */
+#undef HAVE_DECL_FCHDIR
+
+/* Define to 1 if you have the declaration of `fcloseall', and to 0 if you
+   don't. */
+#undef HAVE_DECL_FCLOSEALL
+
+/* Define to 1 if you have the declaration of `fcvt', and to 0 if you don't.
+   */
+#undef HAVE_DECL_FCVT
+
+/* Define to 1 if you have the declaration of `fdopendir', and to 0 if you
+   don't. */
+#undef HAVE_DECL_FDOPENDIR
+
 /* Define to 1 if you have the declaration of `feof_unlocked', and to 0 if you
    don't. */
 #undef HAVE_DECL_FEOF_UNLOCKED
@@ -603,6 +776,10 @@
    don't. */
 #undef HAVE_DECL_GAI_STRERRORA
 
+/* Define to 1 if you have the declaration of `gcvt', and to 0 if you don't.
+   */
+#undef HAVE_DECL_GCVT
+
 /* Define to 1 if you have the declaration of `getaddrinfo', and to 0 if you
    don't. */
 #undef HAVE_DECL_GETADDRINFO
@@ -611,6 +788,10 @@
    you don't. */
 #undef HAVE_DECL_GETCHAR_UNLOCKED
 
+/* Define to 1 if you have the declaration of `getcwd', and to 0 if you don't.
+   */
+#undef HAVE_DECL_GETCWD
+
 /* Define to 1 if you have the declaration of `getc_unlocked', and to 0 if you
    don't. */
 #undef HAVE_DECL_GETC_UNLOCKED
@@ -723,6 +904,10 @@
    don't. */
 #undef HAVE_DECL_WCRTOMB
 
+/* Define to 1 if you have the declaration of `wcsdup', and to 0 if you don't.
+   */
+#undef HAVE_DECL_WCSDUP
+
 /* Define to 1 if you have the declaration of `wcwidth', and to 0 if you
    don't. */
 #undef HAVE_DECL_WCWIDTH
@@ -743,21 +928,33 @@
    don't. */
 #undef HAVE_DECL___FSETLOCKING
 
+/* Define to 1 if you have the <dirent.h> header file. */
+#undef HAVE_DIRENT_H
+
+/* Define to 1 if you have the `dirfd' function. */
+#undef HAVE_DIRFD
+
 /* Define to 1 if you have the <dlfcn.h> header file. */
 #undef HAVE_DLFCN_H
 
 /* Define to 1 if you have the `drand48' function. */
 #undef HAVE_DRAND48
 
-/* Define to 1 if you have the 'dup2' function. */
-#undef HAVE_DUP2
-
 /* Define if you have the declaration of environ. */
 #undef HAVE_ENVIRON_DECL
 
+/* Define to 1 if you have the `faccessat' function. */
+#undef HAVE_FACCESSAT
+
+/* Define to 1 if you have the `fchdir' function. */
+#undef HAVE_FCHDIR
+
 /* Define to 1 if you have the `fcntl' function. */
 #undef HAVE_FCNTL
 
+/* Define to 1 if you have the `fdopendir' function. */
+#undef HAVE_FDOPENDIR
+
 /* Define to 1 if you have the <features.h> header file. */
 #undef HAVE_FEATURES_H
 
@@ -782,6 +979,9 @@
 /* Define to 1 if fseeko (and presumably ftello) exists and is declared. */
 #undef HAVE_FSEEKO
 
+/* Define to 1 if you have the `fstatat' function. */
+#undef HAVE_FSTATAT
+
 /* Define to 1 if you have the `ftello' function. */
 #undef HAVE_FTELLO
 
@@ -797,6 +997,13 @@
 /* Define to 1 if you have the `futimesat' function. */
 #undef HAVE_FUTIMESAT
 
+/* Define to 1 if getaddrinfo exists, or to 0 otherwise. */
+#undef HAVE_GETADDRINFO
+
+/* Define to 1 if getcwd works, but with shorter paths than is generally
+   tested with the replacement. */
+#undef HAVE_GETCWD_SHORTER
+
 /* Define to 1 if you have the `getdelim' function. */
 #undef HAVE_GETDELIM
 
@@ -836,6 +1043,9 @@
 /* Define to 1 if you have the `getprogname' function. */
 #undef HAVE_GETPROGNAME
 
+/* Define to 1 if you have the `getrandom' function. */
+#undef HAVE_GETRANDOM
+
 /* Define to 1 if you have the `getservbyname' function. */
 #undef HAVE_GETSERVBYNAME
 
@@ -956,6 +1166,9 @@
 /* Define if using zlib. */
 #undef HAVE_LIBZ
 
+/* Define to 1 if the bcrypt library is guaranteed to be present. */
+#undef HAVE_LIB_BCRYPT
+
 /* Define to 1 if you have the <limits.h> header file. */
 #undef HAVE_LIMITS_H
 
@@ -1002,9 +1215,6 @@
 /* Define to 1 if you have the `mbtowc' function. */
 #undef HAVE_MBTOWC
 
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
 /* Define to 1 if you have the `mempcpy' function. */
 #undef HAVE_MEMPCPY
 
@@ -1014,6 +1224,13 @@
 /* Define if using metalink. */
 #undef HAVE_METALINK
 
+/* Define to 1 if getcwd minimally works, that is, its result can be trusted
+   when it succeeds. */
+#undef HAVE_MINIMALLY_WORKING_GETCWD
+
+/* Define to 1 if you have the <minix/config.h> header file. */
+#undef HAVE_MINIX_CONFIG_H
+
 /* Define to 1 if <limits.h> defines the MIN and MAX macros. */
 #undef HAVE_MINMAX_IN_LIMITS_H
 
@@ -1048,9 +1265,18 @@
 /* Define to 1 if you have the `nl_langinfo' function. */
 #undef HAVE_NL_LANGINFO
 
+/* Define to 1 if you have the `openat' function. */
+#undef HAVE_OPENAT
+
+/* Define to 1 if you have the `opendir' function. */
+#undef HAVE_OPENDIR
+
 /* Define to 1 if libcrypto is used for MD5. */
 #undef HAVE_OPENSSL_MD5
 
+/* Define to 1 if you have the <openssl/md5.h> header file. */
+#undef HAVE_OPENSSL_MD5_H
+
 /* Define to 1 if libcrypto is used for SHA1. */
 #undef HAVE_OPENSSL_SHA1
 
@@ -1060,6 +1286,13 @@
 /* Define to 1 if libcrypto is used for SHA512. */
 #undef HAVE_OPENSSL_SHA512
 
+/* Define to 1 if you have the <openssl/sha.h> header file. */
+#undef HAVE_OPENSSL_SHA_H
+
+/* Define to 1 if getcwd works, except it sometimes fails when it shouldn't,
+   setting errno to ERANGE, ENAMETOOLONG, or ENOENT. */
+#undef HAVE_PARTLY_WORKING_GETCWD
+
 /* Define to 1 if you have the `pathconf' function. */
 #undef HAVE_PATHCONF
 
@@ -1078,12 +1311,23 @@
 /* Define to 1 if the system has the type `posix_spawnattr_t'. */
 #undef HAVE_POSIX_SPAWNATTR_T
 
+/* Define to 1 if you have the `posix_spawn_file_actions_addchdir' function.
+   */
+#undef HAVE_POSIX_SPAWN_FILE_ACTIONS_ADDCHDIR
+
+/* Define to 1 if you have the `posix_spawn_file_actions_addchdir_np'
+   function. */
+#undef HAVE_POSIX_SPAWN_FILE_ACTIONS_ADDCHDIR_NP
+
 /* Define to 1 if the system has the type `posix_spawn_file_actions_t'. */
 #undef HAVE_POSIX_SPAWN_FILE_ACTIONS_T
 
 /* Define to 1 if you have the `psl_latest' function. */
 #undef HAVE_PSL_LATEST
 
+/* Define if you have the <pthread.h> header and the POSIX threads API. */
+#undef HAVE_PTHREAD_API
+
 /* Define if the <pthread.h> defines PTHREAD_MUTEX_RECURSIVE. */
 #undef HAVE_PTHREAD_MUTEX_RECURSIVE
 
@@ -1109,6 +1353,21 @@
 /* Define to 1 if you have the `rawmemchr' function. */
 #undef HAVE_RAWMEMCHR
 
+/* Define to 1 if you have the `readdir' function. */
+#undef HAVE_READDIR
+
+/* Define to 1 if you have the `readlink' function. */
+#undef HAVE_READLINK
+
+/* Define if the 'realloc' function is POSIX compliant. */
+#undef HAVE_REALLOC_POSIX
+
+/* Define to 1 if you have the `realpath' function. */
+#undef HAVE_REALPATH
+
+/* Define to 1 if you have the `rewinddir' function. */
+#undef HAVE_REWINDDIR
+
 /* Define to 1 if the system has the type `sa_family_t'. */
 #undef HAVE_SA_FAMILY_T
 
@@ -1121,6 +1380,9 @@
 /* Define to 1 if you have the `sched_setscheduler' function. */
 #undef HAVE_SCHED_SETSCHEDULER
 
+/* Define to 1 if you have the <sdkddkver.h> header file. */
+#undef HAVE_SDKDDKVER_H
+
 /* Define to 1 if you have the `secure_getenv' function. */
 #undef HAVE_SECURE_GETENV
 
@@ -1180,6 +1442,10 @@
    buffer had been large enough. */
 #undef HAVE_SNPRINTF_RETVAL_C99
 
+/* Define if the string produced by the snprintf function is always NUL
+   terminated. */
+#undef HAVE_SNPRINTF_TRUNCATION_C99
+
 /* Define if struct sockaddr_in6 has the sin6_scope_id member */
 #undef HAVE_SOCKADDR_IN6_SCOPE_ID
 
@@ -1199,9 +1465,15 @@
 /* Define to 1 if you have the <stdio_ext.h> header file. */
 #undef HAVE_STDIO_EXT_H
 
+/* Define to 1 if you have the <stdio.h> header file. */
+#undef HAVE_STDIO_H
+
 /* Define to 1 if you have the <stdlib.h> header file. */
 #undef HAVE_STDLIB_H
 
+/* Define to 1 if you have the `stpcpy' function. */
+#undef HAVE_STPCPY
+
 /* Define to 1 if you have the `strcasecmp' function. */
 #undef HAVE_STRCASECMP
 
@@ -1316,9 +1588,15 @@
 /* Define to 1 if you have the <sys/param.h> header file. */
 #undef HAVE_SYS_PARAM_H
 
+/* Define to 1 if you have the <sys/random.h> header file. */
+#undef HAVE_SYS_RANDOM_H
+
 /* Define to 1 if you have the <sys/select.h> header file. */
 #undef HAVE_SYS_SELECT_H
 
+/* Define to 1 if you have the <sys/single_threaded.h> header file. */
+#undef HAVE_SYS_SINGLE_THREADED_H
+
 /* Define to 1 if you have the <sys/socket.h> header file. */
 #undef HAVE_SYS_SOCKET_H
 
@@ -1349,6 +1627,12 @@
 /* Define to 1 if you have the <termios.h> header file. */
 #undef HAVE_TERMIOS_H
 
+/* Define to 1 if you have the `thrd_create' function. */
+#undef HAVE_THRD_CREATE
+
+/* Define to 1 if you have the <threads.h> header file. */
+#undef HAVE_THREADS_H
+
 /* Define to 1 if you have the `timegm' function. */
 #undef HAVE_TIMEGM
 
@@ -1358,9 +1642,6 @@
 /* Define to 1 if you have the `towlower' function. */
 #undef HAVE_TOWLOWER
 
-/* Define to 1 if you have the `tzset' function. */
-#undef HAVE_TZSET
-
 /* Define to 1 if the system has the type `uint32_t'. */
 #undef HAVE_UINT32_T
 
@@ -1400,6 +1681,10 @@
 /* Define to 1 if you have the `vfork' function. */
 #undef HAVE_VFORK
 
+/* Define to 1 or 0, depending whether the compiler supports simple visibility
+   declarations. */
+#undef HAVE_VISIBILITY
+
 /* Define to 1 if you have the `vsnprintf' function. */
 #undef HAVE_VSNPRINTF
 
@@ -1427,21 +1712,23 @@
 /* Define to 1 if you have the `wcwidth' function. */
 #undef HAVE_WCWIDTH
 
+/* Define to 1 if the compiler and linker support weak declarations of
+   symbols. */
+#undef HAVE_WEAK_SYMBOLS
+
 /* Define to 1 if you have the <winsock2.h> header file. */
 #undef HAVE_WINSOCK2_H
 
 /* Define if you have the 'wint_t' type. */
 #undef HAVE_WINT_T
 
-/* Define to 1 if you have the `wmemchr' function. */
-#undef HAVE_WMEMCHR
-
-/* Define to 1 if you have the `wmemcpy' function. */
-#undef HAVE_WMEMCPY
-
 /* Define to 1 if you have the `wmempcpy' function. */
 #undef HAVE_WMEMPCPY
 
+/* Define to 1 if fstatat (..., 0) works. For example, it does not work in AIX
+   7.1. */
+#undef HAVE_WORKING_FSTATAT_ZERO_FLAG
+
 /* Define to 1 if O_NOATIME works. */
 #undef HAVE_WORKING_O_NOATIME
 
@@ -1517,6 +1804,10 @@
    */
 #undef MBRTOWC_EMPTY_INPUT_BUG
 
+/* Define if the mbrtowc function may signal encoding errors in the C locale.
+   */
+#undef MBRTOWC_IN_C_LOCALE_MAYBE_EILSEQ
+
 /* Define if the mbrtowc function has the NULL pwc argument bug. */
 #undef MBRTOWC_NULL_ARG1_BUG
 
@@ -1529,6 +1820,10 @@
 /* Define if the mbrtowc function returns a wrong return value. */
 #undef MBRTOWC_RETVAL_BUG
 
+/* Define if the mbrtowc function stores a wide character when reporting
+   incomplete input. */
+#undef MBRTOWC_STORES_INCOMPLETE_BUG
+
 /* Use GNU style printf and scanf.  */
 #ifndef __USE_MINGW_ANSI_STDIO
 # undef __USE_MINGW_ANSI_STDIO
@@ -1546,6 +1841,9 @@
    algorithmic workarounds. */
 #undef NEED_MKTIME_WORKING
 
+/* Define to 1 if nl_langinfo is multithread-safe. */
+#undef NL_LANGINFO_MTSAFE
+
 /* Define to 1 if open() fails to recognize a trailing slash. */
 #undef OPEN_TRAILING_SLASH_BUG
 
@@ -1573,9 +1871,6 @@
 /* Define to the version of this package. */
 #undef PACKAGE_VERSION
 
-/* Define if <inttypes.h> exists and defines unusable PRI* macros. */
-#undef PRI_MACROS_BROKEN
-
 /* Define to the type that is the result of default argument promotions of
    type mode_t. */
 #undef PROMOTED_MODE_T
@@ -1587,13 +1882,34 @@
    'ptrdiff_t'. */
 #undef PTRDIFF_T_SUFFIX
 
+/* Define to 1 if readlink fails to recognize a trailing slash. */
+#undef READLINK_TRAILING_SLASH_BUG
+
+/* Define to 1 if readlink sets errno instead of truncating a too-long link.
+   */
+#undef READLINK_TRUNCATE_BUG
+
+/* Define to 1 if gnulib's dirfd() replacement is used. */
+#undef REPLACE_DIRFD
+
+/* Define to 1 if gnulib's fchdir() replacement is used. */
+#undef REPLACE_FCHDIR
+
 /* Define to 1 if stat needs help when passed a file name with a trailing
    slash */
 #undef REPLACE_FUNC_STAT_FILE
 
+/* Define to 1 if utime needs help when passed a file name with a trailing
+   slash */
+#undef REPLACE_FUNC_UTIME_FILE
+
 /* Define if nl_langinfo exists but is overridden by gnulib. */
 #undef REPLACE_NL_LANGINFO
 
+/* Define to 1 if open() should work around the inability to open a directory.
+   */
+#undef REPLACE_OPEN_DIRECTORY
+
 /* Define if gnulib uses its own posix_spawn and posix_spawnp functions. */
 #undef REPLACE_POSIX_SPAWN
 
@@ -1603,9 +1919,17 @@
 /* Define if vasnprintf exists but is overridden by gnulib. */
 #undef REPLACE_VASNPRINTF
 
+/* Define to 1 if setlocale (LC_ALL, NULL) is multithread-safe. */
+#undef SETLOCALE_NULL_ALL_MTSAFE
+
+/* Define to 1 if setlocale (category, NULL) is multithread-safe. */
+#undef SETLOCALE_NULL_ONE_MTSAFE
+
 /* File name of the Bourne shell.  */
-#if defined __CYGWIN__ || defined __ANDROID__
+#if (defined _WIN32 && !defined __CYGWIN__) || defined __CYGWIN__ || defined __ANDROID__
 /* Omit the directory part because
+   - For native Windows programs in a Cygwin environment, the Cygwin mounts
+     are not visible.
    - For 32-bit Cygwin programs in a 64-bit Cygwin environment, the Cygwin
      mounts are not visible.
    - On Android, /bin/sh does not exist. It's /system/bin/sh instead.  */
@@ -1618,24 +1942,12 @@
    'sig_atomic_t'. */
 #undef SIG_ATOMIC_T_SUFFIX
 
-/* The size of `int', as computed by sizeof. */
-#undef SIZEOF_INT
-
 /* The size of `long', as computed by sizeof. */
 #undef SIZEOF_LONG
 
-/* The size of `long long', as computed by sizeof. */
-#undef SIZEOF_LONG_LONG
-
 /* The size of `off_t', as computed by sizeof. */
 #undef SIZEOF_OFF_T
 
-/* The size of `short', as computed by sizeof. */
-#undef SIZEOF_SHORT
-
-/* The size of `void *', as computed by sizeof. */
-#undef SIZEOF_VOID_P
-
 /* Define as the maximum value of type 'size_t', if the system doesn't define
    it. */
 #ifndef SIZE_MAX
@@ -1657,7 +1969,9 @@
 /* Define to 1 if the `S_IS*' macros in <sys/stat.h> do not work properly. */
 #undef STAT_MACROS_BROKEN
 
-/* Define to 1 if you have the ANSI C header files. */
+/* Define to 1 if all of the C90 standard headers exist (not just the ones
+   required in a freestanding environment). This macro is provided for
+   backward compatibility; new code need not use it. */
 #undef STDC_HEADERS
 
 /* Define to 1 if strerror_r returns char *. */
@@ -1677,6 +1991,13 @@
    an underscore or empty. */
 #undef USER_LABEL_PREFIX
 
+/* Define if the combination of the ISO C and POSIX multithreading APIs can be
+   used. */
+#undef USE_ISOC_AND_POSIX_THREADS
+
+/* Define if the ISO C multithreading library can be used. */
+#undef USE_ISOC_THREADS
+
 /* Define to 1 if you want to use the Linux kernel cryptographic API. */
 #undef USE_LINUX_CRYPTO_API
 
@@ -1687,20 +2008,6 @@
    weak. */
 #undef USE_POSIX_THREADS_WEAK
 
-/* Define if the GNU Pth multithreading library can be used. */
-#undef USE_PTH_THREADS
-
-/* Define if references to the GNU Pth multithreading library should be made
-   weak. */
-#undef USE_PTH_THREADS_WEAK
-
-/* Define if the old Solaris multithreading library can be used. */
-#undef USE_SOLARIS_THREADS
-
-/* Define if references to the old Solaris multithreading library should be
-   made weak. */
-#undef USE_SOLARIS_THREADS_WEAK
-
 /* Enable extensions on AIX 3, Interix.  */
 #ifndef _ALL_SOURCE
 # undef _ALL_SOURCE
@@ -1709,19 +2016,44 @@
 #ifndef _DARWIN_C_SOURCE
 # undef _DARWIN_C_SOURCE
 #endif
+/* Enable general extensions on Solaris.  */
+#ifndef __EXTENSIONS__
+# undef __EXTENSIONS__
+#endif
 /* Enable GNU extensions on systems that have them.  */
 #ifndef _GNU_SOURCE
 # undef _GNU_SOURCE
 #endif
-/* Enable NetBSD extensions on NetBSD.  */
+/* Enable X/Open compliant socket functions that do not require linking
+   with -lxnet on HP-UX 11.11.  */
+#ifndef _HPUX_ALT_XOPEN_SOCKET_API
+# undef _HPUX_ALT_XOPEN_SOCKET_API
+#endif
+/* Identify the host operating system as Minix.
+   This macro does not affect the system headers' behavior.
+   A future release of Autoconf may stop defining this macro.  */
+#ifndef _MINIX
+# undef _MINIX
+#endif
+/* Enable general extensions on NetBSD.
+   Enable NetBSD compatibility extensions on Minix.  */
 #ifndef _NETBSD_SOURCE
 # undef _NETBSD_SOURCE
 #endif
-/* Enable OpenBSD extensions on NetBSD.  */
+/* Enable OpenBSD compatibility extensions on NetBSD.
+   Oddly enough, this does nothing on OpenBSD.  */
 #ifndef _OPENBSD_SOURCE
 # undef _OPENBSD_SOURCE
 #endif
-/* Enable threading extensions on Solaris.  */
+/* Define to 1 if needed for POSIX-compatible behavior.  */
+#ifndef _POSIX_SOURCE
+# undef _POSIX_SOURCE
+#endif
+/* Define to 2 if needed for POSIX-compatible behavior.  */
+#ifndef _POSIX_1_SOURCE
+# undef _POSIX_1_SOURCE
+#endif
+/* Enable POSIX-compatible threading on Solaris.  */
 #ifndef _POSIX_PTHREAD_SEMANTICS
 # undef _POSIX_PTHREAD_SEMANTICS
 #endif
@@ -1757,21 +2089,11 @@
 #ifndef _TANDEM_SOURCE
 # undef _TANDEM_SOURCE
 #endif
-/* Enable X/Open extensions if necessary.  HP-UX 11.11 defines
-   mbstate_t only if _XOPEN_SOURCE is defined to 500, regardless of
-   whether compiling with -Ae or -D_HPUX_SOURCE=1.  */
+/* Enable X/Open extensions.  Define to 500 only if necessary
+   to make mbstate_t available.  */
 #ifndef _XOPEN_SOURCE
 # undef _XOPEN_SOURCE
 #endif
-/* Enable X/Open compliant socket functions that do not require linking
-   with -lxnet on HP-UX 11.11.  */
-#ifndef _HPUX_ALT_XOPEN_SOCKET_API
-# undef _HPUX_ALT_XOPEN_SOCKET_API
-#endif
-/* Enable general extensions on Solaris.  */
-#ifndef __EXTENSIONS__
-# undef __EXTENSIONS__
-#endif
 
 
 /* Define to 1 if you want getc etc. to use unlocked I/O if available.
@@ -1789,6 +2111,12 @@
    'wchar_t'. */
 #undef WCHAR_T_SUFFIX
 
+/* Define if the wcrtomb function does not work in the C locale. */
+#undef WCRTOMB_C_LOCALE_BUG
+
+/* Define if the wcrtomb function has an incorrect return value. */
+#undef WCRTOMB_RETVAL_BUG
+
 /* Define if WSAStartup is needed. */
 #undef WINDOWS_SOCKETS
 
@@ -1812,12 +2140,18 @@
    `char[]'. */
 #undef YYTEXT_POINTER
 
-/* Enable large inode numbers on Mac OS X 10.5. */
-#undef _DARWIN_USE_64_BIT_INODE
-
 /* Number of bits in a file offset, on hosts where this is settable. */
 #undef _FILE_OFFSET_BITS
 
+/* True if the compiler says it groks GNU C version MAJOR.MINOR.  */
+#if defined __GNUC__ && defined __GNUC_MINOR__
+# define _GL_GNUC_PREREQ(major, minor) \
+    ((major) < __GNUC__ + ((minor) <= __GNUC_MINOR__))
+#else
+# define _GL_GNUC_PREREQ(major, minor) 0
+#endif
+
+
 /* Define to 1 to make fseeko visible on some hosts (e.g. glibc 2.2). */
 #undef _LARGEFILE_SOURCE
 
@@ -1827,23 +2161,27 @@
 /* Define to 1 on Solaris. */
 #undef _LCONV_C99
 
-/* Define to 1 if on MINIX. */
-#undef _MINIX
-
-/* Define to 1 to make NetBSD features available. MINIX 3 needs this. */
-#undef _NETBSD_SOURCE
-
 /* The _Noreturn keyword of C11.  */
 #ifndef _Noreturn
 # if (defined __cplusplus \
       && ((201103 <= __cplusplus && !(__GNUC__ == 4 && __GNUC_MINOR__ == 7)) \
-          || (defined _MSC_VER && 1900 <= _MSC_VER)))
+          || (defined _MSC_VER && 1900 <= _MSC_VER)) \
+      && 0)
+    /* [[noreturn]] is not practically usable, because with it the syntax
+         extern _Noreturn void func (...);
+       would not be valid; such a declaration would only be valid with 'extern'
+       and '_Noreturn' swapped, or without the 'extern' keyword.  However, some
+       AIX system header files and several gnulib header files use precisely
+       this syntax with 'extern'.  */
 #  define _Noreturn [[noreturn]]
 # elif ((!defined __cplusplus || defined __clang__) \
         && (201112 <= (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0)  \
-            || 4 < __GNUC__ + (7 <= __GNUC_MINOR__)))
+            || _GL_GNUC_PREREQ (4, 7) \
+            || (defined __apple_build_version__ \
+                ? 6000000 <= __apple_build_version__ \
+                : 3 < __clang_major__ + (5 <= __clang_minor__))))
    /* _Noreturn works as-is.  */
-# elif 2 < __GNUC__ + (8 <= __GNUC_MINOR__) || 0x5110 <= __SUNPRO_C
+# elif _GL_GNUC_PREREQ (2, 8) || defined __clang__ || 0x5110 <= __SUNPRO_C
 #  define _Noreturn __attribute__ ((__noreturn__))
 # elif 1200 <= (defined _MSC_VER ? _MSC_VER : 0)
 #  define _Noreturn __declspec (noreturn)
@@ -1853,17 +2191,10 @@
 #endif
 
 
-/* Define to 2 if the system does not provide POSIX.1 features except with
-   this defined. */
-#undef _POSIX_1_SOURCE
-
 /* Define to 1 in order to get the POSIX compatible declarations of socket
    functions. */
 #undef _POSIX_PII_SOCKET
 
-/* Define to 1 if you need to in order for 'stat' and other things to work. */
-#undef _POSIX_SOURCE
-
 /* Define if you want <regex.h> to include <limits.h>, so that it consistently
    overrides <limits.h>'s RE_DUP_MAX. */
 #undef _REGEX_INCLUDE_LIMITS_H
@@ -1889,7 +2220,7 @@
    invoked from such signal handlers.  Such functions have some restrictions:
      * All functions that it calls should be marked _GL_ASYNC_SAFE as well,
        or should be listed as async-signal-safe in POSIX
-       <http://pubs.opengroup.org/onlinepubs/9699919799/functions/V2_chap02.html#tag_15_04>
+       <https://pubs.opengroup.org/onlinepubs/9699919799/functions/V2_chap02.html#tag_15_04>
        section 2.4.3.  Note that malloc(), sprintf(), and fwrite(), in
        particular, are NOT async-signal-safe.
      * All memory locations (variables and struct fields) that these functions
@@ -1911,13 +2242,226 @@
 #define _GL_ASYNC_SAFE
 
 
+/* Attributes.  */
+#ifdef __has_attribute
+# define _GL_HAS_ATTRIBUTE(attr) __has_attribute (__##attr##__)
+#else
+# define _GL_HAS_ATTRIBUTE(attr) _GL_ATTR_##attr
+# define _GL_ATTR_alloc_size _GL_GNUC_PREREQ (4, 3)
+# define _GL_ATTR_always_inline _GL_GNUC_PREREQ (3, 2)
+# define _GL_ATTR_artificial _GL_GNUC_PREREQ (4, 3)
+# define _GL_ATTR_cold _GL_GNUC_PREREQ (4, 3)
+# define _GL_ATTR_const _GL_GNUC_PREREQ (2, 95)
+# define _GL_ATTR_deprecated _GL_GNUC_PREREQ (3, 1)
+# define _GL_ATTR_diagnose_if 0
+# define _GL_ATTR_error _GL_GNUC_PREREQ (4, 3)
+# define _GL_ATTR_externally_visible _GL_GNUC_PREREQ (4, 1)
+# define _GL_ATTR_fallthrough _GL_GNUC_PREREQ (7, 0)
+# define _GL_ATTR_format _GL_GNUC_PREREQ (2, 7)
+# define _GL_ATTR_leaf _GL_GNUC_PREREQ (4, 6)
+# ifdef _ICC
+#  define _GL_ATTR_may_alias 0
+# else
+#  define _GL_ATTR_may_alias _GL_GNUC_PREREQ (3, 3)
+# endif
+# define _GL_ATTR_malloc _GL_GNUC_PREREQ (3, 0)
+# define _GL_ATTR_noinline _GL_GNUC_PREREQ (3, 1)
+# define _GL_ATTR_nonnull _GL_GNUC_PREREQ (3, 3)
+# define _GL_ATTR_nonstring _GL_GNUC_PREREQ (8, 0)
+# define _GL_ATTR_nothrow _GL_GNUC_PREREQ (3, 3)
+# define _GL_ATTR_packed _GL_GNUC_PREREQ (2, 7)
+# define _GL_ATTR_pure _GL_GNUC_PREREQ (2, 96)
+# define _GL_ATTR_returns_nonnull _GL_GNUC_PREREQ (4, 9)
+# define _GL_ATTR_sentinel _GL_GNUC_PREREQ (4, 0)
+# define _GL_ATTR_unused _GL_GNUC_PREREQ (2, 7)
+# define _GL_ATTR_warn_unused_result _GL_GNUC_PREREQ (3, 4)
+#endif
+
+
+#if _GL_HAS_ATTRIBUTE (alloc_size)
+# define _GL_ATTRIBUTE_ALLOC_SIZE(args) __attribute__ ((__alloc_size__ args))
+#else
+# define _GL_ATTRIBUTE_ALLOC_SIZE(args)
+#endif
+
+#if _GL_HAS_ATTRIBUTE (always_inline)
+# define _GL_ATTRIBUTE_ALWAYS_INLINE __attribute__ ((__always_inline__))
+#else
+# define _GL_ATTRIBUTE_ALWAYS_INLINE
+#endif
+
+#if _GL_HAS_ATTRIBUTE (artificial)
+# define _GL_ATTRIBUTE_ARTIFICIAL __attribute__ ((__artificial__))
+#else
+# define _GL_ATTRIBUTE_ARTIFICIAL
+#endif
+
+/* Avoid __attribute__ ((cold)) on MinGW; see thread starting at
+   <https://lists.gnu.org/r/emacs-devel/2019-04/msg01152.html>.
+   Also, Oracle Studio 12.6 requires 'cold' not '__cold__'.  */
+#if _GL_HAS_ATTRIBUTE (cold) && !defined __MINGW32__
+# ifndef __SUNPRO_C
+#  define _GL_ATTRIBUTE_COLD __attribute__ ((__cold__))
+# else
+#  define _GL_ATTRIBUTE_COLD __attribute__ ((cold))
+# endif
+#else
+# define _GL_ATTRIBUTE_COLD
+#endif
+
+#if _GL_HAS_ATTRIBUTE (const)
+# define _GL_ATTRIBUTE_CONST __attribute__ ((__const__))
+#else
+# define _GL_ATTRIBUTE_CONST
+#endif
+
+#if 201710L < __STDC_VERSION__
+# define _GL_ATTRIBUTE_DEPRECATED [[__deprecated__]]
+#elif _GL_HAS_ATTRIBUTE (deprecated)
+# define _GL_ATTRIBUTE_DEPRECATED __attribute__ ((__deprecated__))
+#else
+# define _GL_ATTRIBUTE_DEPRECATED
+#endif
+
+#if _GL_HAS_ATTRIBUTE (error)
+# define _GL_ATTRIBUTE_ERROR(msg) __attribute__ ((__error__ (msg)))
+# define _GL_ATTRIBUTE_WARNING(msg) __attribute__ ((__warning__ (msg)))
+#elif _GL_HAS_ATTRIBUTE (diagnose_if)
+# define _GL_ATTRIBUTE_ERROR(msg) __attribute__ ((__diagnose_if__ (1, msg, "error")))
+# define _GL_ATTRIBUTE_WARNING(msg) __attribute__ ((__diagnose_if__ (1, msg, "warning")))
+#else
+# define _GL_ATTRIBUTE_ERROR(msg)
+# define _GL_ATTRIBUTE_WARNING(msg)
+#endif
+
+#if _GL_HAS_ATTRIBUTE (externally_visible)
+# define _GL_ATTRIBUTE_EXTERNALLY_VISIBLE __attribute__ ((externally_visible))
+#else
+# define _GL_ATTRIBUTE_EXTERNALLY_VISIBLE
+#endif
+
+/* FALLTHROUGH is special, because it always expands to something.  */
+#if 201710L < __STDC_VERSION__
+# define _GL_ATTRIBUTE_FALLTHROUGH [[__fallthrough__]]
+#elif _GL_HAS_ATTRIBUTE (fallthrough)
+# define _GL_ATTRIBUTE_FALLTHROUGH __attribute__ ((__fallthrough__))
+#else
+# define _GL_ATTRIBUTE_FALLTHROUGH ((void) 0)
+#endif
+
+#if _GL_HAS_ATTRIBUTE (format)
+# define _GL_ATTRIBUTE_FORMAT(spec) __attribute__ ((__format__ spec))
+#else
+# define _GL_ATTRIBUTE_FORMAT(spec)
+#endif
+
+#if _GL_HAS_ATTRIBUTE (leaf)
+# define _GL_ATTRIBUTE_LEAF __attribute__ ((__leaf__))
+#else
+# define _GL_ATTRIBUTE_LEAF
+#endif
+
+/* Oracle Studio 12.6 mishandles may_alias despite __has_attribute OK.  */
+#if _GL_HAS_ATTRIBUTE (may_alias) && !defined __SUNPRO_C
+# define _GL_ATTRIBUTE_MAY_ALIAS __attribute__ ((__may_alias__))
+#else
+# define _GL_ATTRIBUTE_MAY_ALIAS
+#endif
+
+#if 201710L < __STDC_VERSION__
+# define _GL_ATTRIBUTE_MAYBE_UNUSED [[__maybe_unused__]]
+#elif _GL_HAS_ATTRIBUTE (unused)
+# define _GL_ATTRIBUTE_MAYBE_UNUSED __attribute__ ((__unused__))
+#else
+# define _GL_ATTRIBUTE_MAYBE_UNUSED
+#endif
+/* Earlier spellings of this macro.  */
+#define _GL_UNUSED _GL_ATTRIBUTE_MAYBE_UNUSED
+#define _UNUSED_PARAMETER_ _GL_ATTRIBUTE_MAYBE_UNUSED
+
+#if _GL_HAS_ATTRIBUTE (malloc)
+# define _GL_ATTRIBUTE_MALLOC __attribute__ ((__malloc__))
+#else
+# define _GL_ATTRIBUTE_MALLOC
+#endif
+
+#if 201710L < __STDC_VERSION__
+# define _GL_ATTRIBUTE_NODISCARD [[__nodiscard__]]
+#elif _GL_HAS_ATTRIBUTE (warn_unused_result)
+# define _GL_ATTRIBUTE_NODISCARD __attribute__ ((__warn_unused_result__))
+#else
+# define _GL_ATTRIBUTE_NODISCARD
+#endif
+
+#if _GL_HAS_ATTRIBUTE (noinline)
+# define _GL_ATTRIBUTE_NOINLINE __attribute__ ((__noinline__))
+#else
+# define _GL_ATTRIBUTE_NOINLINE
+#endif
+
+#if _GL_HAS_ATTRIBUTE (nonnull)
+# define _GL_ATTRIBUTE_NONNULL(args) __attribute__ ((__nonnull__ args))
+#else
+# define _GL_ATTRIBUTE_NONNULL(args)
+#endif
+
+#if _GL_HAS_ATTRIBUTE (nonstring)
+# define _GL_ATTRIBUTE_NONSTRING __attribute__ ((__nonstring__))
+#else
+# define _GL_ATTRIBUTE_NONSTRING
+#endif
+
+/* There is no _GL_ATTRIBUTE_NORETURN; use _Noreturn instead.  */
+
+#if _GL_HAS_ATTRIBUTE (nothrow) && !defined __cplusplus
+# define _GL_ATTRIBUTE_NOTHROW __attribute__ ((__nothrow__))
+#else
+# define _GL_ATTRIBUTE_NOTHROW
+#endif
+
+#if _GL_HAS_ATTRIBUTE (packed)
+# define _GL_ATTRIBUTE_PACKED __attribute__ ((__packed__))
+#else
+# define _GL_ATTRIBUTE_PACKED
+#endif
+
+#if _GL_HAS_ATTRIBUTE (pure)
+# define _GL_ATTRIBUTE_PURE __attribute__ ((__pure__))
+#else
+# define _GL_ATTRIBUTE_PURE
+#endif
+
+#if _GL_HAS_ATTRIBUTE (returns_nonnull)
+# define _GL_ATTRIBUTE_RETURNS_NONNULL __attribute__ ((__returns_nonnull__))
+#else
+# define _GL_ATTRIBUTE_RETURNS_NONNULL
+#endif
+
+#if _GL_HAS_ATTRIBUTE (sentinel)
+# define _GL_ATTRIBUTE_SENTINEL(pos) __attribute__ ((__sentinel__ pos))
+#else
+# define _GL_ATTRIBUTE_SENTINEL(pos)
+#endif
+
+
+/* To support C++ as well as C, use _GL_UNUSED_LABEL with trailing ';'.  */
+#if !defined __cplusplus || _GL_GNUC_PREREQ (4, 5)
+# define _GL_UNUSED_LABEL _GL_ATTRIBUTE_MAYBE_UNUSED
+#else
+# define _GL_UNUSED_LABEL
+#endif
+
+
 /* Define to empty if `const' does not conform to ANSI C. */
 #undef const
 
+/* Define as 'access' if you don't have the eaccess() function. */
+#undef eaccess
+
 /* Please see the Gnulib manual for how to use these macros.
 
    Suppress extern inline with HP-UX cc, as it appears to be broken; see
-   <https://lists.gnu.org/r/bug-texinfo/2013-02/msg00030.html>.
+   <http://lists.gnu.org/archive/html/bug-texinfo/2013-02/msg00030.html>.
 
    Suppress extern inline with Sun C in standards-conformance mode, as it
    mishandles inline functions that call each other.  E.g., for 'inline void f
@@ -1931,32 +2475,20 @@
    if isdigit is mistakenly implemented via a static inline function,
    a program containing an extern inline function that calls isdigit
    may not work since the C standard prohibits extern inline functions
-   from calling static functions (ISO C 99 section 6.7.4.(3).
-   This bug is known to occur on:
+   from calling static functions.  This bug is known to occur on:
 
      OS X 10.8 and earlier; see:
-     https://lists.gnu.org/r/bug-gnulib/2012-12/msg00023.html
+     http://lists.gnu.org/archive/html/bug-gnulib/2012-12/msg00023.html
 
      DragonFly; see
      http://muscles.dragonflybsd.org/bulk/bleeding-edge-potential/latest-per-pkg/ah-tty-0.3.12.log
 
      FreeBSD; see:
-     https://lists.gnu.org/r/bug-gnulib/2014-07/msg00104.html
+     http://lists.gnu.org/archive/html/bug-gnulib/2014-07/msg00104.html
 
    OS X 10.9 has a macro __header_inline indicating the bug is fixed for C and
-   for clang but remains for g++; see <https://trac.macports.org/ticket/41033>.
-   Assume DragonFly and FreeBSD will be similar.
-
-   GCC 4.3 and above with -std=c99 or -std=gnu99 implements ISO C99
-   inline semantics, unless -fgnu89-inline is used.  It defines a macro
-   __GNUC_STDC_INLINE__ to indicate this situation or a macro
-   __GNUC_GNU_INLINE__ to indicate the opposite situation.
-   GCC 4.2 with -std=c99 or -std=gnu99 implements the GNU C inline
-   semantics but warns, unless -fgnu89-inline is used:
-     warning: C99 inline functions are not supported; using GNU89
-     warning: to disable this warning use -fgnu89-inline or the gnu_inline function attribute
-   It defines a macro __GNUC_GNU_INLINE__ to indicate this situation.
- */
+   for clang but remains for g++; see <http://trac.macports.org/ticket/41033>.
+   Assume DragonFly and FreeBSD will be similar.  */
 #if (((defined __APPLE__ && defined __MACH__) \
       || defined __DragonFly__ || defined __FreeBSD__) \
      && (defined __header_inline \
@@ -1972,7 +2504,6 @@
       ? defined __GNUC_STDC_INLINE__ && __GNUC_STDC_INLINE__ \
       : (199901L <= __STDC_VERSION__ \
          && !defined __HP_cc \
-         && !defined __PGI \
          && !(defined __SUNPRO_C && __STDC__))) \
      && !defined _GL_EXTERN_INLINE_STDHEADER_BUG)
 # define _GL_INLINE inline
@@ -1993,19 +2524,17 @@
 # define _GL_EXTERN_INLINE static _GL_UNUSED
 #endif
 
-/* In GCC 4.6 (inclusive) to 5.1 (exclusive),
-   suppress bogus "no previous prototype for 'FOO'"
-   and "no previous declaration for 'FOO'" diagnostics,
-   when FOO is an inline function in the header; see
-   <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=54113> and
-   <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63877>.  */
-#if __GNUC__ == 4 && 6 <= __GNUC_MINOR__
+#if 4 < __GNUC__ + (6 <= __GNUC_MINOR__)
 # if defined __GNUC_STDC_INLINE__ && __GNUC_STDC_INLINE__
 #  define _GL_INLINE_HEADER_CONST_PRAGMA
 # else
 #  define _GL_INLINE_HEADER_CONST_PRAGMA \
      _Pragma ("GCC diagnostic ignored \"-Wsuggest-attribute=const\"")
 # endif
+  /* Suppress GCC's bogus "no previous prototype for 'FOO'"
+     and "no previous declaration for 'FOO'"  diagnostics,
+     when FOO is an inline function in the header; see
+     <http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54113>.  */
 # define _GL_INLINE_HEADER_BEGIN \
     _Pragma ("GCC diagnostic push") \
     _Pragma ("GCC diagnostic ignored \"-Wmissing-prototypes\"") \
@@ -2043,6 +2572,22 @@
 /* Define to a type if <wchar.h> does not define. */
 #undef mbstate_t
 
+/* _GL_CMP (n1, n2) performs a three-valued comparison on n1 vs. n2, where
+   n1 and n2 are expressions without side effects, that evaluate to real
+   numbers (excluding NaN).
+   It returns
+     1  if n1 > n2
+     0  if n1 == n2
+     -1 if n1 < n2
+   The naïve code   (n1 > n2 ? 1 : n1 < n2 ? -1 : 0)  produces a conditional
+   jump with nearly all GCC versions up to GCC 10.
+   This variant     (n1 < n2 ? -1 : n1 > n2)  produces a conditional with many
+   GCC versions up to GCC 9.
+   The better code  (n1 > n2) - (n1 < n2)  from Hacker's Delight § 2-9
+   avoids conditional jumps in all GCC versions >= 3.4.  */
+#define _GL_CMP(n1, n2) (((n1) > (n2)) - ((n1) < (n2)))
+
+
 /* Define to the real name of the mktime_internal function. */
 #undef mktime_internal
 
@@ -2052,7 +2597,7 @@
 /* Define to the type of st_nlink in struct stat, or a supertype. */
 #undef nlink_t
 
-/* Define to `int' if <sys/types.h> does not define. */
+/* Define as a signed integer type capable of holding a process identifier. */
 #undef pid_t
 
 /* Define as the type of the result of subtracting two pointers, if the system
@@ -2106,14 +2651,15 @@
 
 /* Define to the equivalent of the C99 'restrict' keyword, or to
    nothing if this is not supported.  Do not define if restrict is
-   supported directly.  */
+   supported only directly.  */
 #undef restrict
-/* Work around a bug in Sun C++: it does not support _Restrict or
-   __restrict__, even though the corresponding Sun C compiler ends up with
-   "#define restrict _Restrict" or "#define restrict __restrict__" in the
-   previous line.  Perhaps some future version of Sun C++ will work with
-   restrict; if so, hopefully it defines __RESTRICT like Sun C does.  */
-#if defined __SUNPRO_CC && !defined __RESTRICT
+/* Work around a bug in older versions of Sun C++, which did not
+   #define __restrict__ or support _Restrict or __restrict__
+   even though the corresponding Sun C compiler ended up with
+   "#define restrict _Restrict" or "#define restrict __restrict__"
+   in the previous line.  This workaround can be removed once
+   we assume Oracle Developer Studio 12.5 (2016) or later.  */
+#if defined __SUNPRO_CC && !defined __RESTRICT && !defined __restrict__
 # define _Restrict
 # define __restrict__
 #endif
@@ -2134,50 +2680,6 @@
 /* Define to `int' if <sys/types.h> doesn't define. */
 #undef uid_t
 
-/* Define as a marker that can be attached to declarations that might not
-    be used.  This helps to reduce warnings, such as from
-    GCC -Wunused-parameter.  */
-#if __GNUC__ >= 3 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 7)
-# define _GL_UNUSED __attribute__ ((__unused__))
-#else
-# define _GL_UNUSED
-#endif
-/* The name _UNUSED_PARAMETER_ is an earlier spelling, although the name
-   is a misnomer outside of parameter lists.  */
-#define _UNUSED_PARAMETER_ _GL_UNUSED
-
-/* gcc supports the "unused" attribute on possibly unused labels, and
-   g++ has since version 4.5.  Note to support C++ as well as C,
-   _GL_UNUSED_LABEL should be used with a trailing ;  */
-#if !defined __cplusplus || __GNUC__ > 4 \
-    || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5)
-# define _GL_UNUSED_LABEL _GL_UNUSED
-#else
-# define _GL_UNUSED_LABEL
-#endif
-
-/* The __pure__ attribute was added in gcc 2.96.  */
-#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 96)
-# define _GL_ATTRIBUTE_PURE __attribute__ ((__pure__))
-#else
-# define _GL_ATTRIBUTE_PURE /* empty */
-#endif
-
-/* The __const__ attribute was added in gcc 2.95.  */
-#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 95)
-# define _GL_ATTRIBUTE_CONST __attribute__ ((__const__))
-#else
-# define _GL_ATTRIBUTE_CONST /* empty */
-#endif
-
-/* The __malloc__ attribute was added in gcc 3.  */
-#if 3 <= __GNUC__
-# define _GL_ATTRIBUTE_MALLOC __attribute__ ((__malloc__))
-#else
-# define _GL_ATTRIBUTE_MALLOC /* empty */
-#endif
-
-
 /* Define to empty if the keyword `volatile' does not work. Warning: valid
    code using `volatile' can become incorrect without. Disable with care. */
 #undef volatile
diff --git a/src/connect.c b/src/connect.c
index 7b0dbbd..ad7ba0b 100644
--- a/src/connect.c
+++ b/src/connect.c
@@ -1,5 +1,5 @@
 /* Establishing and handling network connections.
-   Copyright (C) 1995-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1995-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -678,14 +678,17 @@ retryable_socket_connect_error (int err)
    should be taken as such (for example, it doesn't implement Wget's
    0-timeout-means-no-timeout semantics.)  */
 
-int
-select_fd (int fd, double maxtime, int wait_for)
+static int
+select_fd_internal (int fd, double maxtime, int wait_for, bool convert_back _GL_UNUSED)
 {
   fd_set fdset;
   fd_set *rd = NULL, *wr = NULL;
   struct timeval tmout;
   int result;
 
+  if (fd < 0)
+    return -1;
+
   if (fd >= FD_SETSIZE)
     {
       logprintf (LOG_NOTQUIET, _("Too many fds open.  Cannot use select on a fd >= %d\n"), FD_SETSIZE);
@@ -707,7 +710,8 @@ select_fd (int fd, double maxtime, int wait_for)
 #ifdef WINDOWS
     /* gnulib select() converts blocking sockets to nonblocking in windows.
        wget uses blocking sockets so we must convert them back to blocking.  */
-    set_windows_fd_as_blocking_socket (fd);
+    if (convert_back)
+      set_windows_fd_as_blocking_socket (fd);
 #endif
   }
   while (result < 0 && errno == EINTR);
@@ -715,6 +719,20 @@ select_fd (int fd, double maxtime, int wait_for)
   return result;
 }
 
+int
+select_fd (int fd, double maxtime, int wait_for)
+{
+  return select_fd_internal (fd, maxtime, wait_for, true);
+}
+
+#ifdef WINDOWS
+int
+select_fd_nb (int fd, double maxtime, int wait_for)
+{
+  return select_fd_internal (fd, maxtime, wait_for, false);
+}
+#endif
+
 /* Return true if the connection to the remote site established
    through SOCK is still open.
 
@@ -922,12 +940,15 @@ fd_read (int fd, char *buf, int bufsize, double timeout)
 {
   struct transport_info *info;
   LAZY_RETRIEVE_INFO (info);
+
+  /* let imp->reader take care about timeout.
+     (or in worst case timeout can be 2*timeout) */
+  if (info && info->imp->reader)
+    return info->imp->reader (fd, buf, bufsize, info->ctx, timeout);
+
   if (!poll_internal (fd, info, WAIT_FOR_READ, timeout))
     return -1;
-  if (info && info->imp->reader)
-    return info->imp->reader (fd, buf, bufsize, info->ctx);
-  else
-    return sock_read (fd, buf, bufsize);
+  return sock_read (fd, buf, bufsize);
 }
 
 /* Like fd_read, except it provides a "preview" of the data that will
@@ -947,12 +968,13 @@ fd_peek (int fd, char *buf, int bufsize, double timeout)
 {
   struct transport_info *info;
   LAZY_RETRIEVE_INFO (info);
+
+  if (info && info->imp->peeker)
+    return info->imp->peeker (fd, buf, bufsize, info->ctx, timeout);
+
   if (!poll_internal (fd, info, WAIT_FOR_READ, timeout))
     return -1;
-  if (info && info->imp->peeker)
-    return info->imp->peeker (fd, buf, bufsize, info->ctx);
-  else
-    return sock_peek (fd, buf, bufsize);
+  return sock_peek (fd, buf, bufsize);
 }
 
 /* Write the entire contents of BUF to FD.  If TIMEOUT is non-zero,
@@ -1002,6 +1024,7 @@ fd_errstr (int fd)
   /* Don't bother with LAZY_RETRIEVE_INFO, as this will only be called
      in case of error, never in a tight loop.  */
   struct transport_info *info = NULL;
+
   if (transport_map)
     info = hash_table_get (transport_map, (void *)(intptr_t) fd);
 
@@ -1043,6 +1066,7 @@ fd_close (int fd)
     }
 }
 
+#if defined DEBUG_MALLOC || defined TESTING
 void
 connect_cleanup(void)
 {
@@ -1057,3 +1081,4 @@ connect_cleanup(void)
       transport_map = NULL;
     }
 }
+#endif
diff --git a/src/connect.h b/src/connect.h
index a2673c0..8453559 100644
--- a/src/connect.h
+++ b/src/connect.h
@@ -1,5 +1,5 @@
 /* Declarations for connect.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -63,10 +63,10 @@ int select_fd (int, double, int);
 bool test_socket_open (int);
 
 struct transport_implementation {
-  int (*reader) (int, char *, int, void *);
+  int (*reader) (int, char *, int, void *, double);
   int (*writer) (int, char *, int, void *);
   int (*poller) (int, double, int, void *);
-  int (*peeker) (int, char *, int, void *);
+  int (*peeker) (int, char *, int, void *, double);
   const char *(*errstr) (int, void *);
   void (*closer) (int, void *);
 };
@@ -80,4 +80,10 @@ const char *fd_errstr (int);
 void fd_close (int);
 void connect_cleanup (void);
 
+#ifdef WINDOWS
+int select_fd_nb (int, double, int);
+#else
+#define select_fd_nb select_fd
+#endif
+
 #endif /* CONNECT_H */
diff --git a/src/convert.c b/src/convert.c
index d712a9c..f422178 100644
--- a/src/convert.c
+++ b/src/convert.c
@@ -1,5 +1,5 @@
 /* Conversion of links to local files.
-   Copyright (C) 2003-2011, 2014-2015, 2018-2019 Free Software
+   Copyright (C) 2003-2011, 2014-2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
@@ -64,17 +64,17 @@ convert_links_in_hashtable (struct hash_table *downloaded_set,
                             int is_css,
                             int *file_count)
 {
-  int i;
-
-  int cnt;
-  char **file_array;
+  int i, cnt = 0;
+  char *arr[1024], **file_array;
 
-  cnt = 0;
-  if (downloaded_set)
-    cnt = hash_table_count (downloaded_set);
-  if (cnt == 0)
+  if (!downloaded_set || (cnt = hash_table_count (downloaded_set)) == 0)
     return;
-  file_array = alloca_array (char *, cnt);
+
+  if (cnt <= (int) countof (arr))
+    file_array = arr;
+  else
+    file_array = xmalloc (cnt * sizeof (arr[0]));
+
   string_set_to_array (downloaded_set, file_array);
 
   for (i = 0; i < cnt; i++)
@@ -166,6 +166,9 @@ convert_links_in_hashtable (struct hash_table *downloaded_set,
       /* Free the data.  */
       free_urlpos (urls);
     }
+
+  if (file_array != arr)
+    xfree (file_array);
 }
 
 /* This function is called when the retrieval is done to convert the
@@ -240,6 +243,7 @@ convert_links (const char *file, struct urlpos *links)
         logputs (LOG_VERBOSE, _("nothing to do.\n"));
         return;
       }
+    logprintf (LOG_VERBOSE, _("%d.\n"), dry_count);
   }
 
   fm = wget_read_file (file);
@@ -486,7 +490,7 @@ convert_basename (const char *p, const struct urlpos *link)
 {
   int len = link->size;
   char *url = NULL;
-  char *org_basename = NULL, *local_basename = NULL;
+  char *org_basename = NULL, *local_basename;
   char *result = NULL;
 
   if (*p == '"' || *p == '\'')
@@ -503,7 +507,7 @@ convert_basename (const char *p, const struct urlpos *link)
   else
     org_basename = url;
 
-  local_basename = strrchr (link->local_name, '/');
+  local_basename = link->local_name ? strrchr (link->local_name, '/') : NULL;
   if (local_basename)
     local_basename++;
   else
@@ -537,32 +541,6 @@ write_backup_file (const char *file, downloaded_file_t downloaded_file_return)
      clobber .orig files sitting around from previous invocations.
      On VMS, use "_orig" instead of ".orig".  See "wget.h". */
 
-  /* Construct the backup filename as the original name plus ".orig". */
-  size_t         filename_len = strlen (file);
-  char*          filename_plus_orig_suffix;
-
-  /* TODO: hack this to work with css files */
-  if (downloaded_file_return == FILE_DOWNLOADED_AND_HTML_EXTENSION_ADDED)
-    {
-      /* Just write "orig" over "html".  We need to do it this way
-         because when we're checking to see if we've downloaded the
-         file before (to see if we can skip downloading it), we don't
-         know if it's a text/html file.  Therefore we don't know yet
-         at that stage that -E is going to cause us to tack on
-         ".html", so we need to compare vs. the original URL plus
-         ".orig", not the original URL plus ".html.orig". */
-      filename_plus_orig_suffix = alloca (filename_len + 1);
-      strcpy (filename_plus_orig_suffix, file);
-      strcpy ((filename_plus_orig_suffix + filename_len) - 4, "orig");
-    }
-  else /* downloaded_file_return == FILE_DOWNLOADED_NORMALLY */
-    {
-      /* Append ".orig" to the name. */
-      filename_plus_orig_suffix = alloca (filename_len + sizeof (ORIG_SFX));
-      strcpy (filename_plus_orig_suffix, file);
-      strcpy (filename_plus_orig_suffix + filename_len, ORIG_SFX);
-    }
-
   if (!converted_files)
     converted_files = make_string_hash_table (0);
 
@@ -573,11 +551,44 @@ write_backup_file (const char *file, downloaded_file_t downloaded_file_return)
      called on this file. */
   if (!string_set_contains (converted_files, file))
     {
+      /* Construct the backup filename as the original name plus ".orig". */
+      char buf[1024];
+      size_t filename_len = strlen (file);
+      char *filename_plus_orig_suffix;
+
+      if (filename_len < sizeof (buf) - 5)
+        filename_plus_orig_suffix = buf;
+      else
+        filename_plus_orig_suffix = xmalloc (filename_len + 5 + 1);
+
+      /* TODO: hack this to work with css files */
+      if (downloaded_file_return == FILE_DOWNLOADED_AND_HTML_EXTENSION_ADDED)
+        {
+          /* Just write "orig" over "html".  We need to do it this way
+             because when we're checking to see if we've downloaded the
+             file before (to see if we can skip downloading it), we don't
+             know if it's a text/html file.  Therefore we don't know yet
+             at that stage that -E is going to cause us to tack on
+             ".html", so we need to compare vs. the original URL plus
+             ".orig", not the original URL plus ".html.orig". */
+          memcpy (filename_plus_orig_suffix, file, filename_len - 4);
+          memcpy (filename_plus_orig_suffix + filename_len - 4, "orig", 5);
+        }
+      else /* downloaded_file_return == FILE_DOWNLOADED_NORMALLY */
+        {
+          /* Append ".orig" to the name. */
+          memcpy (filename_plus_orig_suffix, file, filename_len);
+          strcpy (filename_plus_orig_suffix + filename_len, ORIG_SFX);
+        }
+
       /* Rename <file> to <file>.orig before former gets written over. */
       if (rename (file, filename_plus_orig_suffix) != 0)
         logprintf (LOG_NOTQUIET, _("Cannot back up %s as %s: %s\n"),
                    file, filename_plus_orig_suffix, strerror (errno));
 
+      if (filename_plus_orig_suffix != buf)
+        xfree (filename_plus_orig_suffix);
+
       /* Remember that we've already written a .orig backup for this file.
          Note that we never free this memory since we need it till the
          convert_all_links() call, which is one of the last things the
@@ -658,11 +669,18 @@ replace_attr_refresh_hack (const char *p, int size, FILE *fp,
                            const char *new_text, int timeout)
 {
   /* "0; URL=..." */
-  char *new_with_timeout = (char *)alloca (numdigit (timeout)
-                                           + 6 /* "; URL=" */
-                                           + strlen (new_text)
-                                           + 1);
-  sprintf (new_with_timeout, "%d; URL=%s", timeout, new_text);
+  char new_with_timeout[1024];
+
+  if (((unsigned) snprintf (
+       new_with_timeout, sizeof (new_with_timeout),
+       "%d; URL=%s", timeout, new_text)) >= sizeof (new_with_timeout))
+    {
+      // very unlikely fallback using heap memory
+      char *tmp = aprintf("%d; URL=%s", timeout, new_text);
+      const char *res = replace_attr (p, size, fp, tmp);
+      xfree (tmp);
+      return res;
+    }
 
   return replace_attr (p, size, fp, new_with_timeout);
 }
@@ -719,7 +737,9 @@ static char *
 local_quote_string (const char *file, bool no_html_quote)
 {
   const char *from;
-  char *newname, *to;
+  char *newname, *to, *res;
+  char buf[1024];
+  size_t tolen;
 
   char *any = strpbrk (file, "?#%;");
   if (!any)
@@ -727,8 +747,12 @@ local_quote_string (const char *file, bool no_html_quote)
 
   /* Allocate space assuming the worst-case scenario, each character
      having to be quoted.  */
-  to = newname = (char *)alloca (3 * strlen (file) + 1);
-  newname[0] = '\0';
+  tolen = 3 * strlen (file);
+  if (tolen < sizeof (buf))
+    to = newname = buf;
+  else
+    to = newname = xmalloc (tolen + 1);
+
   for (from = file; *from; from++)
     switch (*from)
       {
@@ -761,7 +785,15 @@ local_quote_string (const char *file, bool no_html_quote)
       }
   *to = '\0';
 
-  return no_html_quote ? strdup (newname) : html_quote_string (newname);
+  if (newname == buf)
+    return no_html_quote ? strdup (newname) : html_quote_string (newname);
+
+  if (no_html_quote)
+    return newname;
+
+  res = html_quote_string (newname);
+  xfree (newname);
+  return res;
 }
 
 /* Book-keeping code for dl_file_url_map, dl_url_file_map,
@@ -993,10 +1025,11 @@ register_css (const char *file)
   string_set_add (downloaded_css_set, file);
 }
 
-static void downloaded_files_free (void);
-
 /* Cleanup the data structures associated with this file.  */
 
+#if defined DEBUG_MALLOC || defined TESTING
+static void downloaded_files_free (void);
+
 void
 convert_cleanup (void)
 {
@@ -1014,10 +1047,13 @@ convert_cleanup (void)
     }
   if (downloaded_html_set)
     string_set_free (downloaded_html_set);
+  if (downloaded_css_set)
+    string_set_free (downloaded_css_set);
   downloaded_files_free ();
   if (converted_files)
     string_set_free (converted_files);
 }
+#endif
 
 /* Book-keeping code for downloaded files that enables extension
    hacks.  */
@@ -1100,6 +1136,7 @@ downloaded_file (downloaded_file_t mode, const char *file)
   return FILE_NOT_ALREADY_DOWNLOADED;
 }
 
+#if defined DEBUG_MALLOC || defined TESTING
 static void
 downloaded_files_free (void)
 {
@@ -1114,6 +1151,7 @@ downloaded_files_free (void)
       downloaded_files_hash = NULL;
     }
 }
+#endif
 
 /* The function returns the pointer to the malloc-ed quoted version of
    string s.  It will recognize and quote numeric and special graphic
diff --git a/src/convert.h b/src/convert.h
index ceacf88..531afbd 100644
--- a/src/convert.h
+++ b/src/convert.h
@@ -1,5 +1,5 @@
 /* Declarations for convert.c
-   Copyright (C) 2003-2006, 2009-2011, 2015, 2018-2019 Free Software
+   Copyright (C) 2003-2006, 2009-2011, 2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
diff --git a/src/cookies.c b/src/cookies.c
index a2eacfc..6ddb931 100644
--- a/src/cookies.c
+++ b/src/cookies.c
@@ -1,5 +1,5 @@
 /* Support for cookies.
-   Copyright (C) 2001-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2001-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -395,12 +395,15 @@ parse_set_cookie (const char *set_cookie, bool silent)
         }
       else if (TOKEN_IS (name, "expires"))
         {
-          char *value_copy;
+          char value_copy[128];
+          size_t value_len = value.e - value.b;
           time_t expires;
 
-          if (!TOKEN_NON_EMPTY (value))
+          if (!TOKEN_NON_EMPTY (value) || value_len >= sizeof (value_copy))
             goto error;
-          BOUNDED_TO_ALLOCA (value.b, value.e, value_copy);
+
+          memcpy (value_copy, value.b, value_len);
+          value_copy[value_len] = 0;
 
           /* Check if expiration spec is valid.
              If not, assume default (cookie doesn't expire, but valid only for
@@ -420,18 +423,21 @@ parse_set_cookie (const char *set_cookie, bool silent)
       else if (TOKEN_IS (name, "max-age"))
         {
           double maxage = -1;
-          char *value_copy;
+          char value_copy[32];
+          size_t value_len = value.e - value.b;
 
-          if (!TOKEN_NON_EMPTY (value))
+          if (!TOKEN_NON_EMPTY (value) || value_len >= sizeof (value_copy))
             goto error;
-          BOUNDED_TO_ALLOCA (value.b, value.e, value_copy);
+
+          memcpy (value_copy, value.b, value_len);
+          value_copy[value_len] = 0;
 
           sscanf (value_copy, "%lf", &maxage);
           if (maxage == -1)
             /* something went wrong. */
             goto error;
           cookie->permanent = 1;
-          cookie->expiry_time = cookies_now + maxage;
+          cookie->expiry_time = cookies_now + (time_t) maxage;
 
           /* According to rfc2109, a cookie with max-age of 0 means that
              discarding of a matching cookie is requested.  */
@@ -521,14 +527,15 @@ numeric_address_p (const char *addr)
    upper case strings.
    */
 
+#ifdef HAVE_LIBPSL
+static psl_ctx_t *psl;
+#endif
+
 static bool
 check_domain_match (const char *cookie_domain, const char *host)
 {
-
 #ifdef HAVE_LIBPSL
   static int init_psl;
-  static const psl_ctx_t *psl;
-
   char *cookie_domain_lower = NULL;
   char *host_lower = NULL;
   int is_acceptable;
@@ -722,17 +729,6 @@ check_path_match (const char *cookie_path, const char *path)
   return path_matches (path, cookie_path) != 0;
 }
 
-/* Prepend '/' to string S.  S is copied to fresh stack-allocated
-   space and its value is modified to point to the new location.  */
-
-#define PREPEND_SLASH(s) do {                                   \
-  char *PS_newstr = (char *) alloca (1 + strlen (s) + 1);       \
-  *PS_newstr = '/';                                             \
-  strcpy (PS_newstr + 1, s);                                    \
-  s = PS_newstr;                                                \
-} while (0)
-
-
 /* Process the HTTP `Set-Cookie' header.  This results in storing the
    cookie or discarding a matching one, or ignoring it completely, all
    depending on the contents.  */
@@ -744,11 +740,20 @@ cookie_handle_set_cookie (struct cookie_jar *jar,
 {
   struct cookie *cookie;
   cookies_now = time (NULL);
+  char buf[1024], *tmp;
+  size_t pathlen = strlen(path);
 
   /* Wget's paths don't begin with '/' (blame rfc1808), but cookie
      usage assumes /-prefixed paths.  Until the rest of Wget is fixed,
      simply prepend slash to PATH.  */
-  PREPEND_SLASH (path);
+  if (pathlen < sizeof (buf) - 1)
+    tmp = buf;
+  else
+    tmp = xmalloc (pathlen + 2);
+
+  *tmp = '/';
+  memcpy (tmp + 1, path, pathlen + 1);
+  path = tmp;
 
   cookie = parse_set_cookie (set_cookie, false);
   if (!cookie)
@@ -810,11 +815,15 @@ cookie_handle_set_cookie (struct cookie_jar *jar,
     }
 
   store_cookie (jar, cookie);
+  if (tmp != buf)
+    xfree (tmp);
   return;
 
  out:
   if (cookie)
     delete_cookie (cookie);
+  if (tmp != buf)
+    xfree (tmp);
 }
 
 /* Support for sending out cookies in HTTP requests, based on
@@ -1046,28 +1055,47 @@ char *
 cookie_header (struct cookie_jar *jar, const char *host,
                int port, const char *path, bool secflag)
 {
-  struct cookie **chains;
+  struct cookie *chains[32];
   int chain_count;
 
   struct cookie *cookie;
   struct weighed_cookie *outgoing;
   size_t count, i, ocnt;
-  char *result;
+  char *result = NULL;
   int result_size, pos;
-  PREPEND_SLASH (path);         /* see cookie_handle_set_cookie */
+  char pathbuf[1024];
 
   /* First, find the cookie chains whose domains match HOST. */
 
   /* Allocate room for find_chains_of_host to write to.  The number of
      chains can at most equal the number of subdomains, hence
-     1+<number of dots>.  */
-  chains = alloca_array (struct cookie *, 1 + count_char (host, '.'));
+     1+<number of dots>.  We ignore cookies with more than 32 labels. */
+  chain_count = 1 + count_char (host, '.');
+  if (chain_count > (int) countof (chains))
+    return NULL;
   chain_count = find_chains_of_host (jar, host, chains);
 
   /* No cookies for this host. */
   if (chain_count <= 0)
     return NULL;
 
+  /* Wget's paths don't begin with '/' (blame rfc1808), but cookie
+     usage assumes /-prefixed paths.  Until the rest of Wget is fixed,
+     simply prepend slash to PATH.  */
+  {
+    char *tmp;
+    size_t pathlen = strlen(path);
+
+    if (pathlen < sizeof (pathbuf) - 1)
+      tmp = pathbuf;
+    else
+      tmp = xmalloc (pathlen + 2);
+
+    *tmp = '/';
+    memcpy (tmp + 1, path, pathlen + 1);
+    path = tmp;
+  }
+
   cookies_now = time (NULL);
 
   /* Now extract from the chains those cookies that match our host
@@ -1081,11 +1109,11 @@ cookie_header (struct cookie_jar *jar, const char *host,
       if (cookie_matches_url (cookie, host, port, path, secflag, NULL))
         ++count;
   if (!count)
-    return NULL;                /* no cookies matched */
+    goto out;                /* no cookies matched */
 
   /* Allocate the array. */
   if (count > SIZE_MAX / sizeof (struct weighed_cookie))
-    return NULL;                /* unable to process so many cookies */
+    goto out;                /* unable to process so many cookies */
   outgoing = xmalloc (count * sizeof (struct weighed_cookie));
 
   /* Fill the array with all the matching cookies from the chains that
@@ -1148,7 +1176,12 @@ cookie_header (struct cookie_jar *jar, const char *host,
   result[pos++] = '\0';
   xfree (outgoing);
   assert (pos == result_size);
-  return result;
+
+out:
+  if (path != pathbuf)
+    xfree (path);
+
+return result;
 }
 
 /* Support for loading and saving cookies.  The format used for
@@ -1312,7 +1345,7 @@ cookie_jar_load (struct cookie_jar *jar, const char *file)
         {
           if (expiry < cookies_now)
             goto abort_cookie;  /* ignore stale cookie. */
-          cookie->expiry_time = expiry;
+          cookie->expiry_time = (time_t) expiry;
           cookie->permanent = 1;
         }
 
@@ -1349,7 +1382,7 @@ cookie_jar_save (struct cookie_jar *jar, const char *file)
       return;
     }
 
-  fputs ("# HTTP cookie file.\n", fp);
+  fputs ("# HTTP Cookie File\n", fp);
   fprintf (fp, "# Generated by Wget on %s.\n", datetime_str (cookies_now));
   fputs ("# Edit at your own risk.\n\n", fp);
 
@@ -1411,6 +1444,11 @@ cookie_jar_delete (struct cookie_jar *jar)
     }
   hash_table_destroy (jar->chains);
   xfree (jar);
+
+#ifdef HAVE_LIBPSL
+  psl_free (psl);
+  psl = NULL;
+#endif
 }
 
 /* Test cases.  Currently this is only tests parse_set_cookies.  To
diff --git a/src/cookies.h b/src/cookies.h
index 87aac99..903db32 100644
--- a/src/cookies.h
+++ b/src/cookies.h
@@ -1,5 +1,5 @@
 /* Support for cookies.
-   Copyright (C) 2001-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2001-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/css-tokens.h b/src/css-tokens.h
index b2cb976..40307ff 100644
--- a/src/css-tokens.h
+++ b/src/css-tokens.h
@@ -1,5 +1,5 @@
 /* Declarations for css.lex
-   Copyright (C) 2006, 2009-2011, 2015, 2018-2019 Free Software
+   Copyright (C) 2006, 2009-2011, 2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
diff --git a/src/css-url.c b/src/css-url.c
index 54909b7..eacd926 100644
--- a/src/css-url.c
+++ b/src/css-url.c
@@ -1,5 +1,5 @@
 /* Collect URLs from CSS source.
-   Copyright (C) 1998, 2000-2003, 2009-2011, 2014-2015, 2018-2019 Free
+   Copyright (C) 1998, 2000-2003, 2009-2011, 2014-2015, 2018-2020 Free
    Software Foundation, Inc.
 
 This file is part of GNU Wget.
diff --git a/src/css-url.h b/src/css-url.h
index abbf723..e8d7d1f 100644
--- a/src/css-url.h
+++ b/src/css-url.h
@@ -1,5 +1,5 @@
 /* Declarations for css-url.c.
-   Copyright (C) 2006, 2009-2011, 2015, 2018-2019 Free Software
+   Copyright (C) 2006, 2009-2011, 2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
diff --git a/src/css.c b/src/css.c
index c07d61c..7f51801 100644
--- a/src/css.c
+++ b/src/css.c
@@ -2402,7 +2402,7 @@ char *yytext;
 #line 13 "css.l"
 /* Lex source for CSS tokenizing.
    Taken from http://www.w3.org/TR/CSS21/grammar.html#q2
-   Copyright (C) 2006, 2009-2011, 2015, 2018-2019 Free Software
+   Copyright (C) 2006, 2009-2011, 2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
diff --git a/src/css.l b/src/css.l
index d33a603..bae065d 100644
--- a/src/css.l
+++ b/src/css.l
@@ -12,7 +12,7 @@
 %{
 /* Lex source for CSS tokenizing.
    Taken from http://www.w3.org/TR/CSS21/grammar.html#q2
-   Copyright (C) 2006, 2009-2011, 2015, 2018-2019 Free Software
+   Copyright (C) 2006, 2009-2011, 2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
diff --git a/src/css_.c b/src/css_.c
index d9e7717..76e4bb9 100644
--- a/src/css_.c
+++ b/src/css_.c
@@ -2403,7 +2403,7 @@ char *yytext;
 #line 13 "css.l"
 /* Lex source for CSS tokenizing.
    Taken from http://www.w3.org/TR/CSS21/grammar.html#q2
-   Copyright (C) 2006, 2009-2011, 2015, 2018-2019 Free Software
+   Copyright (C) 2006, 2009-2011, 2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
diff --git a/src/exits.c b/src/exits.c
index 319c566..56a7eb7 100644
--- a/src/exits.c
+++ b/src/exits.c
@@ -1,5 +1,5 @@
 /* Exit status handling.
-   Copyright (C) 2009-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2009-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
    This file is part of GNU Wget.
diff --git a/src/exits.h b/src/exits.h
index ca2a6fd..169ade1 100644
--- a/src/exits.h
+++ b/src/exits.h
@@ -1,5 +1,5 @@
 /* Exit status related declarations.
-   Copyright (C) 2009-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2009-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/ftp-basic.c b/src/ftp-basic.c
index 3f77f37..197cd83 100644
--- a/src/ftp-basic.c
+++ b/src/ftp-basic.c
@@ -1,5 +1,5 @@
 /* Basic FTP routines.
-   Copyright (C) 1996-2011, 2014-2015, 2018-2019 Free Software
+   Copyright (C) 1996-2011, 2014-2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
@@ -93,8 +93,11 @@ static char *
 ftp_request (const char *command, const char *value)
 {
   char *res;
+
   if (value)
     {
+      char *defanged = NULL, buf[256];
+
       /* Check for newlines in VALUE (possibly injected by the %0A URL
          escape) making the callers inadvertently send multiple FTP
          commands at once.  Without this check an attacker could
@@ -103,18 +106,31 @@ ftp_request (const char *command, const char *value)
       if (strpbrk (value, "\r\n"))
         {
           /* Copy VALUE to the stack and modify CR/LF to space. */
-          char *defanged, *p;
-          STRDUP_ALLOCA (defanged, value);
+          char *p;
+          size_t len = strlen(value);
+
+          if (len < sizeof (buf))
+            defanged = buf;
+          else
+            defanged = xmalloc (len + 1);
+
+          memcpy (defanged, value, len + 1);
+
           for (p = defanged; *p; p++)
             if (*p == '\r' || *p == '\n')
               *p = ' ';
+
           DEBUGP (("\nDetected newlines in %s \"%s\"; changing to %s \"%s\"\n",
                    command, quotearg_style (escape_quoting_style, value),
                    command, quotearg_style (escape_quoting_style, defanged)));
+
           /* Make VALUE point to the defanged copy of the string. */
           value = defanged;
         }
       res = concat_strings (command, " ", value, "\r\n", (char *) 0);
+
+      if (defanged != buf)
+        xfree (defanged);
     }
   else
     res = concat_strings (command, "\r\n", (char *) 0);
diff --git a/src/ftp-ls.c b/src/ftp-ls.c
index 83730c2..bb25754 100644
--- a/src/ftp-ls.c
+++ b/src/ftp-ls.c
@@ -1,5 +1,5 @@
 /* Parsing FTP `ls' output.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -64,7 +64,7 @@ symperms (const char *s)
 
 
 /* Cleans a line of text so that it can be consistently parsed. Destroys
-   <CR> and <LF> in case that thay occur at the end of the line and
+   <CR> and <LF> in case that they occur at the end of the line and
    replaces all <TAB> character with <SPACE>. Returns the length of the
    modified line. */
 static int
@@ -611,27 +611,27 @@ static void eat_carets( char *str)
       if (uchr == '^')
       {
         /* Found a caret.  Skip it, and check the next character. */
-        if ((char_prop[(unsigned char) str[0]] & 64) && (char_prop[(unsigned char) str[1]] & 64))
+        if ((char_prop[(unsigned char) str[1]] & 64) && (char_prop[(unsigned char) str[2]] & 64))
         {
           /* Hex digit.  Get char code from this and next hex digit. */
           uchr = *(++str);
           if (uchr <= '9')
           {
-            hdgt = uchr- '0';           /* '0' - '9' -> 0 - 9. */
+            hdgt = uchr - '0';           /* '0' - '9' -> 0 - 9. */
           }
           else
           {
-            hdgt = ((uchr- 'A')& 7)+ 10;    /* [Aa] - [Ff] -> 10 - 15. */
+            hdgt = ((uchr - 'A') & 7) + 10;    /* [Aa] - [Ff] -> 10 - 15. */
           }
           hdgt <<= 4;                   /* X16. */
           uchr = *(++str);              /* Next char must be hex digit. */
           if (uchr <= '9')
           {
-            uchr = hdgt+ uchr- '0';
+            uchr = hdgt + uchr - '0';
           }
           else
           {
-            uchr = hdgt+ ((uchr- 'A')& 15)+ 10;
+            uchr = hdgt + ((uchr - 'A') & 15) + 10;
           }
         }
         else if (uchr == '_')
@@ -961,16 +961,16 @@ ftp_parse_vms_ls (FILE *fp)
       if (!dir)
         {
           l = dir = (struct fileinfo *)xmalloc (sizeof (struct fileinfo));
+          cur.prev = cur.next = NULL;
           memcpy (l, &cur, sizeof (cur));
-          l->prev = l->next = NULL;
         }
       else
         {
           cur.prev = l;
+			 cur.next = NULL;
           l->next = (struct fileinfo *)xmalloc (sizeof (struct fileinfo));
           l = l->next;
           memcpy (l, &cur, sizeof (cur));
-          l->next = NULL;
         }
       cur.name = NULL;
 
diff --git a/src/ftp-opie.c b/src/ftp-opie.c
index fdfaf40..abe174b 100644
--- a/src/ftp-opie.c
+++ b/src/ftp-opie.c
@@ -1,5 +1,5 @@
 /* Opie (s/key) support for FTP.
-   Copyright (C) 1998-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1998-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/ftp.c b/src/ftp.c
index 03d7deb..a44bf04 100644
--- a/src/ftp.c
+++ b/src/ftp.c
@@ -1,5 +1,5 @@
 /* File Transfer Protocol support.
-   Copyright (C) 1996-2011, 2014-2015, 2018-2019 Free Software
+   Copyright (C) 1996-2011, 2014-2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
@@ -400,7 +400,7 @@ getftp (struct url *u, struct url *original_url,
       if (!ssl_init ())
         {
           scheme_disable (SCHEME_FTPS);
-          logprintf (LOG_NOTQUIET, _("Could not initialize SSL. It will be disabled."));
+          logprintf (LOG_NOTQUIET, _("Could not initialize SSL. It will be disabled.\n"));
           err = SSLINITFAILED;
           return err;
         }
@@ -756,12 +756,12 @@ Error in server response, closing control connection.\n"));
       else
         {
           const char *targ = NULL;
+          char *target = u->dir;
+          char targetbuf[1024];
           int cwd_count;
           int cwd_end;
           int cwd_start;
 
-          char *target = u->dir;
-
           DEBUGP (("changing working directory\n"));
 
           /* Change working directory.  To change to a non-absolute
@@ -799,13 +799,20 @@ Error in server response, closing control connection.\n"));
               && (con->rs != ST_OS400)
               && (con->rs != ST_VMS))
             {
-              int idlen = strlen (con->id);
               char *ntarget, *p;
+              size_t idlen = strlen (con->id);
+              size_t len;
 
               /* Strip trailing slash(es) from con->id. */
               while (idlen > 0 && con->id[idlen - 1] == '/')
                 --idlen;
-              p = ntarget = (char *)alloca (idlen + 1 + strlen (u->dir) + 1);
+
+              len = idlen + 1 + strlen (target);
+              if (len < sizeof (targetbuf))
+                p = ntarget = targetbuf;
+              else
+                p = ntarget = xmalloc (len + 1);
+
               memcpy (p, con->id, idlen);
               p += idlen;
               *p++ = '/';
@@ -985,6 +992,9 @@ Error in server response, closing control connection.\n"));
 
           /* 2004-09-20 SMS. */
 
+          if (target != targetbuf)
+            xfree (target);
+
         } /* else */
     }
   else /* do not CWD */
@@ -1830,7 +1840,7 @@ ftp_loop_internal (struct url *u, struct url *original_url, struct fileinfo *f,
   /* Declare WARC variables. */
   bool warc_enabled = (opt.warc_filename != NULL);
   FILE *warc_tmp = NULL;
-  ip_address *warc_ip = NULL;
+  ip_address warc_ip_buf, *warc_ip = NULL;
   wgint last_expected_bytes = 0;
 
   /* Get the target, and set the name for the message accordingly. */
@@ -1912,7 +1922,7 @@ ftp_loop_internal (struct url *u, struct url *original_url, struct fileinfo *f,
 
           if (!con->proxy && con->csock != -1)
             {
-              warc_ip = (ip_address *) alloca (sizeof (ip_address));
+              warc_ip = &warc_ip_buf;
               socket_ip_address (con->csock, warc_ip, ENDPOINT_PEER);
             }
         }
@@ -1974,6 +1984,7 @@ ftp_loop_internal (struct url *u, struct url *original_url, struct fileinfo *f,
         case HOSTERR: case CONIMPOSSIBLE: case FWRITEERR: case FOPENERR:
         case FTPNSFOD: case FTPLOGINC: case FTPNOPASV: case FTPNOAUTH: case FTPNOPBSZ: case FTPNOPROT:
         case UNLINKERR: case WARC_TMP_FWRITEERR: case CONSSLERR: case CONTNOTSUPPORTED:
+        case VERIFCERTERR:
 #ifdef HAVE_SSL
           if (err == FTPNOAUTH)
             logputs (LOG_NOTQUIET, "Server does not support AUTH TLS.\n");
@@ -2184,7 +2195,7 @@ ftp_get_listing (struct url *u, struct url *original_url, ccon *con,
 static uerr_t ftp_retrieve_dirs (struct url *, struct url *,
                                  struct fileinfo *, ccon *);
 static uerr_t ftp_retrieve_glob (struct url *, struct url *, ccon *, int);
-static struct fileinfo *delelement (struct fileinfo *, struct fileinfo **);
+static struct fileinfo *delelement (struct fileinfo **, struct fileinfo **);
 
 /* Retrieve a list of files given in struct fileinfo linked list.  If
    a file is a symbolic link, do not retrieve it, but rather try to
@@ -2325,10 +2336,22 @@ The sizes do not match (local %s) -- retrieving.\n\n"),
                       size_t len = strlen (f->linkto) + 1;
                       if (S_ISLNK (st.st_mode))
                         {
-                          char *link_target = (char *)alloca (len);
-                          size_t n = readlink (con->target, link_target, len);
-                          if ((n == len - 1)
-                              && (memcmp (link_target, f->linkto, n) == 0))
+                          char buf[1024], *link_target;
+                          size_t n;
+                          bool res;
+
+                          if (len < sizeof (buf))
+                            link_target = buf;
+                          else
+                            link_target = xmalloc (len);
+
+                          n = readlink (con->target, link_target, len);
+                          res = (n == len - 1) && (memcmp (link_target, f->linkto, n) == 0);
+
+                          if (link_target != buf)
+                            xfree (link_target);
+
+                          if (res)
                             {
                               logprintf (LOG_VERBOSE, _("\
 Already have correct symlink %s -> %s\n\n"),
@@ -2460,8 +2483,9 @@ static uerr_t
 ftp_retrieve_dirs (struct url *u, struct url *original_url,
                    struct fileinfo *f, ccon *con)
 {
-  char *container = NULL;
-  int container_size = 0;
+  char buf[1024];
+  char *container = buf;
+  int container_size = sizeof (buf);
 
   for (; f; f = f->next)
     {
@@ -2478,7 +2502,14 @@ ftp_retrieve_dirs (struct url *u, struct url *original_url,
          item on the bottom of the stack.  */
       size = strlen (u->dir) + 1 + strlen (f->name) + 1;
       if (size > container_size)
-        container = (char *)alloca (size);
+        {
+          if (container == buf)
+            container = xmalloc (size);
+          else
+            container = xrealloc (container, size);
+
+          container_size = size;
+        }
       newdir = container;
 
       odir = u->dir;
@@ -2515,6 +2546,9 @@ Not descending to %s as it is excluded/not-included.\n"),
       /* Set the time-stamp?  */
     }
 
+  if (container != buf)
+    xfree (container);
+
   if (opt.quota && total_downloaded_bytes > opt.quota)
     return QUOTEXC;
   else
@@ -2612,7 +2646,7 @@ ftp_retrieve_glob (struct url *u, struct url *original_url,
         {
           logprintf (LOG_VERBOSE, _("Rejecting %s.\n"),
                      quote (f->name));
-          f = delelement (f, &start);
+          f = delelement (&f, &start);
           continue;
         }
 
@@ -2622,15 +2656,34 @@ ftp_retrieve_glob (struct url *u, struct url *original_url,
         {
           logprintf (LOG_VERBOSE, _("Rejecting %s (Invalid Entry).\n"),
                      quote (f->name));
-          f = delelement (f, &start);
+          f = delelement (&f, &start);
           continue;
         }
 
-      if (!accept_url (f->name))
+      if (opt.acceptregex || opt.rejectregex)
         {
-          logprintf (LOG_VERBOSE, _("%s is excluded/not-included through regex.\n"), f->name);
-          f = delelement (f, &start);
-          continue;
+          // accept_url() takes the full URL.
+          char buf[1024];
+          char *url = buf;
+
+          if ((unsigned) snprintf(buf, sizeof(buf), "%s%s%s",
+                                  u->url, f->name, f->type == FT_DIRECTORY ? "/" : "")
+                                  >= sizeof(buf))
+            {
+              url = aprintf("%s%s%s", u->url, f->name, f->type == FT_DIRECTORY ? "/" : "");
+            }
+
+          if (!accept_url (url))
+            {
+              logprintf (LOG_VERBOSE, _ ("%s is excluded/not-included through regex.\n"), url);
+              f = delelement (&f, &start);
+              if (url != buf)
+                xfree(url);
+              continue;
+            }
+
+            if (url != buf)
+              xfree(url);
         }
 
       /* Now weed out the files that do not match our globbing pattern.
@@ -2650,7 +2703,7 @@ ftp_retrieve_glob (struct url *u, struct url *original_url,
                 }
               if (matchres == FNM_NOMATCH)
                 {
-                  f = delelement (f, &start); /* delete the element from the list */
+                  f = delelement (&f, &start); /* delete the element from the list */
                   continue;
                 }
             }
@@ -2658,7 +2711,7 @@ ftp_retrieve_glob (struct url *u, struct url *original_url,
             {
               if (0 != cmp(u->file, f->name))
                 {
-                  f = delelement (f, &start);
+                  f = delelement (&f, &start);
                   continue;
                 }
             }
@@ -2810,14 +2863,15 @@ ftp_loop (struct url *u, struct url *original_url, char **local_file, int *dt,
    address of the next element, or NULL if the list is exhausted.  It
    can modify the start of the list.  */
 static struct fileinfo *
-delelement (struct fileinfo *f, struct fileinfo **start)
+delelement (struct fileinfo **f, struct fileinfo **start)
 {
-  struct fileinfo *prev = f->prev;
-  struct fileinfo *next = f->next;
+  struct fileinfo *prev = (*f)->prev;
+  struct fileinfo *next = (*f)->next;
 
-  xfree (f->name);
-  xfree (f->linkto);
-  xfree (f);
+  xfree ((*f)->name);
+  xfree ((*f)->linkto);
+  xfree (*f);
+  *f = NULL;
 
   if (next)
     next->prev = prev;
diff --git a/src/ftp.h b/src/ftp.h
index 2144962..9958853 100644
--- a/src/ftp.h
+++ b/src/ftp.h
@@ -1,5 +1,5 @@
 /* Declarations for FTP support.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/gnutls.c b/src/gnutls.c
index 04b50b1..5706dbb 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -1,5 +1,5 @@
 /* SSL support via GnuTLS library.
-   Copyright (C) 2005-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2005-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -58,12 +58,20 @@ as that of the covered work.  */
 
 #include "host.h"
 
+struct st_read_timer
+{
+  double timeout;
+  double next_timeout;
+  struct ptimer *timer;
+  int timed_out;
+};
+
 static int
-_do_handshake (gnutls_session_t session, int fd, double timeout);
+_do_handshake (gnutls_session_t session, int fd, struct st_read_timer *timeout);
 
 #if GNUTLS_VERSION_NUMBER >= 0x030604
 static int
-_do_reauth (gnutls_session_t session, int fd, double timeout);
+_do_reauth (gnutls_session_t session, int fd, struct st_read_timer *timeout);
 #endif
 
 static int
@@ -94,6 +102,7 @@ ssl_init (void)
   const char *ca_directory;
   DIR *dir;
   int ncerts = -1;
+  int rc;
 
   /* GnuTLS should be initialized only once. */
   if (ssl_initialized)
@@ -113,7 +122,10 @@ ssl_init (void)
    * Also use old behaviour if the CA directory is user-provided.  */
   if (ncerts <= 0)
     {
+      ncerts = 0;
+
       ca_directory = opt.ca_directory ? opt.ca_directory : "/etc/ssl/certs";
+
       if ((dir = opendir (ca_directory)) == NULL)
         {
           if (opt.ca_directory && *opt.ca_directory)
@@ -124,18 +136,15 @@ ssl_init (void)
         {
           struct hash_table *inode_map = hash_table_new (196, NULL, NULL);
           struct dirent *dent;
-          size_t dirlen = strlen(ca_directory);
-          int rc;
-
-          ncerts = 0;
 
           while ((dent = readdir (dir)) != NULL)
             {
               struct stat st;
-              size_t ca_file_length = dirlen + strlen(dent->d_name) + 2;
-              char *ca_file = alloca(ca_file_length);
+              char ca_file[1024];
+
+              if (((unsigned) snprintf (ca_file, sizeof (ca_file), "%s/%s", ca_directory, dent->d_name)) >= sizeof (ca_file))
+                continue; // overflow
 
-              snprintf (ca_file, ca_file_length, "%s/%s", ca_directory, dent->d_name);
               if (stat (ca_file, &st) != 0)
                 continue;
 
@@ -161,32 +170,29 @@ ssl_init (void)
 
   if (opt.ca_cert)
     {
-      int rc;
-
-      ncerts = 0;
+      if (ncerts < 0)
+        ncerts = 0;
 
       if ((rc = gnutls_certificate_set_x509_trust_file (credentials, opt.ca_cert,
                                                         GNUTLS_X509_FMT_PEM)) <= 0)
-        logprintf (LOG_NOTQUIET, _ ("ERROR: Failed to open cert %s: (%d).\n"),
+        logprintf (LOG_NOTQUIET, _("ERROR: Failed to open cert %s: (%d).\n"),
                    opt.ca_cert, rc);
       else
         {
           ncerts += rc;
-          logprintf (LOG_NOTQUIET, _ ("Loaded CA certificate '%s'\n"), opt.ca_cert);
+          logprintf (LOG_VERBOSE, _("Loaded CA certificate '%s'\n"), opt.ca_cert);
         }
     }
 
   if (opt.crl_file)
     {
-      int rc;
-
       if ((rc = gnutls_certificate_set_x509_crl_file (credentials, opt.crl_file, GNUTLS_X509_FMT_PEM)) <= 0)
         {
           logprintf (LOG_NOTQUIET, _("ERROR: Failed to load CRL file '%s': (%d)\n"), opt.crl_file, rc);
           return false;
         }
 
-      logprintf (LOG_NOTQUIET, _ ("Loaded CRL file '%s'\n"), opt.crl_file);
+      logprintf (LOG_VERBOSE, _("Loaded CRL file '%s'\n"), opt.crl_file);
     }
 
   DEBUGP (("Certificates loaded: %d\n", ncerts));
@@ -226,6 +232,15 @@ cert to be of the same type.\n"));
   return true;
 }
 
+void
+ssl_cleanup (void)
+{
+  if (credentials)
+    gnutls_certificate_free_credentials(credentials);
+
+  gnutls_global_deinit();
+}
+
 struct wgnutls_transport_context
 {
   gnutls_session_t session;       /* GnuTLS session handle */
@@ -246,12 +261,14 @@ wgnutls_read_timeout (int fd, char *buf, int bufsize, void *arg, double timeout)
 #ifdef F_GETFL
   int flags = 0;
 #endif
-  int ret = 0;
-  struct ptimer *timer = NULL;
   struct wgnutls_transport_context *ctx = arg;
-  int timed_out = 0;
+  int ret = gnutls_record_check_pending (ctx->session);
+  struct st_read_timer read_timer = {(timeout == -1 ? opt.read_timeout : timeout), 0, NULL, 0};
+
+  if (ret)
+    return gnutls_record_recv (ctx->session, buf, MIN (ret, bufsize));
 
-  if (timeout)
+  if (read_timer.timeout)
     {
 #ifdef F_GETFL
       flags = fcntl (fd, F_GETFL, 0);
@@ -266,59 +283,83 @@ wgnutls_read_timeout (int fd, char *buf, int bufsize, void *arg, double timeout)
         return -1;
 #endif
 
-      timer = ptimer_new ();
-      if (timer == NULL)
-        return -1;
+      read_timer.timer = ptimer_new ();
+      if (read_timer.timer == NULL)
+        {
+          ret = -1;
+          goto timer_err;
+        }
+      read_timer.next_timeout = read_timer.timeout;
     }
 
+  ret = ctx->last_error;
   do
     {
-      double next_timeout = 0;
-      if (timeout)
+      if (ret == GNUTLS_E_REHANDSHAKE)
         {
-          next_timeout = timeout - ptimer_measure (timer);
-          if (next_timeout < 0)
-            break;
-        }
-
-      ret = GNUTLS_E_AGAIN;
-      if (timeout == 0 || gnutls_record_check_pending (ctx->session)
-          || select_fd (fd, next_timeout, WAIT_FOR_READ))
-        {
-          ret = gnutls_record_recv (ctx->session, buf, bufsize);
-          timed_out = timeout && ptimer_measure (timer) >= timeout;
-          if (!timed_out && ret == GNUTLS_E_REHANDSHAKE)
+          int err;
+          DEBUGP (("GnuTLS: *** REHANDSHAKE while reading\n"));
+          if ((err = _do_handshake (ctx->session, fd, &read_timer)) != 0)
             {
-              DEBUGP (("GnuTLS: *** REHANDSHAKE while reading\n"));
-              if ((ret = _do_handshake (ctx->session, fd, timeout)) == 0)
-                ret = GNUTLS_E_AGAIN; /* restart reading */
+              ret = err;
+              break;
             }
+        }
 #if GNUTLS_VERSION_NUMBER >= 0x030604
-          if (!timed_out && ret == GNUTLS_E_REAUTH_REQUEST)
+      else if (ret == GNUTLS_E_REAUTH_REQUEST)
+        {
+          int err;
+          DEBUGP (("GnuTLS: *** re-authentication while reading\n"));
+          if ((err = _do_reauth (ctx->session, fd, &read_timer)) != 0)
             {
-              DEBUGP (("GnuTLS: *** re-authentication while reading\n"));
-              if ((ret = _do_reauth (ctx->session, fd, timeout)) == 0)
-                ret = GNUTLS_E_AGAIN; /* restart reading */
+              ret = err;
+              break;
             }
+        }
 #endif
+      do
+        {
+          ret = gnutls_record_recv (ctx->session, buf, bufsize);
+          if (ret == GNUTLS_E_AGAIN && read_timer.timer)
+            {
+              int err = select_fd_nb (fd, read_timer.next_timeout, WAIT_FOR_READ);
+              if (err <= 0)
+                {
+                  if (err == 0)
+                    read_timer.timed_out = 1;
+                  goto break_all;
+                }
+              if ( (read_timer.next_timeout = read_timer.timeout - ptimer_measure (read_timer.timer)) <= 0 )
+                {
+                  read_timer.timed_out = 1;
+                  goto break_all;
+                }
+            }
         }
+      while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
     }
-  while (ret == GNUTLS_E_INTERRUPTED || (ret == GNUTLS_E_AGAIN && !timed_out));
+  while (ret == GNUTLS_E_REHANDSHAKE
+#if GNUTLS_VERSION_NUMBER >= 0x030604
+         || ret == GNUTLS_E_REAUTH_REQUEST
+#endif
+         );
 
-  if (timeout)
+break_all:
+  if (read_timer.timer)
     {
-      ptimer_destroy (timer);
-
+      ptimer_destroy (read_timer.timer);
+timer_err: ;
 #ifdef F_GETFL
       if (fcntl (fd, F_SETFL, flags) < 0)
         return -1;
 #else
-      const int zero = 0;
-      if (ioctl (fd, FIONBIO, &zero) < 0)
-        return -1;
+      {
+        const int zero = 0;
+        if (ioctl (fd, FIONBIO, &zero) < 0)
+          return -1;
+      }
 #endif
-
-      if (timed_out && ret == GNUTLS_E_AGAIN)
+      if (read_timer.timed_out)
         errno = ETIMEDOUT;
     }
 
@@ -326,9 +367,9 @@ wgnutls_read_timeout (int fd, char *buf, int bufsize, void *arg, double timeout)
 }
 
 static int
-wgnutls_read (int fd, char *buf, int bufsize, void *arg)
+wgnutls_read (int fd, char *buf, int bufsize, void *arg, double timeout)
 {
-  int ret = 0;
+  int ret;
   struct wgnutls_transport_context *ctx = arg;
 
   if (ctx->peeklen)
@@ -343,23 +384,39 @@ wgnutls_read (int fd, char *buf, int bufsize, void *arg)
       return copysize;
     }
 
-  ret = wgnutls_read_timeout (fd, buf, bufsize, arg, opt.read_timeout);
-  if (ret < 0)
-    ctx->last_error = ret;
-
+  ret = wgnutls_read_timeout (fd, buf, bufsize, arg, timeout);
+  ctx->last_error = ret;
   return ret;
 }
 
 static int
 wgnutls_write (int fd _GL_UNUSED, char *buf, int bufsize, void *arg)
 {
-  int ret;
   struct wgnutls_transport_context *ctx = arg;
+  int ret = ctx->last_error;
+
+  /* it should never happen,
+     placed here only for debug msg. */
+  if (ret == GNUTLS_E_REHANDSHAKE)
+    {
+      DEBUGP (("GnuTLS: *** REHANDSHAKE while writing\n"));
+      if ((ret = _do_handshake (ctx->session, fd, NULL)) != 0)
+        goto ext;
+    }
+#if GNUTLS_VERSION_NUMBER >= 0x030604
+  else if (ret == GNUTLS_E_REAUTH_REQUEST)
+    {
+      DEBUGP (("GnuTLS: *** re-authentication while writing\n"));
+      if ((ret = _do_reauth (ctx->session, fd, NULL)) != 0)
+        goto ext;
+    }
+#endif
+
   do
     ret = gnutls_record_send (ctx->session, buf, bufsize);
   while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
-  if (ret < 0)
-    ctx->last_error = ret;
+ext:
+  ctx->last_error = ret;
   return ret;
 }
 
@@ -368,15 +425,17 @@ wgnutls_poll (int fd, double timeout, int wait_for, void *arg)
 {
   struct wgnutls_transport_context *ctx = arg;
 
-  if (timeout)
-    return ctx->peeklen || gnutls_record_check_pending (ctx->session)
-      || select_fd (fd, timeout, wait_for);
-  else
-    return ctx->peeklen || gnutls_record_check_pending (ctx->session);
+  if ((wait_for & WAIT_FOR_READ)
+      && (ctx->peeklen || gnutls_record_check_pending (ctx->session)))
+    return 1;
+
+  if (timeout == -1)
+    timeout = opt.read_timeout;
+  return select_fd (fd, timeout, wait_for);
 }
 
 static int
-wgnutls_peek (int fd, char *buf, int bufsize, void *arg)
+wgnutls_peek (int fd, char *buf, int bufsize, void *arg, double timeout)
 {
   int read = 0;
   struct wgnutls_transport_context *ctx = arg;
@@ -392,13 +451,14 @@ wgnutls_peek (int fd, char *buf, int bufsize, void *arg)
     bufsize = sizeof ctx->peekbuf;
 
   if (bufsize > offset)
-    {
-      if (opt.read_timeout && gnutls_record_check_pending (ctx->session) == 0
+    { /* let wgnutls_read_timeout() take care about timeout */
+      /*if (timeout && gnutls_record_check_pending (ctx->session) == 0
           && select_fd (fd, 0.0, WAIT_FOR_READ) <= 0)
         read = 0;
-      else
+      else*/
         read = wgnutls_read_timeout (fd, buf + offset, bufsize - offset,
-                                     ctx, opt.read_timeout);
+                                     ctx, timeout);
+        ctx->last_error = read;
       if (read < 0)
         {
           if (offset)
@@ -422,6 +482,16 @@ static const char *
 wgnutls_errstr (int fd _GL_UNUSED, void *arg)
 {
   struct wgnutls_transport_context *ctx = arg;
+
+  if (ctx->last_error > 0
+      || ((ctx->last_error == GNUTLS_E_AGAIN
+           || ctx->last_error == GNUTLS_E_REHANDSHAKE
+#if GNUTLS_VERSION_NUMBER >= 0x030604
+           || ctx->last_error == GNUTLS_E_REAUTH_REQUEST
+#endif
+          ) && errno == ETIMEDOUT))
+    return NULL;
+
   return gnutls_strerror (ctx->last_error);
 }
 
@@ -450,14 +520,16 @@ static struct transport_implementation wgnutls_transport =
 };
 
 static int
-_do_handshake (gnutls_session_t session, int fd, double timeout)
+_do_handshake (gnutls_session_t session, int fd, struct st_read_timer *read_timer)
 {
 #ifdef F_GETFL
   int flags = 0;
 #endif
   int err;
+  double next_timeout = (read_timer ? read_timer->next_timeout : opt.read_timeout);
 
-  if (timeout)
+  /* if (read_timer != NULL)  - fd is already non blocking */
+  if (!read_timer && next_timeout)
     {
 #ifdef F_GETFL
       flags = fcntl (fd, F_GETFL, 0);
@@ -478,30 +550,46 @@ _do_handshake (gnutls_session_t session, int fd, double timeout)
     {
       err = gnutls_handshake (session);
 
-      if (timeout && err == GNUTLS_E_AGAIN)
+      if (err == GNUTLS_E_AGAIN && next_timeout)
         {
+          int sel;
           if (gnutls_record_get_direction (session))
             {
               /* wait for writeability */
-              err = select_fd (fd, timeout, WAIT_FOR_WRITE);
+              sel = WAIT_FOR_WRITE;
             }
           else
             {
               /* wait for readability */
-              err = select_fd (fd, timeout, WAIT_FOR_READ);
+              sel = WAIT_FOR_READ;
             }
+          sel = select_fd_nb (fd, next_timeout, sel);
 
-          if (err <= 0)
+          if (sel <= 0)
             {
-              if (err == 0)
+              if (sel == 0)
                 {
-                  errno = ETIMEDOUT;
-                  err = -1;
+                  if  (read_timer)
+                    goto read_timedout;
+                  else
+                    {
+                      errno = ETIMEDOUT;
+                      err = -1;
+                    }
                 }
               break;
             }
-
-           err = GNUTLS_E_AGAIN;
+          if  (read_timer)
+            {
+              if ( (read_timer->next_timeout = read_timer->timeout - ptimer_measure (read_timer->timer)) <= 0 )
+                {
+read_timedout:    /* return GNUTLS_E_REHANDSHAKE for gnutls_read */
+                  err = GNUTLS_E_REHANDSHAKE;
+                  read_timer->timed_out = 1;
+                  break;
+                }
+               next_timeout = read_timer->next_timeout;
+            }
         }
       else if (err < 0)
         {
@@ -518,7 +606,7 @@ _do_handshake (gnutls_session_t session, int fd, double timeout)
     }
   while (err && gnutls_error_is_fatal (err) == 0);
 
-  if (timeout)
+  if (!read_timer && next_timeout)
     {
 #ifdef F_GETFL
       if (fcntl (fd, F_SETFL, flags) < 0)
@@ -535,14 +623,16 @@ _do_handshake (gnutls_session_t session, int fd, double timeout)
 
 #if GNUTLS_VERSION_NUMBER >= 0x030604
 static int
-_do_reauth (gnutls_session_t session, int fd, double timeout)
+_do_reauth (gnutls_session_t session, int fd, struct st_read_timer *read_timer)
 {
 #ifdef F_GETFL
   int flags = 0;
 #endif
   int err;
+  double next_timeout = (read_timer ? read_timer->next_timeout : opt.read_timeout);
 
-  if (timeout)
+  /* if (read_timer != NULL)  - fd is already non blocking */
+  if (!read_timer && next_timeout)
     {
 #ifdef F_GETFL
       flags = fcntl (fd, F_GETFL, 0);
@@ -563,30 +653,46 @@ _do_reauth (gnutls_session_t session, int fd, double timeout)
     {
       err = gnutls_reauth (session, 0);
 
-      if (timeout && err == GNUTLS_E_AGAIN)
+      if (err == GNUTLS_E_AGAIN && next_timeout)
         {
+          int sel;
           if (gnutls_record_get_direction (session))
             {
               /* wait for writeability */
-              err = select_fd (fd, timeout, WAIT_FOR_WRITE);
+              sel = WAIT_FOR_WRITE;
             }
           else
             {
               /* wait for readability */
-              err = select_fd (fd, timeout, WAIT_FOR_READ);
+              sel = WAIT_FOR_READ;
             }
+          sel = select_fd_nb (fd, next_timeout, sel);
 
-          if (err <= 0)
+          if (sel <= 0)
             {
-              if (err == 0)
+              if (sel == 0)
                 {
-                  errno = ETIMEDOUT;
-                  err = -1;
+                  if  (read_timer)
+                    goto read_timedout;
+                  else
+                    {
+                      errno = ETIMEDOUT;
+                      err = -1;
+                    }
                 }
               break;
             }
-
-           err = GNUTLS_E_AGAIN;
+          if  (read_timer)
+            {
+              if ( (read_timer->next_timeout = read_timer->timeout - ptimer_measure (read_timer->timer)) <= 0 )
+                {
+read_timedout:    /* return GNUTLS_E_REAUTH_REQUEST for gnutls_read */
+                  err = GNUTLS_E_REAUTH_REQUEST;
+                  read_timer->timed_out = 1;
+                  break;
+                }
+               next_timeout = read_timer->next_timeout;
+            }
         }
       else if (err < 0)
         {
@@ -595,7 +701,7 @@ _do_reauth (gnutls_session_t session, int fd, double timeout)
     }
   while (err && gnutls_error_is_fatal (err) == 0);
 
-  if (timeout)
+  if (!read_timer && next_timeout)
     {
 #ifdef F_GETFL
       if (fcntl (fd, F_SETFL, flags) < 0)
@@ -821,7 +927,7 @@ ssl_connect_wget (int fd, const char *hostname, int *continue_session)
         }
     }
 
-  err = _do_handshake (session, fd, opt.connect_timeout);
+  err = _do_handshake (session, fd, NULL);
 
   if (err < 0)
     {
diff --git a/src/hash.c b/src/hash.c
index 04cc5f5..6609528 100644
--- a/src/hash.c
+++ b/src/hash.c
@@ -1,5 +1,5 @@
 /* Hash tables.
-   Copyright (C) 2000-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2000-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -692,7 +692,7 @@ hash_string_nocase (const void *key)
   return h;
 }
 
-/* Like string_cmp, but doing case-insensitive compareison. */
+/* Like string_cmp, but doing case-insensitive comparison. */
 
 static int
 string_cmp_nocase (const void *s1, const void *s2)
diff --git a/src/hash.h b/src/hash.h
index c5bb002..b8f7965 100644
--- a/src/hash.h
+++ b/src/hash.h
@@ -1,5 +1,5 @@
 /* Hash table declarations.
-   Copyright (C) 2000, 2007-2011, 2015, 2018-2019 Free Software
+   Copyright (C) 2000, 2007-2011, 2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
diff --git a/src/host.c b/src/host.c
index e4f0ffb..353c1cc 100644
--- a/src/host.c
+++ b/src/host.c
@@ -1,5 +1,5 @@
 /* Host name resolution and matching.
-   Copyright (C) 1996-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -75,7 +75,7 @@ extern int h_errno;
    lookup_host for details.  */
 
 struct address_list {
-  int count;                    /* number of adrresses */
+  int count;                    /* number of addresses */
   ip_address *addresses;        /* pointer to the string of addresses */
 
   int faulty;                   /* number of addresses known not to work. */
@@ -516,7 +516,7 @@ is_valid_ipv6_address (const char *str, const char *end)
       if (c_isxdigit (ch))
         {
           val <<= 4;
-          val |= XDIGIT_TO_NUM (ch);
+          val |= _unhex (ch);
           if (val > 0xffff)
             return false;
           saw_xdigit = true;
@@ -857,8 +857,8 @@ lookup_host (const char *host, int flags)
 #ifdef HAVE_LIBCARES
   if (ares)
     {
-      struct address_list *al4;
-      struct address_list *al6;
+      struct address_list *al4 = NULL;
+      struct address_list *al6 = NULL;
 
       if (opt.ipv4_only || !opt.ipv6_only)
         ares_gethostbyname (ares, host, AF_INET, callback, &al4);
@@ -1043,6 +1043,7 @@ sufmatch (const char **list, const char *what)
   return false;
 }
 
+#if defined DEBUG_MALLOC || defined TESTING
 void
 host_cleanup (void)
 {
@@ -1063,6 +1064,7 @@ host_cleanup (void)
       host_name_addresses_map = NULL;
     }
 }
+#endif
 
 bool
 is_valid_ip_address (const char *name)
diff --git a/src/host.h b/src/host.h
index 560391d..a199d26 100644
--- a/src/host.h
+++ b/src/host.h
@@ -1,5 +1,5 @@
 /* Declarations for host.c
-   Copyright (C) 1996-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/hsts.c b/src/hsts.c
index b91bc56..914d270 100644
--- a/src/hsts.c
+++ b/src/hsts.c
@@ -1,5 +1,5 @@
 /* HTTP Strict Transport Security (HSTS) support.
-   Copyright (C) 1996-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -33,10 +33,10 @@ as that of the covered work.  */
 #include "hsts.h"
 #include "utils.h"
 #include "host.h" /* for is_valid_ip_address() */
-#include "init.h" /* for home_dir() */
 #include "hash.h"
 #include "c-ctype.h"
 #ifdef TESTING
+#include "init.h" /* for ajoin_dir_file() */
 #include "../tests/unit-tests.h"
 #endif
 
@@ -221,7 +221,7 @@ hsts_add_entry (hsts_store_t store,
   time_t t = time (NULL);
 
   /* It might happen time() returned -1 */
-  return (t < 0 ?
+  return (t == (time_t)(-1) ?
       false :
       hsts_new_entry_internal (store, host, port, t, max_age, include_subdomains, false, true, false));
 }
@@ -466,7 +466,7 @@ hsts_store_entry (hsts_store_t store,
                * See also Section 11.2. */
               time_t t = time (NULL);
 
-              if (t != -1 && t != entry->created)
+              if (t != (time_t)(-1) && t != entry->created)
                 {
                   entry->created = t;
                   entry->max_age = max_age;
@@ -630,7 +630,7 @@ get_hsts_store_filename (void)
 
   if (opt.homedir)
     {
-      filename = aprintf ("%s/.wget-hsts-test", opt.homedir);
+      filename = ajoin_dir_file (opt.homedir, ".wget-hsts-test");
       fp = fopen (filename, "w");
       if (fp)
         fclose (fp);
@@ -796,7 +796,7 @@ test_hsts_read_database (void)
 
   if (opt.homedir)
     {
-      file = aprintf ("%s/.wget-hsts-testing", opt.homedir);
+      file = ajoin_dir_file (opt.homedir, ".wget-hsts-testing");
       fp = fopen (file, "w");
       if (fp)
         {
diff --git a/src/hsts.h b/src/hsts.h
index a92b023..7cc41e3 100644
--- a/src/hsts.h
+++ b/src/hsts.h
@@ -1,5 +1,5 @@
 /* Declarations for hsts.c
-   Copyright (C) 1996-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/html-parse.c b/src/html-parse.c
index da8fd76..6367732 100644
--- a/src/html-parse.c
+++ b/src/html-parse.c
@@ -1,5 +1,5 @@
 /* HTML parser for Wget.
-   Copyright (C) 1998-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1998-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -386,7 +386,7 @@ decode_entity (const char **ptr, const char *end)
         value = 0;
         if (*p == 'x')
           for (++p; value < 256 && p < end && c_isxdigit (*p); p++, digits++)
-            value = (value << 4) + XDIGIT_TO_NUM (*p);
+            value = (value << 4) + _unhex (*p);
         else
           for (; value < 256 && p < end && c_isdigit (*p); p++, digits++)
             value = (value * 10) + (*p - '0');
@@ -777,11 +777,27 @@ find_comment_end (const char *beg, const char *end)
 static bool
 name_allowed (const struct hash_table *ht, const char *b, const char *e)
 {
-  char *copy;
+  char buf[256], *copy;
+  size_t len = e - b;
+  bool ret;
+
   if (!ht)
     return true;
-  BOUNDED_TO_ALLOCA (b, e, copy);
-  return hash_table_get (ht, copy) != NULL;
+
+  if (len < sizeof (buf))
+    copy = buf;
+  else
+    copy = xmalloc (len + 1);
+
+  memcpy (copy, b, len);
+  copy[len] = 0;
+
+  ret = hash_table_get (ht, copy) != NULL;
+
+  if (copy != buf)
+    xfree (copy);
+
+  return ret;
 }
 
 /* Advance P (a char pointer), with the explicit intent of being able
diff --git a/src/html-parse.h b/src/html-parse.h
index 1f0ea6e..eae8e3c 100644
--- a/src/html-parse.h
+++ b/src/html-parse.h
@@ -1,5 +1,5 @@
 /* Declarations for html-parse.c.
-   Copyright (C) 1998-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1998-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/html-url.c b/src/html-url.c
index 2f95357..b80cf26 100644
--- a/src/html-url.c
+++ b/src/html-url.c
@@ -1,5 +1,5 @@
 /* Collect URLs from HTML source.
-   Copyright (C) 1998-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1998-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -963,6 +963,7 @@ get_urls_file (const char *file)
   return head;
 }
 
+#if defined DEBUG_MALLOC || defined TESTING
 void
 cleanup_html_url (void)
 {
@@ -973,3 +974,4 @@ cleanup_html_url (void)
   if (interesting_attributes)
     hash_table_destroy (interesting_attributes);
 }
+#endif
diff --git a/src/html-url.h b/src/html-url.h
index 33ea4cf..abc7edd 100644
--- a/src/html-url.h
+++ b/src/html-url.h
@@ -1,5 +1,5 @@
 /* Declarations for html-url.c.
-   Copyright (C) 1995-1997, 2009-2011, 2015, 2018-2019 Free Software
+   Copyright (C) 1995-1997, 2009-2011, 2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
diff --git a/src/http-ntlm.c b/src/http-ntlm.c
index 240fa5d..ceba3b8 100644
--- a/src/http-ntlm.c
+++ b/src/http-ntlm.c
@@ -1,5 +1,5 @@
 /* NTLM code.
-   Copyright (C) 2005-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2005-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
    Contributed by Daniel Stenberg.
 
@@ -118,17 +118,17 @@ ntlm_input (struct ntlmdata *ntlm, const char *header)
          32 (48) start of data block
       */
       ssize_t size;
-      char *buffer = (char *) alloca (strlen (header));
+      char buffer[48]; // decode 48 bytes needs ((48 + 2) / 3) * 4 + 1 bytes
 
       DEBUGP (("Received a type-2 NTLM message.\n"));
 
-      size = wget_base64_decode (header, buffer, strlen (header));
+      size = wget_base64_decode (header, buffer, sizeof (buffer));
       if (size < 0)
         return false;           /* malformed base64 from server */
 
       ntlm->state = NTLMSTATE_TYPE2; /* we got a type-2 */
 
-      if (size >= 48)
+      if ((size_t) size >= sizeof (buffer))
         /* the nonce of interest is index [24 .. 31], 8 bytes */
         memcpy (ntlm->nonce, &buffer[24], 8);
 
@@ -255,22 +255,21 @@ mkhash(const char *password,
 #ifdef USE_NTRESPONSES
   unsigned char ntbuffer[21];
 #endif
-  unsigned char *pw;
+  unsigned char pw[14];
   static const unsigned char magic[] = {
     0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25
   };
   size_t i, len = strlen(password);
 
   /* make it fit at least 14 bytes */
-  pw = (unsigned char *) alloca (len < 7 ? 14 : len * 2);
 
-  if (len > 14)
-    len = 14;
+  if (len > sizeof (pw))
+    len = sizeof (pw);
 
-  for (i=0; i<len; i++)
+  for (i = 0; i < len; i++)
     pw[i] = (unsigned char) c_toupper (password[i]);
 
-  for (; i<14; i++)
+  for (; i < sizeof (pw); i++)
     pw[i] = 0;
 
   {
@@ -286,16 +285,16 @@ mkhash(const char *password,
 #else
     DES_key_schedule ks;
 
-    setup_des_key(pw, DESKEY(ks));
-    DES_ecb_encrypt((DES_cblock *)magic, (DES_cblock *)lmbuffer,
-                    DESKEY(ks), DES_ENCRYPT);
+    setup_des_key(pw, DESKEY (ks));
+    DES_ecb_encrypt((DES_cblock *) magic, (DES_cblock *) lmbuffer,
+                    DESKEY (ks), DES_ENCRYPT);
 
-    setup_des_key(pw+7, DESKEY(ks));
-    DES_ecb_encrypt((DES_cblock *)magic, (DES_cblock *)(lmbuffer+8),
-                    DESKEY(ks), DES_ENCRYPT);
+    setup_des_key(pw+7, DESKEY (ks));
+    DES_ecb_encrypt((DES_cblock *) magic, (DES_cblock *) (lmbuffer + 8),
+                    DESKEY (ks), DES_ENCRYPT);
 #endif
 
-    memset(lmbuffer+16, 0, 5);
+    memset(lmbuffer + 16, 0, 5);
   }
   /* create LM responses */
   calc_resp(lmbuffer, nonce, lmresp);
@@ -308,25 +307,30 @@ mkhash(const char *password,
     MD4_CTX MD4;
 #endif
 
-    len = strlen(password);
+    unsigned char pw4[64];
 
-    for (i=0; i<len; i++) {
-      pw[2*i]   = (unsigned char) password[i];
-      pw[2*i+1] = 0;
+    len = strlen (password);
+
+    if (len > sizeof (pw4) / 2)
+      len = sizeof (pw4) / 2;
+
+    for (i = 0; i < len; i++) {
+      pw4[2 * i]     = (unsigned char) password[i];
+      pw4[2 * i + 1] = 0;
     }
 
 #ifdef HAVE_NETTLE
     nettle_md4_init(&MD4);
-    nettle_md4_update(&MD4, (unsigned) (2 * len), pw);
+    nettle_md4_update(&MD4, (unsigned) (2 * len), pw4);
     nettle_md4_digest(&MD4, MD4_DIGEST_SIZE, ntbuffer);
 #else
     /* create NT hashed password */
     MD4_Init(&MD4);
-    MD4_Update(&MD4, pw, 2*len);
+    MD4_Update(&MD4, pw4, 2 * len);
     MD4_Final(ntbuffer, &MD4);
 #endif
 
-    memset(ntbuffer+16, 0, 5);
+    memset(ntbuffer + 16, 0, 5);
   }
 
   calc_resp(ntbuffer, nonce, ntresp);
@@ -349,7 +353,6 @@ ntlm_output (struct ntlmdata *ntlm, const char *user, const char *passwd,
   size_t hostoff; /* host name offset */
   size_t domoff;  /* domain name offset */
   size_t size;
-  char *base64;
   char ntlmbuf[256]; /* enough, unless the host/domain is very long */
 
   /* point to the address of the pointer that holds the string to sent to the
@@ -421,10 +424,10 @@ ntlm_output (struct ntlmdata *ntlm, const char *user, const char *passwd,
     /* initial packet length */
     size = 32 + hostlen + domlen;
 
-    base64 = (char *) alloca (BASE64_LENGTH (size) + 1);
-    wget_base64_encode (ntlmbuf, size, base64);
+    output = xmalloc(5 + BASE64_LENGTH (size) + 1);
+    memcpy(output, "NTLM ", 5);
+    wget_base64_encode (ntlmbuf, size, output + 5);
 
-    output = concat_strings ("NTLM ", base64, (char *) 0);
     break;
 
   case NTLMSTATE_TYPE2:
@@ -594,10 +597,9 @@ ntlm_output (struct ntlmdata *ntlm, const char *user, const char *passwd,
     ntlmbuf[57] = (char) (size >> 8);
 
     /* convert the binary blob into base64 */
-    base64 = (char *) alloca (BASE64_LENGTH (size) + 1);
-    wget_base64_encode (ntlmbuf, size, base64);
-
-    output = concat_strings ("NTLM ", base64, (char *) 0);
+    output = xmalloc(5 + BASE64_LENGTH (size) + 1);
+    memcpy(output, "NTLM ", 5);
+    wget_base64_encode (ntlmbuf, size, output + 5);
 
     ntlm->state = NTLMSTATE_TYPE3; /* we sent a type-3 */
     *ready = true;
diff --git a/src/http-ntlm.h b/src/http-ntlm.h
index 895d5e3..de0c9ce 100644
--- a/src/http-ntlm.h
+++ b/src/http-ntlm.h
@@ -1,7 +1,7 @@
 #ifndef __HTTP_NTLM_H
 #define __HTTP_NTLM_H
 /* Declarations for http_ntlm.c
-   Copyright (C) 1995-1997, 2000, 2007-2011, 2015, 2018-2019 Free
+   Copyright (C) 1995-1997, 2000, 2007-2011, 2015, 2018-2020 Free
    Software Foundation, Inc.
    Contributed by Daniel Stenberg.
 
diff --git a/src/http.c b/src/http.c
index 289d110..26e10d2 100644
--- a/src/http.c
+++ b/src/http.c
@@ -1,5 +1,5 @@
 /* HTTP support.
-   Copyright (C) 1996-2012, 2014-2015, 2018-2019 Free Software
+   Copyright (C) 1996-2012, 2014-2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
@@ -62,9 +62,9 @@ as that of the covered work.  */
 #include "warc.h"
 #include "c-strcase.h"
 #include "version.h"
+#include "xstrndup.h"
 #ifdef HAVE_METALINK
 # include "metalink.h"
-# include "xstrndup.h"
 #endif
 #ifdef ENABLE_XATTR
 #include "xattr.h"
@@ -280,15 +280,18 @@ request_set_header (struct request *req, const char *name, const char *value,
 static void
 request_set_user_header (struct request *req, const char *header)
 {
-  char *name;
-  const char *p = strchr (header, ':');
-  if (!p)
+  const char *name, *p;
+
+  if (!(p = strchr (header, ':')))
     return;
-  BOUNDED_TO_ALLOCA (header, p, name);
+
+  name = xstrndup(header, p - header);
+
   ++p;
   while (c_isspace (*p))
     ++p;
-  request_set_header (req, xstrdup (name), (char *) p, rel_name);
+
+  request_set_header (req, name, p, rel_name);
 }
 
 /* Remove the header with specified name from REQ.  Returns true if
@@ -459,7 +462,6 @@ register_basic_auth_host (const char *hostname)
     }
 }
 
-
 /* Send the contents of FILE_NAME to SOCK.  Make sure that exactly
    PROMISED_SIZE bytes are sent over the wire -- if the file is
    longer, read only that much; if the file is shorter, report an error.
@@ -865,10 +867,22 @@ resp_free (struct response **resp_ref)
 static void
 print_response_line (const char *prefix, const char *b, const char *e)
 {
-  char *copy;
-  BOUNDED_TO_ALLOCA(b, e, copy);
+  char buf[1024], *copy;
+  size_t len = e - b;
+
+  if (len < sizeof (buf))
+    copy = buf;
+  else
+    copy = xmalloc(len + 1);
+
+  memcpy(copy, b, len);
+  copy[len] = 0;
+
   logprintf (LOG_ALWAYS, "%s%s\n", prefix,
              quotearg_style (escape_quoting_style, copy));
+
+  if (copy != buf)
+    xfree (copy);
 }
 
 /* Print the server response, line by line, omitting the trailing CRLF
@@ -1758,6 +1772,7 @@ read_response_body (struct http_stat *hs, int sock, FILE *fp, wgint contlen,
   else
     {
       /* A read error! */
+      xfree (hs->rderrmsg);
       hs->rderrmsg = xstrdup (fd_errstr (sock));
       return RETRFINISHED;
     }
@@ -1768,27 +1783,15 @@ read_response_body (struct http_stat *hs, int sock, FILE *fp, wgint contlen,
    && (c_isspace (line[sizeof (string_constant) - 1])                      \
        || !line[sizeof (string_constant) - 1]))
 
-#ifdef __VMS
-#define SET_USER_AGENT(req) do {                                         \
-  if (!opt.useragent)                                                    \
-    request_set_header (req, "User-Agent",                               \
-                        aprintf ("Wget/%s (VMS %s %s)",                  \
-                        version_string, vms_arch(), vms_vers()),         \
-                        rel_value);                                      \
-  else if (*opt.useragent)                                               \
-    request_set_header (req, "User-Agent", opt.useragent, rel_none);     \
-} while (0)
-#else /* def __VMS */
 #define SET_USER_AGENT(req) do {                                         \
   if (!opt.useragent)                                                    \
     request_set_header (req, "User-Agent",                               \
-                        aprintf ("Wget/%s (%s)",                         \
-                        version_string, OS_TYPE),                        \
+                        aprintf ("Wget/%s",                              \
+                        version_string),                                 \
                         rel_value);                                      \
   else if (*opt.useragent)                                               \
     request_set_header (req, "User-Agent", opt.useragent, rel_none);     \
 } while (0)
-#endif /* def __VMS [else] */
 
 /*
    Convert time_t to one of valid HTTP date formats
@@ -1875,7 +1878,7 @@ initialize_request (const struct url *u, struct http_stat *hs, int *dt, struct u
     req = request_new (meth, meth_arg);
   }
 
-  request_set_header (req, "Referer", (char *) hs->referer, rel_none);
+  request_set_header (req, "Referer", hs->referer, rel_none);
   if (*dt & SEND_NOCACHE)
     {
       /* Cache-Control MUST be obeyed by all HTTP/1.1 caching mechanisms...  */
@@ -2228,11 +2231,10 @@ establish_connection (const struct url *u, const struct url **conn_ref,
 static uerr_t
 set_file_timestamp (struct http_stat *hs)
 {
-  size_t filename_len = strlen (hs->local_file);
-  char *filename_plus_orig_suffix = alloca (filename_len + sizeof (ORIG_SFX));
   bool local_dot_orig_file_exists = false;
   char *local_filename = NULL;
   struct stat st;
+  char buf[1024];
 
   if (opt.backup_converted)
     /* If -K is specified, we'll act on the assumption that it was specified
@@ -2242,6 +2244,14 @@ set_file_timestamp (struct http_stat *hs)
         _wasn't_ specified last time, or the server contains files called
         *.orig, -N will be back to not operating correctly with -k. */
     {
+      size_t filename_len = strlen (hs->local_file);
+      char *filename_plus_orig_suffix;
+
+      if (filename_len + sizeof (ORIG_SFX) > sizeof (buf))
+        filename_plus_orig_suffix = xmalloc (filename_len + sizeof (ORIG_SFX));
+      else
+        filename_plus_orig_suffix = buf;
+
       /* Would a single s[n]printf() call be faster?  --dan
 
           Definitely not.  sprintf() is horribly slow.  It's a
@@ -2267,14 +2277,21 @@ set_file_timestamp (struct http_stat *hs)
   if (!local_dot_orig_file_exists)
     /* Couldn't stat() <file>.orig, so try to stat() <file>. */
     if (stat (hs->local_file, &st) == 0)
-      local_filename = hs->local_file;
+      {
+        if (local_filename != buf)
+          xfree (local_filename);
+        local_filename = hs->local_file;
+      }
 
   if (local_filename != NULL)
     /* There was a local file, so we'll check later to see if the version
         the server has is the same version we already have, allowing us to
         skip a download. */
     {
-      hs->orig_file_name = xstrdup (local_filename);
+      if (local_filename == buf || local_filename == hs->local_file)
+        hs->orig_file_name = xstrdup (local_filename); // on stack or a copy, make a heap copy
+      else
+        hs->orig_file_name = local_filename; // was previously malloc'ed
       hs->orig_file_size = st.st_size;
       hs->orig_file_tstamp = st.st_mtime;
 #ifdef WINDOWS
@@ -2338,7 +2355,7 @@ check_file_output (const struct url *u, struct http_stat *hs,
         }
       else if (!ALLOW_CLOBBER)
         {
-          char *unique = unique_name (hs->local_file, true);
+          char *unique = unique_name_passthrough (hs->local_file);
           if (unique != hs->local_file)
             xfree (hs->local_file);
           hs->local_file = unique;
@@ -2365,26 +2382,40 @@ check_auth (const struct url *u, char *user, char *passwd, struct response *resp
   bool basic_auth_finished = *basic_auth_finished_ref;
   bool auth_finished = *auth_finished_ref;
   bool ntlm_seen = *ntlm_seen_ref;
+  char buf[256], *tmp = NULL;
+
   *retry = false;
+
   if (!auth_finished && (user && passwd))
     {
       /* IIS sends multiple copies of WWW-Authenticate, one with
          the value "negotiate", and other(s) with data.  Loop over
          all the occurrences and pick the one we recognize.  */
       int wapos;
-      char *buf;
       const char *www_authenticate = NULL;
       const char *wabeg, *waend;
       const char *digest = NULL, *basic = NULL, *ntlm = NULL;
+
       for (wapos = 0; !ntlm
              && (wapos = resp_header_locate (resp, "WWW-Authenticate", wapos,
                                              &wabeg, &waend)) != -1;
            ++wapos)
         {
           param_token name, value;
+          size_t len = waend - wabeg;
 
-          BOUNDED_TO_ALLOCA (wabeg, waend, buf);
-          www_authenticate = buf;
+          if (tmp != buf)
+            xfree (tmp);
+
+          if (len < sizeof (buf))
+            tmp = buf;
+          else
+            tmp = xmalloc (len + 1);
+
+          memcpy (tmp, wabeg, len);
+          tmp[len] = 0;
+
+          www_authenticate = tmp;
 
           for (;!ntlm;)
             {
@@ -2475,6 +2506,7 @@ check_auth (const struct url *u, char *user, char *passwd, struct response *resp
           else
             {
               /* Creating the Authorization header went wrong */
+              xfree (value);
             }
         }
       else
@@ -2485,6 +2517,8 @@ check_auth (const struct url *u, char *user, char *passwd, struct response *resp
     }
 
  cleanup:
+   if (tmp != buf)
+     xfree (tmp);
   *ntlm_seen_ref = ntlm_seen;
   *basic_auth_finished_ref = basic_auth_finished;
   *auth_finished_ref = auth_finished;
@@ -3032,14 +3066,24 @@ skip_content_type:
           /* The hash here is assumed to be base64. We need the hash in hex.
              Therefore we convert: base64 -> binary -> hex.  */
           const size_t dig_hash_str_len = strlen (dig_hash);
-          char *bin_hash = alloca (dig_hash_str_len * 3 / 4 + 1);
+          char bin_hash[256];
           ssize_t hash_bin_len;
 
+          // there is no hash with that size
+          if (dig_hash_str_len >= sizeof (bin_hash))
+            {
+              DEBUGP (("Hash too long, ignored.\n"));
+              xfree (dig_type);
+              xfree (dig_hash);
+              continue;
+            }
+
           hash_bin_len = wget_base64_decode (dig_hash, bin_hash, dig_hash_str_len * 3 / 4 + 1);
 
           /* Detect malformed base64 input.  */
           if (hash_bin_len < 0)
             {
+              DEBUGP (("Malformed base64 input, ignored.\n"));
               xfree (dig_type);
               xfree (dig_hash);
               continue;
@@ -3184,7 +3228,7 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
   FILE *warc_tmp = NULL;
   char warc_timestamp_str [21];
   char warc_request_uuid [48];
-  ip_address *warc_ip = NULL;
+  ip_address warc_ip_buf, *warc_ip = NULL;
   off_t warc_payload_offset = -1;
 
   /* Whether this connection will be kept alive after the HTTP request
@@ -3217,15 +3261,17 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
     }
 #endif /* HAVE_SSL */
 
-  /* Initialize certain elements of struct http_stat.  */
+  /* Initialize certain elements of struct http_stat.
+   * Since this function is called in a loop, we have to xfree certain
+   * members. */
   hs->len = 0;
   hs->contlen = -1;
   hs->res = -1;
-  hs->rderrmsg = NULL;
-  hs->newloc = NULL;
+  xfree (hs->rderrmsg);
+  xfree (hs->newloc);
   xfree (hs->remote_time);
-  hs->error = NULL;
-  hs->message = NULL;
+  xfree (hs->error);
+  xfree (hs->message);
   hs->local_encoding = ENC_NONE;
   hs->remote_encoding = ENC_NONE;
 
@@ -3302,7 +3348,7 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
 
       if (! proxy)
         {
-          warc_ip = (ip_address *) alloca (sizeof (ip_address));
+          warc_ip = &warc_ip_buf;
           socket_ip_address (sock, warc_ip, ENDPOINT_PEER);
         }
     }
@@ -3365,7 +3411,7 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
 
       /* Generate a timestamp and uuid for this request. */
       warc_timestamp (warc_timestamp_str, sizeof (warc_timestamp_str));
-      warc_uuid_str (warc_request_uuid);
+      warc_uuid_str (warc_request_uuid, sizeof (warc_request_uuid));
 
       /* Create a request record and store it in the WARC file. */
       warc_result = warc_write_request_record (u->url, warc_timestamp_str,
@@ -3502,9 +3548,22 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
                                         &scbeg, &scend)) != -1;
            ++scpos)
         {
-          char *set_cookie; BOUNDED_TO_ALLOCA (scbeg, scend, set_cookie);
+          char buf[1024], *set_cookie;
+          size_t len = scend - scbeg;
+
+          if (len < sizeof (buf))
+            set_cookie = buf;
+          else
+            set_cookie = xmalloc (len + 1);
+
+          memcpy (set_cookie, scbeg, len);
+          set_cookie[len] = 0;
+
           cookie_handle_set_cookie (wget_cookie_jar, u->host, u->port,
                                     u->path, set_cookie);
+
+          if (set_cookie != buf)
+            xfree (set_cookie);
         }
     }
 
@@ -3575,7 +3634,6 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
                                &auth_finished);
         if (auth_err == RETROK && retry)
           {
-            xfree (hs->message);
             resp_free (&resp);
             xfree (message);
             xfree (head);
@@ -3605,6 +3663,7 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
   }
 
   hs->statcode = statcode;
+  xfree (hs->error);
   if (statcode == -1)
     hs->error = xstrdup (_("Malformed status line"));
   else if (!*message)
@@ -3632,6 +3691,7 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
                    (unsigned long) max_age,
                    (include_subdomains ? "true" : "false")));
         }
+      xfree (hsts_params);
     }
 #endif
 
@@ -3662,7 +3722,9 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
 #endif
         }
     }
+  xfree (hs->newloc);
   hs->newloc = resp_header_strdup (resp, "Location");
+  xfree (hs->remote_time);
   hs->remote_time = resp_header_strdup (resp, "Last-Modified");
   if (!hs->remote_time) // now look for the Wayback Machine's timestamp
     hs->remote_time = resp_header_strdup (resp, "X-Archive-Orig-last-modified");
@@ -4335,8 +4397,13 @@ http_loop (const struct url *u, struct url *original_url, char **newloc,
            first attempt to clobber existing data.)  */
         hstat.restval = st.st_size;
       else if (count > 1)
-        /* otherwise, continue where the previous try left off */
-        hstat.restval = hstat.len;
+        {
+          /* otherwise, continue where the previous try left off */
+          if (hstat.len < hstat.restval)
+            hstat.restval -= hstat.len;
+          else
+            hstat.restval = hstat.len;
+        }
       else
         hstat.restval = 0;
 
@@ -4371,8 +4438,6 @@ http_loop (const struct url *u, struct url *original_url, char **newloc,
              bring them to "while" statement at the end, to judge
              whether the number of tries was exceeded.  */
           printwhat (count, opt.ntry);
-          xfree (hstat.message);
-          xfree (hstat.error);
           continue;
         case FWRITEERR: case FOPENERR:
           /* Another fatal error.  */
@@ -4386,8 +4451,6 @@ http_loop (const struct url *u, struct url *original_url, char **newloc,
           if ( opt.retry_on_host_error )
             {
               printwhat (count, opt.ntry);
-              xfree (hstat.message);
-              xfree (hstat.error);
               continue;
             }
           ret = err;
@@ -4652,8 +4715,6 @@ Remote file exists.\n\n"));
               got_name = true;
               *dt &= ~HEAD_ONLY;
               count = 0;          /* the retrieve count for HEAD is reset */
-              xfree (hstat.message);
-              xfree (hstat.error);
               continue;
             } /* send_head_first */
         } /* !got_head */
@@ -4806,7 +4867,10 @@ exit:
       /* Bugfix: Prevent SIGSEGV when hstat.local_file was left NULL
          (i.e. due to opt.content_disposition).  */
       if (hstat.local_file)
-        *local_file = xstrdup (hstat.local_file);
+        {
+          *local_file = hstat.local_file;
+          hstat.local_file = NULL;
+        }
     }
   free_hstat (&hstat);
 
@@ -4945,16 +5009,32 @@ http_atotm (const char *time_string)
 static char *
 basic_authentication_encode (const char *user, const char *passwd)
 {
-  char *t1, *t2;
-  int len1 = strlen (user) + 1 + strlen (passwd);
+  char buf_t1[256], buf_t2[256];
+  char *t1, *t2, *ret;
+  size_t len1 = strlen (user) + 1 + strlen (passwd);
 
-  t1 = (char *)alloca (len1 + 1);
-  sprintf (t1, "%s:%s", user, passwd);
+  if (len1 < sizeof (buf_t1))
+    t1 = buf_t1;
+  else
+    t1 = xmalloc(len1 + 1);
 
-  t2 = (char *)alloca (BASE64_LENGTH (len1) + 1);
+  if (BASE64_LENGTH (len1) < sizeof (buf_t2))
+    t2 = buf_t2;
+  else
+    t2 = xmalloc (BASE64_LENGTH (len1) + 1);
+
+  sprintf (t1, "%s:%s", user, passwd);
   wget_base64_encode (t1, len1, t2);
 
-  return concat_strings ("Basic ", t2, (char *) 0);
+  ret = concat_strings ("Basic ", t2, (char *) 0);
+
+  if (t2 != buf_t2)
+    xfree (t2);
+
+  if (t1 != buf_t1)
+    xfree (t1);
+
+  return ret;
 }
 
 #define SKIP_WS(x) do {                         \
@@ -5257,13 +5337,31 @@ save_cookies (void)
     cookie_jar_save (wget_cookie_jar, opt.cookies_output);
 }
 
+#if defined DEBUG_MALLOC || defined TESTING
 void
 http_cleanup (void)
 {
-  xfree (pconn.host);
+  if (pconn_active)
+    invalidate_persistent ();
+
   if (wget_cookie_jar)
-    cookie_jar_delete (wget_cookie_jar);
+    {
+      cookie_jar_delete (wget_cookie_jar);
+      wget_cookie_jar = NULL;
+    }
+
+  if (basic_authed_hosts)
+    {
+      hash_table_iterator iter;
+      for (hash_table_iterate (basic_authed_hosts, &iter); hash_table_iter_next (&iter); )
+        {
+          xfree (iter.key);
+        }
+      hash_table_destroy (basic_authed_hosts);
+      basic_authed_hosts = NULL;
+    }
 }
+#endif
 
 void
 ensure_extension (struct http_stat *hs, const char *ext, int *dt)
@@ -5325,9 +5423,7 @@ test_parse_range_header (void)
       { "bytes 42-1233/1234", 42, 1233, 1234, true },
       { "bytes 42-1233/*", 42, 1233, -1, true },
       { "bytes 0-2147483648/2147483649", 0, 2147483648U, 2147483649U, true },
-#if SIZEOF_WGINT >= 8
       { "bytes 2147483648-4294967296/4294967297", 2147483648U, 4294967296ULL, 4294967297ULL, true },
-#endif
   };
 
   wgint firstbyteptr[sizeof(wgint)];
diff --git a/src/http.h b/src/http.h
index d6b22ea..5eac0da 100644
--- a/src/http.h
+++ b/src/http.h
@@ -1,5 +1,5 @@
 /* Declarations for HTTP.
-   Copyright (C) 2005-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2005-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/init.c b/src/init.c
index 9b6665a..aa526de 100644
--- a/src/init.c
+++ b/src/init.c
@@ -1,5 +1,5 @@
 /* Reading/parsing the initialization file.
-   Copyright (C) 1996-2012, 2014-2015, 2018-2019 Free Software
+   Copyright (C) 1996-2012, 2014-2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
@@ -58,6 +58,8 @@ as that of the covered work.  */
 #include "host.h"
 #include "netrc.h"
 #include "progress.h"
+#include "connect.h"            /* for connect_cleanup */
+#include "ssl.h"                /* for ssl_cleanup */
 #include "recur.h"              /* for INFINITE_RECURSION */
 #include "convert.h"            /* for convert_cleanup */
 #include "res.h"                /* for res_cleanup */
@@ -330,7 +332,9 @@ static const struct {
   { "tries",            &opt.ntry,              cmd_number_inf },
   { "trustservernames", &opt.trustservernames,  cmd_boolean },
   { "unlink",           &opt.unlink_requested,  cmd_boolean },
+#ifndef __VMS
   { "useaskpass" ,      &opt.use_askpass,       cmd_use_askpass },
+#endif
   { "useproxy",         &opt.use_proxy,         cmd_boolean },
   { "user",             &opt.user,              cmd_string },
   { "useragent",        NULL,                   cmd_spec_useragent },
@@ -585,20 +589,33 @@ wgetrc_env_file_name (void)
   return NULL;
 }
 
+/* Append file name to (locally appropriate) directory spec.
+   Return pointer to allocated storage. */
+char *
+ajoin_dir_file (const char *dir, const char *file)
+{
+  char *dir_file;
+#ifdef __VMS
+   /* No separator: "dev:[dir]" + "name.type" */
+  dir_file = aprintf ("%s%s", dir, file);
+#else /* def __VMS */
+  /* Slash separator: "/a/b" + "/" + "name.type" */
+  dir_file = aprintf ("%s/%s", dir, file);
+#endif /* def __VMS [else] */
+  return dir_file;
+}
+
 /* Check for the existence of '$HOME/.wgetrc' and return its path
    if it exists and is set.  */
 char *
 wgetrc_user_file_name (void)
 {
   char *file = NULL;
-  /* If that failed, try $HOME/.wgetrc (or equivalent).  */
 
-#ifdef __VMS
-  file = "SYS$LOGIN:.wgetrc";
-#else /* def __VMS */
-  if (opt.homedir)
-    file = aprintf ("%s/.wgetrc", opt.homedir);
-#endif /* def __VMS [else] */
+  /* Join opt.homedir ($HOME) and ".wgetrc" */
+  if (opt.homedir) {
+    file = ajoin_dir_file(opt.homedir, ".wgetrc");
+  }
 
   if (!file)
     return NULL;
@@ -827,6 +844,8 @@ parse_line (const char *line, char **com, char **val, int *comind)
   const char *end = line + strlen (line);
   const char *cmdstart, *cmdend;
   const char *valstart, *valend;
+  char buf[1024];
+  size_t len;
 
   char *cmdcopy;
   int ind;
@@ -867,9 +886,18 @@ parse_line (const char *line, char **com, char **val, int *comind)
 
   /* The line now known to be syntactically correct.  Check whether
      the command is valid.  */
-  BOUNDED_TO_ALLOCA (cmdstart, cmdend, cmdcopy);
+  len = cmdend - cmdstart;
+  if (len < sizeof (buf))
+    cmdcopy = buf;
+  else
+    cmdcopy = xmalloc (len + 1);
+  memcpy (cmdcopy, cmdstart, len);
+  cmdcopy[len] = 0;
+
   dehyphen (cmdcopy);
   ind = command_by_name (cmdcopy);
+  if (cmdcopy != buf)
+    xfree (cmdcopy);
   if (ind == -1)
     return line_unknown_command;
 
@@ -946,12 +974,13 @@ void
 setoptval (const char *com, const char *val, const char *optname)
 {
   /* Prepend "--" to OPTNAME. */
-  char *dd_optname = (char *) alloca (2 + strlen (optname) + 1);
-  dd_optname[0] = '-';
-  dd_optname[1] = '-';
-  strcpy (dd_optname + 2, optname);
+  char dd_optname[2 + MAX_LONGOPTION + 1];
+
+  if ((unsigned) snprintf(dd_optname, sizeof (dd_optname), "--%s", optname) > sizeof (dd_optname))
+    exit (WGET_EXIT_PARSE_ERROR);
 
   assert (val != NULL);
+
   if (!setval_internal (command_by_name (com), dd_optname, val))
     exit (WGET_EXIT_PARSE_ERROR);
 }
@@ -1409,6 +1438,13 @@ cmd_time (const char *com, const char *val, void *place)
   if (!simple_atof (val, end, &number))
     goto err;
 
+  if (number < 0)
+    {
+      fprintf (stderr, _("%s: %s: Negative time period %s\n"),
+               exec_name, com, quote (val));
+      return false;
+    }
+
   *(double *)place = number * mult;
   return true;
 }
@@ -1929,6 +1965,10 @@ cleanup (void)
   host_cleanup ();
   log_cleanup ();
   netrc_cleanup ();
+#ifdef HAVE_SSL
+  ssl_cleanup ();
+#endif
+  connect_cleanup ();
 
   xfree (opt.choose_config);
   xfree (opt.lfilename);
diff --git a/src/init.h b/src/init.h
index 2ec8dde..a7619ce 100644
--- a/src/init.h
+++ b/src/init.h
@@ -1,5 +1,5 @@
 /* Declarations for init.c.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -31,6 +31,7 @@ as that of the covered work.  */
 #ifndef INIT_H
 #define INIT_H
 
+char *ajoin_dir_file (const char *, const char *);
 char *wgetrc_env_file_name (void);
 char *wgetrc_user_file_name (void);
 char *wgetrc_file_name (void);
@@ -42,4 +43,6 @@ void cleanup (void);
 void defaults (void);
 bool run_wgetrc (const char *file, file_stats_t *);
 
+#define MAX_LONGOPTION 26
+
 #endif /* INIT_H */
diff --git a/src/iri.c b/src/iri.c
index d00683c..afdadf7 100644
--- a/src/iri.c
+++ b/src/iri.c
@@ -1,5 +1,5 @@
 /* IRI related functions.
-   Copyright (C) 2008-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2008-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -152,11 +152,8 @@ do_conversion (const char *tocode, const char *fromcode, char const *in_org, siz
   *out = s = xmalloc (outlen + 1);
   done = 0;
 
-  DEBUGP (("iconv %s -> %s\n", tocode, fromcode));
-
   for (;;)
     {
-      DEBUGP (("iconv outlen=%d inlen=%d\n", outlen, inlen));
       if (iconv (cd, (ICONV_CONST char **) &in, &inlen, out, &outlen) != (size_t)(-1) &&
           iconv (cd, NULL, NULL, out, &outlen) != (size_t)(-1))
         {
@@ -191,8 +188,6 @@ do_conversion (const char *tocode, const char *fromcode, char const *in_org, siz
         }
       else if (errno == E2BIG) /* Output buffer full */
         {
-          logprintf (LOG_VERBOSE,
-                    _("Reallocate output buffer len=%d outlen=%d inlen=%d\n"), len, outlen, inlen);
           tooshort++;
           done = len;
           len = done + inlen * 2;
diff --git a/src/iri.h b/src/iri.h
index 50e6142..c6b75e8 100644
--- a/src/iri.h
+++ b/src/iri.h
@@ -1,5 +1,5 @@
 /* Internationalization related declarations.
-   Copyright (C) 2008-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2008-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/log.c b/src/log.c
index 63b96c8..7de23ee 100644
--- a/src/log.c
+++ b/src/log.c
@@ -1,5 +1,5 @@
 /* Messages logging.
-   Copyright (C) 1998-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1998-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -427,6 +427,9 @@ log_vprintf_internal (struct logvprintf_state *state, const char *fmt,
   FILE *fp = get_log_fp ();
   FILE *warcfp = get_warc_log_fp ();
 
+  if (fp == NULL)
+      return false;
+
   if (!save_context_p && warcfp == NULL)
     {
       /* In the simple case just call vfprintf(), to avoid needless
@@ -480,7 +483,7 @@ log_vprintf_internal (struct logvprintf_state *state, const char *fmt,
   if (save_context_p)
     saved_append (write_ptr);
   FPUTS (write_ptr, fp);
-  if (warcfp != NULL)
+  if (warcfp != NULL && warcfp != fp)
     FPUTS (write_ptr, warcfp);
   xfree (state->bigmsg);
 
@@ -901,6 +904,7 @@ escnonprint_uri (const char *str)
   return escnonprint_internal (str, '%', 16);
 }
 
+#if defined DEBUG_MALLOC || defined TESTING
 void
 log_cleanup (void)
 {
@@ -908,6 +912,7 @@ log_cleanup (void)
   for (i = 0; i < countof (ring); i++)
     xfree (ring[i].buffer);
 }
+#endif
 
 /* When SIGHUP or SIGUSR1 are received, the output is redirected
    elsewhere.  Such redirection is only allowed once. */
@@ -966,7 +971,7 @@ redirect_output (bool to_file, const char *signal_name)
 static void
 check_redirect_output (void)
 {
-#ifndef WINDOWS
+#if !defined(WINDOWS) && !defined(__VMS)
   /* If it was redirected already to log file by SIGHUP, SIGUSR1 or -o parameter,
    * it was permanent.
    * If there was no SIGHUP or SIGUSR1 and shell is interactive
@@ -986,5 +991,5 @@ check_redirect_output (void)
           redirect_output (false,NULL);
         }
     }
-#endif /* WINDOWS */
+#endif /* !defined(WINDOWS) && !defined(__VMS) */
 }
diff --git a/src/log.h b/src/log.h
index e298f5c..40d4d88 100644
--- a/src/log.h
+++ b/src/log.h
@@ -1,5 +1,5 @@
 /* Declarations for log.c.
-   Copyright (C) 1998-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1998-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/main.c b/src/main.c
index 65b7f3f..c84f6e4 100644
--- a/src/main.c
+++ b/src/main.c
@@ -1,5 +1,5 @@
 /* Command line parsing.
-   Copyright (C) 1996-2015, 2018-2019 Free Software Foundation, Inc.
+   Copyright (C) 1996-2015, 2018-2020 Free Software Foundation, Inc.
 
 This file is part of GNU Wget.
 
@@ -153,6 +153,7 @@ i18n_initialize (void)
   setlocale (LC_ALL, "");
   /* Set the text message domain.  */
   bindtextdomain ("wget", LOCALEDIR);
+  bindtextdomain ("wget-gnulib", LOCALEDIR);
   textdomain ("wget");
 #elif defined WINDOWS
   char MBCP[16] = "";
@@ -177,7 +178,7 @@ get_hsts_database (void)
 
   if (opt.homedir)
     {
-      char *dir = aprintf ("%s/.wget-hsts", opt.homedir);
+      char *dir = ajoin_dir_file(opt.homedir, ".wget-hsts");
       return dir;
     }
 
@@ -236,13 +237,13 @@ _Noreturn static void print_help (void);
 _Noreturn static void print_version (void);
 
 #ifdef HAVE_SSL
-# define IF_SSL(x) x
+# define IF_SSL(a,b,c,d,e) { a, b, c, d , e },
 #else
-# define IF_SSL(x) NULL
+# define IF_SSL(a,b,c,d,e)
 #endif
 
 struct cmdline_option {
-  const char *long_name;
+  char long_name[MAX_LONGOPTION];
   char short_name;
   enum {
     OPT_VALUE,
@@ -279,12 +280,12 @@ static struct cmdline_option option_data[] =
 #endif
     { "body-data", 0, OPT_VALUE, "bodydata", -1 },
     { "body-file", 0, OPT_VALUE, "bodyfile", -1 },
-    { IF_SSL ("ca-certificate"), 0, OPT_VALUE, "cacertificate", -1 },
-    { IF_SSL ("ca-directory"), 0, OPT_VALUE, "cadirectory", -1 },
+    IF_SSL ( "ca-certificate", 0, OPT_VALUE, "cacertificate", -1 )
+    IF_SSL ( "ca-directory", 0, OPT_VALUE, "cadirectory", -1 )
     { "cache", 0, OPT_BOOLEAN, "cache", -1 },
-    { IF_SSL ("certificate"), 0, OPT_VALUE, "certificate", -1 },
-    { IF_SSL ("certificate-type"), 0, OPT_VALUE, "certificatetype", -1 },
-    { IF_SSL ("check-certificate"), 0, OPT_BOOLEAN, "checkcertificate", -1 },
+    IF_SSL ( "certificate", 0, OPT_VALUE, "certificate", -1 )
+    IF_SSL ( "certificate-type", 0, OPT_VALUE, "certificatetype", -1 )
+    IF_SSL ( "check-certificate", 0, OPT_BOOLEAN, "checkcertificate", -1 )
     { "clobber", 0, OPT__CLOBBER, NULL, optional_argument },
 #ifdef HAVE_LIBZ
     { "compression", 0, OPT_VALUE, "compression", -1 },
@@ -297,7 +298,7 @@ static struct cmdline_option option_data[] =
     { "content-disposition", 0, OPT_BOOLEAN, "contentdisposition", -1 },
     { "content-on-error", 0, OPT_BOOLEAN, "contentonerror", -1 },
     { "cookies", 0, OPT_BOOLEAN, "cookies", -1 },
-    { IF_SSL ("crl-file"), 0, OPT_VALUE, "crlfile", -1 },
+    IF_SSL ( "crl-file", 0, OPT_VALUE, "crlfile", -1 )
     { "cut-dirs", 0, OPT_VALUE, "cutdirs", -1 },
     { "debug", 'd', OPT_BOOLEAN, "debug", -1 },
     { "default-page", 0, OPT_VALUE, "defaultpage", -1 },
@@ -325,12 +326,10 @@ static struct cmdline_option option_data[] =
     { "ftp-stmlf", 0, OPT_BOOLEAN, "ftpstmlf", -1 },
 #endif /* def __VMS */
     { "ftp-user", 0, OPT_VALUE, "ftpuser", -1 },
-#ifdef HAVE_SSL
-    { "ftps-clear-data-connection", 0, OPT_BOOLEAN, "ftpscleardataconnection", -1 },
-    { "ftps-fallback-to-ftp", 0, OPT_BOOLEAN, "ftpsfallbacktoftp", -1 },
-    { "ftps-implicit", 0, OPT_BOOLEAN, "ftpsimplicit", -1 },
-    { "ftps-resume-ssl", 0, OPT_BOOLEAN, "ftpsresumessl", -1 },
-#endif
+    IF_SSL ( "ftps-clear-data-connection", 0, OPT_BOOLEAN, "ftpscleardataconnection", -1 )
+    IF_SSL ( "ftps-fallback-to-ftp", 0, OPT_BOOLEAN, "ftpsfallbacktoftp", -1 )
+    IF_SSL ( "ftps-implicit", 0, OPT_BOOLEAN, "ftpsimplicit", -1 )
+    IF_SSL ( "ftps-resume-ssl", 0, OPT_BOOLEAN, "ftpsresumessl", -1 )
     { "glob", 0, OPT_BOOLEAN, "glob", -1 },
     { "header", 0, OPT_VALUE, "header", -1 },
     { "help", 'h', OPT_FUNCALL, (void *)print_help, no_argument },
@@ -345,7 +344,7 @@ static struct cmdline_option option_data[] =
     { "http-passwd", 0, OPT_VALUE, "httppassword", -1 }, /* deprecated */
     { "http-password", 0, OPT_VALUE, "httppassword", -1 },
     { "http-user", 0, OPT_VALUE, "httpuser", -1 },
-    { IF_SSL ("https-only"), 0, OPT_BOOLEAN, "httpsonly", -1 },
+    IF_SSL ( "https-only", 0, OPT_BOOLEAN, "httpsonly", -1 )
     { "ignore-case", 0, OPT_BOOLEAN, "ignorecase", -1 },
     { "ignore-length", 0, OPT_BOOLEAN, "ignorelength", -1 },
     { "ignore-tags", 0, OPT_VALUE, "ignoretags", -1 },
@@ -384,7 +383,7 @@ static struct cmdline_option option_data[] =
     { "parent", 0, OPT__PARENT, NULL, optional_argument },
     { "passive-ftp", 0, OPT_BOOLEAN, "passiveftp", -1 },
     { "password", 0, OPT_VALUE, "password", -1 },
-    { IF_SSL ("pinnedpubkey"), 0, OPT_VALUE, "pinnedpubkey", -1 },
+    IF_SSL ( "pinnedpubkey", 0, OPT_VALUE, "pinnedpubkey", -1 )
     { "post-data", 0, OPT_VALUE, "postdata", -1 },
     { "post-file", 0, OPT_VALUE, "postfile", -1 },
     { "prefer-family", 0, OPT_VALUE, "preferfamily", -1 },
@@ -392,9 +391,9 @@ static struct cmdline_option option_data[] =
     { "preferred-location", 0, OPT_VALUE, "preferredlocation", -1 },
 #endif
     { "preserve-permissions", 0, OPT_BOOLEAN, "preservepermissions", -1 },
-    { IF_SSL ("ciphers"), 0, OPT_VALUE, "ciphers", -1 },
-    { IF_SSL ("private-key"), 0, OPT_VALUE, "privatekey", -1 },
-    { IF_SSL ("private-key-type"), 0, OPT_VALUE, "privatekeytype", -1 },
+    IF_SSL ( "ciphers", 0, OPT_VALUE, "ciphers", -1 )
+    IF_SSL ( "private-key", 0, OPT_VALUE, "privatekey", -1 )
+    IF_SSL ( "private-key-type", 0, OPT_VALUE, "privatekeytype", -1 )
     { "progress", 0, OPT_VALUE, "progress", -1 },
     { "show-progress", 0, OPT_BOOLEAN, "showprogress", -1 },
     { "protocol-directories", 0, OPT_BOOLEAN, "protocoldirectories", -1 },
@@ -424,7 +423,7 @@ static struct cmdline_option option_data[] =
     { "retry-on-http-error", 0, OPT_VALUE, "retryonhttperror", -1 },
     { "save-cookies", 0, OPT_VALUE, "savecookies", -1 },
     { "save-headers", 0, OPT_BOOLEAN, "saveheaders", -1 },
-    { IF_SSL ("secure-protocol"), 0, OPT_VALUE, "secureprotocol", -1 },
+    IF_SSL ( "secure-protocol", 0, OPT_VALUE, "secureprotocol", -1 )
     { "server-response", 'S', OPT_BOOLEAN, "serverresponse", -1 },
     { "span-hosts", 'H', OPT_BOOLEAN, "spanhosts", -1 },
     { "spider", 0, OPT_BOOLEAN, "spider", -1 },
@@ -436,7 +435,9 @@ static struct cmdline_option option_data[] =
     { "tries", 't', OPT_VALUE, "tries", -1 },
     { "unlink", 0, OPT_BOOLEAN, "unlink", -1 },
     { "trust-server-names", 0, OPT_BOOLEAN, "trustservernames", -1 },
+#ifndef __VMS
     { "use-askpass", 0, OPT_VALUE, "useaskpass", -1},
+#endif
     { "use-server-timestamps", 0, OPT_BOOLEAN, "useservertimestamps", -1 },
     { "user", 0, OPT_VALUE, "user", -1 },
     { "user-agent", 'U', OPT_VALUE, "useragent", -1 },
@@ -514,10 +515,6 @@ init_switches (void)
       struct cmdline_option *cmdopt = &option_data[i];
       struct option *longopt;
 
-      if (!cmdopt->long_name)
-        /* The option is disabled. */
-        continue;
-
       longopt = &long_options[o++];
       longopt->name = cmdopt->long_name;
       longopt->val = i;
@@ -696,11 +693,14 @@ Download:\n"),
     N_("\
        --read-timeout=SECS         set the read timeout to SECS\n"),
     N_("\
-  -w,  --wait=SECONDS              wait SECONDS between retrievals\n"),
+  -w,  --wait=SECONDS              wait SECONDS between retrievals\n\
+                                     (applies if more then 1 URL is to be retrieved)\n"),
     N_("\
-       --waitretry=SECONDS         wait 1..SECONDS between retries of a retrieval\n"),
+       --waitretry=SECONDS         wait 1..SECONDS between retries of a retrieval\n\
+                                     (applies if more then 1 URL is to be retrieved)\n"),
     N_("\
-       --random-wait               wait from 0.5*WAIT...1.5*WAIT secs between retrievals\n"),
+       --random-wait               wait from 0.5*WAIT...1.5*WAIT secs between retrievals\n\
+                                     (applies if more then 1 URL is to be retrieved)\n"),
     N_("\
        --no-proxy                  explicitly turn off proxy\n"),
     N_("\
@@ -730,11 +730,13 @@ Download:\n"),
        --password=PASS             set both ftp and http password to PASS\n"),
     N_("\
        --ask-password              prompt for passwords\n"),
+#ifndef __VMS
     N_("\
        --use-askpass=COMMAND       specify credential handler for requesting \n\
                                      username and password.  If no COMMAND is \n\
                                      specified the WGET_ASKPASS or the SSH_ASKPASS \n\
                                      environment variable is used.\n"),
+#endif
     N_("\
        --no-iri                    turn off IRI support\n"),
     N_("\
@@ -1026,8 +1028,8 @@ Recursive accept/reject:\n"),
     N_("\
   -np, --no-parent                 don't ascend to the parent directory\n"),
     "\n",
-    N_("Email bug reports, questions, discussions to <bug-wget@gnu.org>\n"),
-    N_("and/or open issues at https://savannah.gnu.org/bugs/?func=additem&group=wget.\n")
+    N_("Email bug reports, questions, discussions to <bug-wget@gnu.org>\n"
+    "and/or open issues at https://savannah.gnu.org/bugs/?func=additem&group=wget.\n")
   };
 
   size_t i;
@@ -1273,6 +1275,12 @@ print_version (void)
   if (printf ("\n") < 0)
     exit (WGET_EXIT_IO_FAIL);
 
+  /* Print VMS-specific version info. */
+#ifdef __VMS
+  if (vms_version_supplement() < 0)
+    exit (WGET_EXIT_IO_FAIL);
+#endif /* def __VMS */
+
   /* Handle the case when $WGETRC is unset and $HOME/.wgetrc is
      absent. */
   if (printf ("%s\n", wgetrc_title) < 0)
@@ -1350,9 +1358,9 @@ int cleaned_up;
 int
 main (int argc, char **argv)
 {
-  char **url, **t, *p;
+  char *p;
   int i, ret, longindex;
-  int nurl;
+  int nurls;
   int retconf;
   int argstring_length;
   bool use_userconfig = false;
@@ -1569,7 +1577,7 @@ main (int argc, char **argv)
       longindex = -1;
     }
 
-  nurl = argc - optind;
+  nurls = argc - optind;
 
   /* Initialize logging ASAP.  */
   log_init (opt.lfilename, append_to_log);
@@ -1653,7 +1661,7 @@ Can't timestamp and not clobber old files at the same time.\n"));
   if (opt.output_document)
     {
       if ((opt.convert_links || opt.convert_file_only)
-          && (nurl > 1 || opt.page_requisites || opt.recursive))
+          && (nurls > 1 || opt.page_requisites || opt.recursive))
         {
           fputs (_("\
 Cannot specify both -k or --convert-file-only and -O if multiple URLs are given, or in combination\n\
@@ -1755,6 +1763,12 @@ for details.\n\n"));
       exit (WGET_EXIT_GENERIC_ERROR);
     }
 
+  if (opt.ask_passwd && !(opt.user || opt.http_user || opt.ftp_user))
+    {
+      fprintf(stderr,
+              _("WARNING: No username set with --ask-password. This is usually not what you want.\n"));
+    }
+
   if (opt.start_pos >= 0 && opt.always_rest)
     {
       fprintf (stderr,
@@ -1763,7 +1777,7 @@ for details.\n\n"));
       opt.always_rest = false;
     }
 
-  if (!nurl && !opt.input_filename
+  if (!nurls && !opt.input_filename
 #ifdef HAVE_METALINK
       && !opt.input_metalink
 #endif
@@ -1933,23 +1947,6 @@ for details.\n\n"));
   if (opt.show_progress)
     set_progress_implementation (opt.progress_type);
 
-  /* Fill in the arguments.  */
-  url = alloca_array (char *, nurl + 1);
-  if (url == NULL)
-    {
-      fprintf (stderr, _("Memory allocation problem\n"));
-      exit (WGET_EXIT_PARSE_ERROR);
-    }
-  for (i = 0; i < nurl; i++, optind++)
-    {
-      char *rewritten = rewrite_shorthand_url (argv[optind]);
-      if (rewritten)
-        url[i] = rewritten;
-      else
-        url[i] = xstrdup (argv[optind]);
-    }
-  url[i] = NULL;
-
   /* Open WARC file. */
   if (opt.warc_filename != 0)
     warc_init ();
@@ -2112,23 +2109,28 @@ only if outputting to a regular file.\n"));
 #endif
 
   /* Retrieve the URLs from argument list.  */
-  for (t = url; *t; t++)
+  for (i = 0; i < nurls; i++, optind++)
     {
+      char *t;
       char *filename = NULL, *redirected_URL = NULL;
-      int dt, url_err;
+      int dt = 0, url_err;
       /* Need to do a new struct iri every time, because
        * retrieve_url may modify it in some circumstances,
        * currently. */
       struct iri *iri = iri_new ();
       struct url *url_parsed;
 
+      t = rewrite_shorthand_url (argv[optind]);
+      if (!t)
+        t = argv[optind];
+
       set_uri_encoding (iri, opt.locale, true);
-      url_parsed = url_parse (*t, &url_err, iri, true);
+      url_parsed = url_parse (t, &url_err, iri, true);
 
       if (!url_parsed)
         {
-          char *error = url_error (*t, url_err);
-          logprintf (LOG_NOTQUIET, "%s: %s.\n",*t, error);
+          char *error = url_error (t, url_err);
+          logprintf (LOG_NOTQUIET, "%s: %s.\n",t, error);
           xfree (error);
           inform_exit_status (URLERROR);
         }
@@ -2139,9 +2141,9 @@ only if outputting to a regular file.\n"));
             use_askpass (url_parsed);
 
           if ((opt.recursive || opt.page_requisites)
-              && ((url_scheme (*t) != SCHEME_FTP
+              && ((url_scheme (t) != SCHEME_FTP
 #ifdef HAVE_SSL
-              && url_scheme (*t) != SCHEME_FTPS
+              && url_scheme (t) != SCHEME_FTPS
 #endif
               )
                   || url_uses_proxy (url_parsed)))
@@ -2149,9 +2151,9 @@ only if outputting to a regular file.\n"));
               int old_follow_ftp = opt.follow_ftp;
 
               /* Turn opt.follow_ftp on in case of recursive FTP retrieval */
-              if (url_scheme (*t) == SCHEME_FTP
+              if (url_scheme (t) == SCHEME_FTP
 #ifdef HAVE_SSL
-                  || url_scheme (*t) == SCHEME_FTPS
+                  || url_scheme (t) == SCHEME_FTPS
 #endif
                   )
                 opt.follow_ftp = 1;
@@ -2162,7 +2164,7 @@ only if outputting to a regular file.\n"));
             }
           else
             {
-              retrieve_url (url_parsed, *t, &filename, &redirected_URL, NULL,
+              retrieve_url (url_parsed, t, &filename, &redirected_URL, NULL,
                             &dt, opt.recursive, iri, true);
             }
 
@@ -2177,7 +2179,11 @@ only if outputting to a regular file.\n"));
           xfree (filename);
           url_free (url_parsed);
         }
+
       iri_free (iri);
+
+      if (t != argv[optind])
+        xfree (t);
     }
 
   /* And then from the input file, if any.  */
@@ -2249,7 +2255,7 @@ only if outputting to a regular file.\n"));
 
   /* Print the downloaded sum.  */
   if ((opt.recursive || opt.page_requisites
-       || nurl > 1
+       || nurls > 1
        || (opt.input_filename && total_downloaded_bytes != 0))
       &&
       total_downloaded_bytes != 0)
diff --git a/src/metalink.c b/src/metalink.c
index 72f7d1b..81cd1b3 100644
--- a/src/metalink.c
+++ b/src/metalink.c
@@ -1,5 +1,5 @@
 /* Metalink module.
-   Copyright (C) 2015, 2018-2019 Free Software Foundation, Inc.
+   Copyright (C) 2015, 2018-2020 Free Software Foundation, Inc.
 
 This file is part of GNU Wget.
 
@@ -40,7 +40,7 @@ as that of the covered work.  */
 #include "sha1.h"
 #include "sha256.h"
 #include "sha512.h"
-#include "dosname.h"
+#include "filename.h"
 #include "xmemdup0.h"
 #include "xstrndup.h"
 #include "c-strcase.h"
@@ -1108,7 +1108,7 @@ badhash_suffix (char *name)
   char *bhash, *uname;
 
   bhash = concat_strings (name, ".badhash", (char *)0);
-  uname = unique_name (bhash, false);
+  uname = unique_name (bhash);
 
   logprintf (LOG_VERBOSE, _("Renaming %s to %s.\n"),
              quote_n (0, name), quote_n (1, uname));
diff --git a/src/metalink.h b/src/metalink.h
index 694db84..b20a421 100644
--- a/src/metalink.h
+++ b/src/metalink.h
@@ -1,5 +1,5 @@
 /* Declarations for metalink.c.
-   Copyright (C) 2015, 2018-2019 Free Software Foundation, Inc.
+   Copyright (C) 2015, 2018-2020 Free Software Foundation, Inc.
 
 This file is part of GNU Wget.
 
@@ -30,6 +30,7 @@ as that of the covered work.  */
 #define	METALINK_H
 
 #include <metalink/metalink_types.h>
+#include "dirname.h"
 #include "wget.h"
 
 #ifdef HAVE_SSL
@@ -50,7 +51,6 @@ int metalink_meta_cmp (const void* meta1, const void* meta2);
 
 int metalink_check_safe_path (const char *path);
 
-char *last_component (char const *name);
 void replace_metalink_basename (char **name, char *ref);
 char *get_metalink_basename (char *name);
 void append_suffix_number (char **str, const char *sep, wgint num);
diff --git a/src/mswindows.c b/src/mswindows.c
index 933d18f..42d9f5f 100644
--- a/src/mswindows.c
+++ b/src/mswindows.c
@@ -1,5 +1,5 @@
 /* mswindows.c -- Windows-specific support
-   Copyright (C) 1996-2011, 2014-2015, 2018-2019 Free Software
+   Copyright (C) 1996-2011, 2014-2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
diff --git a/src/mswindows.h b/src/mswindows.h
index f43d745..a8f9ba0 100644
--- a/src/mswindows.h
+++ b/src/mswindows.h
@@ -1,5 +1,5 @@
 /* Declarations for windows
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -59,32 +59,8 @@ as that of the covered work.  */
 /* Declares inet_ntop() and inet_pton(). */
 #include <arpa/inet.h>
 
-/* We have strcasecmp and strncasecmp, just under different names.  */
-#ifndef HAVE_STRCASECMP
-# define strcasecmp stricmp
-#endif
-#ifndef HAVE_STRNCASECMP
-# define strncasecmp strnicmp
-#endif
-
 #include <stdio.h>
 
-/* Define a wgint type under Windows. */
-typedef __int64 wgint;
-#define SIZEOF_WGINT 8
-
-/* str_to_wgint is a function with the semantics of strtol[l], but
-   which works on wgint.  */
-#if defined HAVE_STRTOLL
-# define str_to_wgint strtoll
-#elif defined HAVE__STRTOI64
-# define str_to_wgint _strtoi64
-#else
-# define str_to_wgint strtoll
-# define NEED_STRTOLL
-# define strtoll_type __int64
-#endif
-
 #define PATH_SEPARATOR '\\'
 
 /* ioctl needed by set_windows_fd_as_blocking_socket() */
diff --git a/src/netrc.c b/src/netrc.c
index e38a828..a9232ed 100644
--- a/src/netrc.c
+++ b/src/netrc.c
@@ -1,5 +1,5 @@
 /* Read and parse the .netrc file to get hosts, accounts, and passwords.
-   Copyright (C) 1996, 2007-2011, 2015, 2018-2019 Free Software
+   Copyright (C) 1996, 2007-2011, 2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
@@ -59,17 +59,20 @@ typedef struct _acc_t
 
 static acc_t *parse_netrc (const char *);
 static acc_t *parse_netrc_fp (const char *, FILE *);
-static void free_netrc(acc_t *);
 
 static acc_t *netrc_list;
 static int processed_netrc;
 
+#if defined DEBUG_MALLOC || defined TESTING
+static void free_netrc(acc_t *);
+
 void
-netrc_cleanup(void)
+netrc_cleanup (void)
 {
   free_netrc (netrc_list);
   processed_netrc = 0;
 }
+#endif
 
 /* Return the correct user and password, given the host, user (as
    given in the URL), and password (as given in the URL).  May return
@@ -111,11 +114,10 @@ search_netrc (const char *host, const char **acc, const char **passwd,
       else if (opt.homedir)
         {
           struct stat buf;
-          char *path = (char *)alloca (strlen (opt.homedir) + 1
-                                       + strlen (NETRC_FILE_NAME) + 1);
-          sprintf (path, "%s/%s", opt.homedir, NETRC_FILE_NAME);
+          char *path = aprintf ("%s/%s", opt.homedir, NETRC_FILE_NAME);
           if (stat (path, &buf) == 0)
             netrc_list = parse_netrc (path);
+          xfree (path);
         }
 
 #endif /* def __VMS [else] */
@@ -460,6 +462,7 @@ parse_netrc (const char *path)
   return acc;
 }
 
+#if defined DEBUG_MALLOC || defined TESTING
 /* Free a netrc list.  */
 static void
 free_netrc(acc_t *l)
@@ -476,6 +479,7 @@ free_netrc(acc_t *l)
       l = t;
     }
 }
+#endif
 
 #ifdef STANDALONE
 #include <sys/types.h>
diff --git a/src/netrc.h b/src/netrc.h
index 43f9410..903b8fa 100644
--- a/src/netrc.h
+++ b/src/netrc.h
@@ -1,5 +1,5 @@
 /* Declarations for netrc.c
-   Copyright (C) 1996, 1996-1997, 2007-2011, 2015, 2018-2019 Free
+   Copyright (C) 1996, 1996-1997, 2007-2011, 2015, 2018-2020 Free
    Software Foundation, Inc.
 
 This file is part of GNU Wget.
diff --git a/src/openssl.c b/src/openssl.c
index a150217..d6099ba 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -1,5 +1,5 @@
 /* SSL support via OpenSSL library.
-   Copyright (C) 2000-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2000-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
    Originally contributed by Christian Fraenkel.
 
@@ -49,11 +49,16 @@ as that of the covered work.  */
 #endif
 #endif
 
+#include <sys/ioctl.h>
+
 #include "utils.h"
 #include "connect.h"
+#include "ptimer.h"
 #include "url.h"
 #include "ssl.h"
 
+#include <fcntl.h>
+
 #ifdef WINDOWS
 # include <w32sock.h>
 #endif
@@ -80,12 +85,20 @@ init_prng (void)
       /* Get the random file name using RAND_file_name. */
       namebuf[0] = '\0';
       random_file = RAND_file_name (namebuf, sizeof (namebuf));
+      if (!file_exists_p (random_file, NULL))
+        random_file = NULL;
     }
 
   if (random_file && *random_file)
     /* Seed at most 16k (apparently arbitrary value borrowed from
        curl) from random file. */
-    RAND_load_file (random_file, 16384);
+    {
+        int _err = RAND_load_file (random_file, 16384);
+        if(_err == -1)
+          /* later the thread error queue will be cleared */
+          if ( (_err = ERR_peek_last_error ()) )
+              logprintf (LOG_VERBOSE, "WARNING: Could not load random file: %s, %s\n", opt.random_file, ERR_reason_error_string(_err));
+    }
 
 #ifdef HAVE_RAND_EGD
   /* Get random data from EGD if opt.egd_file was used.  */
@@ -174,7 +187,9 @@ ssl_init (void)
 #if OPENSSL_VERSION_NUMBER >= 0x00907000
   if (ssl_true_initialized == 0)
     {
-#if OPENSSL_API_COMPAT < 0x10100000L
+#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+      OPENSSL_init_ssl (OPENSSL_INIT_LOAD_CONFIG | OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL);
+#else
       OPENSSL_config (NULL);
 #endif
       ssl_true_initialized = 1;
@@ -194,21 +209,9 @@ ssl_init (void)
       goto error;
     }
 
-#if OPENSSL_VERSION_NUMBER >= 0x00907000
-  OPENSSL_load_builtin_modules();
-#ifndef OPENSSL_NO_ENGINE
-  ENGINE_load_builtin_engines();
-#endif
-  CONF_modules_load_file(NULL, NULL,
-      CONF_MFLAGS_DEFAULT_SECTION|CONF_MFLAGS_IGNORE_MISSING_FILE);
-#endif
-#if OPENSSL_API_COMPAT >= 0x10100000L
-  OPENSSL_init_ssl(0, NULL);
-#else
+#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)
   SSL_library_init ();
   SSL_load_error_strings ();
-#endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
   SSLeay_add_all_algorithms ();
   SSLeay_add_ssl_algorithms ();
 #endif
@@ -295,6 +298,12 @@ ssl_init (void)
   if (ssl_options)
     SSL_CTX_set_options (ssl_ctx, ssl_options);
 
+#if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && \
+     !defined(LIBRESSL_VERSION_NUMBER) && \
+     !defined(OPENSSL_IS_BORINGSSL))
+     SSL_CTX_set_post_handshake_auth (ssl_ctx, 1);
+#endif
+
 #if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   if (ssl_proto_version)
     SSL_CTX_set_min_proto_version(ssl_ctx, ssl_proto_version);
@@ -419,6 +428,11 @@ ssl_init (void)
   return false;
 }
 
+void
+ssl_cleanup (void)
+{
+}
+
 struct openssl_transport_context
 {
   SSL *conn;                    /* SSL connection handle */
@@ -426,44 +440,226 @@ struct openssl_transport_context
   char *last_error;             /* last error printed with openssl_errstr */
 };
 
+typedef int (*ssl_fn_t)(SSL *, void *, int);
+
+#ifdef OPENSSL_RUN_WITHTIMEOUT
+
+struct scwt_context
+{
+  SSL *ssl;
+  int result;
+};
+
+static void
+ssl_connect_with_timeout_callback(void *arg)
+{
+  struct scwt_context *ctx = (struct scwt_context *)arg;
+  ctx->result = SSL_connect(ctx->ssl);
+}
+
+static int
+ssl_connect_with_timeout(int fd _GL_UNUSED, SSL *conn, double timeout)
+{
+  struct scwt_context scwt_ctx;
+  scwt_ctx.ssl = conn;
+  errno = 0;
+  if (run_with_timeout(timeout, ssl_connect_with_timeout_callback,
+                       &scwt_ctx))
+    {
+      errno = ETIMEDOUT;
+      return -1;
+    }
+  return scwt_ctx.result;
+}
+
 struct openssl_read_args
 {
   int fd;
   struct openssl_transport_context *ctx;
+  ssl_fn_t fn;
   char *buf;
   int bufsize;
   int retval;
 };
 
-static void openssl_read_callback(void *arg)
+static void
+openssl_read_peek_callback(void *arg)
 {
   struct openssl_read_args *args = (struct openssl_read_args *) arg;
   struct openssl_transport_context *ctx = args->ctx;
+  ssl_fn_t fn = args->fn;
   SSL *conn = ctx->conn;
   char *buf = args->buf;
   int bufsize = args->bufsize;
   int ret;
 
   do
-    ret = SSL_read (conn, buf, bufsize);
-  while (ret == -1 && SSL_get_error (conn, ret) == SSL_ERROR_SYSCALL
-         && errno == EINTR);
+    {
+      ret = fn (conn, buf, bufsize);
+    }
+  while (ret == -1 && SSL_get_error (conn, ret) == SSL_ERROR_SYSCALL && errno == EINTR);
   args->retval = ret;
 }
 
 static int
-openssl_read (int fd, char *buf, int bufsize, void *arg)
+openssl_read_peek (int fd, char *buf, int bufsize, void *arg, double timeout, ssl_fn_t fn)
 {
-  struct openssl_read_args args;
-  args.fd = fd;
-  args.buf = buf;
-  args.bufsize = bufsize;
-  args.ctx = (struct openssl_transport_context*) arg;
+  struct openssl_transport_context *ctx = arg;
+  int ret = SSL_pending (ctx->conn);
 
-  if (run_with_timeout(opt.read_timeout, openssl_read_callback, &args)) {
+  if (ret)
+    ret = fn (ctx->conn, buf, MIN (bufsize, ret));
+  else
+    {
+      struct openssl_read_args args;
+      args.fd = fd;
+      args.buf = buf;
+      args.bufsize = bufsize;
+      args.fn = fn;
+      args.ctx = ctx;
+
+      if (timeout == -1)
+        timeout = opt.read_timeout;
+
+      if (run_with_timeout(timeout, openssl_read_peek_callback, &args))
+        {
+          errno = ETIMEDOUT;
+          ret = -1;
+        }
+      else
+        ret = args.retval;
+    }
+  return ret;
+}
+
+#else /* OPENSSL_RUN_WITHTIMEOUT */
+
+#ifdef F_GETFL
+#define NONBLOCK_DECL int flags = 0;
+#define FD_SET_NONBLOCKED(_fd) \
+  flags = fcntl (_fd, F_GETFL, 0); \
+  if (flags < 0) \
+    return flags; \
+  if (fcntl (_fd, F_SETFL, flags | O_NONBLOCK)) \
     return -1;
+#define FD_SET_BLOCKED(_fd)  \
+  if (fcntl (_fd, F_SETFL, flags) < 0) \
+    return -1;
+#else
+#define NONBLOCK_DECL
+#define FD_SET_NONBLOCKED(_fd) \
+  {\
+    const int one = 1;\
+    if (ioctl (_fd, FIONBIO, &one) < 0)\
+      return -1;\
+  }
+#define FD_SET_BLOCKED(_fd)  \
+  {\
+    const int zero = 0;\
+    if (ioctl (_fd, FIONBIO, &zero) < 0)\
+      return -1;\
   }
-  return args.retval;
+#endif /* F_GETFL */
+
+#define TIMER_INIT(_fd, _ret, _timeout) \
+  { \
+    NONBLOCK_DECL \
+    int timed_out = 0; \
+    FD_SET_NONBLOCKED(_fd) \
+    struct ptimer *timer = ptimer_new (); \
+    if (timer == NULL) \
+      _ret = -1; \
+    else \
+      { \
+        double next_timeout = _timeout;
+
+#define TIMER_FREE(_fd) \
+        ptimer_destroy (timer); \
+      } \
+    FD_SET_BLOCKED(_fd) \
+    if (timed_out) \
+      { \
+        errno = ETIMEDOUT; \
+      } \
+  }
+
+#define TIMER_WAIT(_fd, _conn, _ret, _timeout) \
+        { \
+          int wait_for; \
+          int err = SSL_get_error(_conn, _ret); \
+          if (err == SSL_ERROR_WANT_READ) \
+            wait_for = WAIT_FOR_READ; \
+          else if (err == SSL_ERROR_WANT_WRITE) \
+            wait_for = WAIT_FOR_WRITE; \
+          else \
+            break; \
+          err = select_fd_nb (_fd, next_timeout, wait_for); \
+          if (err <= 0) \
+            { \
+              if (err == 0) \
+timedout: \
+                timed_out = 1; \
+              _ret = -1; \
+              break; \
+            } \
+          next_timeout = _timeout - ptimer_measure (timer); \
+          if (next_timeout <= 0) \
+            goto timedout; \
+        }
+
+static int
+ssl_connect_with_timeout(int fd, SSL *conn, double timeout)
+{
+  int ret;
+
+  errno = 0;
+  if (timeout == 0)
+    ret = SSL_connect(conn);
+  else
+    {
+      TIMER_INIT(fd, ret, timeout)
+      ERR_clear_error();
+      while( (ret = SSL_connect(conn)) < 0 )
+        TIMER_WAIT(fd, conn, ret, timeout)
+      TIMER_FREE(fd)
+    }
+
+  return ret;
+}
+
+static int
+openssl_read_peek (int fd, char *buf, int bufsize, void *arg, double timeout, ssl_fn_t fn)
+{
+  struct openssl_transport_context *ctx = arg;
+  int ret = SSL_pending (ctx->conn);
+
+  if (timeout == -1)
+    timeout = opt.read_timeout;
+  /* If we have data available for immediate read, simply return that,
+     or do blocked read when timeout == 0 */
+  if (ret || timeout == 0)
+    do
+      {
+        ret = fn (ctx->conn, buf, (ret ? MIN (bufsize, ret) : bufsize));
+      }
+    while (ret == -1 && SSL_get_error (ctx->conn, ret) == SSL_ERROR_SYSCALL && errno == EINTR);
+  else
+    {
+      TIMER_INIT(fd, ret, timeout)
+      while( (ret = fn (ctx->conn, buf, bufsize)) <= 0 )
+        TIMER_WAIT(fd, ctx->conn, ret, timeout)
+      TIMER_FREE(fd)
+    }
+
+  return ret;
+}
+
+#endif /* OPENSSL_RUN_WITHTIMEOUT */
+
+static int
+openssl_read (int fd, char *buf, int bufsize, void *arg, double timeout)
+{
+  return openssl_read_peek (fd, buf, bufsize, arg, timeout, SSL_read);
 }
 
 static int
@@ -474,9 +670,7 @@ openssl_write (int fd _GL_UNUSED, char *buf, int bufsize, void *arg)
   SSL *conn = ctx->conn;
   do
     ret = SSL_write (conn, buf, bufsize);
-  while (ret == -1
-         && SSL_get_error (conn, ret) == SSL_ERROR_SYSCALL
-         && errno == EINTR);
+  while (ret == -1 && SSL_get_error (conn, ret) == SSL_ERROR_SYSCALL && errno == EINTR);
   return ret;
 }
 
@@ -485,27 +679,19 @@ openssl_poll (int fd, double timeout, int wait_for, void *arg)
 {
   struct openssl_transport_context *ctx = arg;
   SSL *conn = ctx->conn;
-  if (SSL_pending (conn))
-    return 1;
-  if (timeout == 0)
+  if ((wait_for & WAIT_FOR_READ) && SSL_pending (conn))
     return 1;
+  /* if (timeout == 0)
+    return 1; */
+  if (timeout == -1)
+    timeout = opt.read_timeout;
   return select_fd (fd, timeout, wait_for);
 }
 
 static int
-openssl_peek (int fd, char *buf, int bufsize, void *arg)
+openssl_peek (int fd, char *buf, int bufsize, void *arg, double timeout)
 {
-  int ret;
-  struct openssl_transport_context *ctx = arg;
-  SSL *conn = ctx->conn;
-  if (! openssl_poll (fd, 0.0, WAIT_FOR_READ, arg))
-    return 0;
-  do
-    ret = SSL_peek (conn, buf, bufsize);
-  while (ret == -1
-         && SSL_get_error (conn, ret) == SSL_ERROR_SYSCALL
-         && errno == EINTR);
-  return ret;
+  return openssl_read_peek (fd, buf, bufsize, arg, timeout, SSL_peek);
 }
 
 static const char *
@@ -581,19 +767,6 @@ static struct transport_implementation openssl_transport = {
   openssl_peek, openssl_errstr, openssl_close
 };
 
-struct scwt_context
-{
-  SSL *ssl;
-  int result;
-};
-
-static void
-ssl_connect_with_timeout_callback(void *arg)
-{
-  struct scwt_context *ctx = (struct scwt_context *)arg;
-  ctx->result = SSL_connect(ctx->ssl);
-}
-
 static const char *
 _sni_hostname(const char *hostname)
 {
@@ -622,7 +795,6 @@ bool
 ssl_connect_wget (int fd, const char *hostname, int *continue_session)
 {
   SSL *conn;
-  struct scwt_context scwt_ctx;
   struct openssl_transport_context *ctx;
 
   DEBUGP (("Initiating SSL handshake.\n"));
@@ -673,14 +845,9 @@ ssl_connect_wget (int fd, const char *hostname, int *continue_session)
       goto error;
     }
 
-  scwt_ctx.ssl = conn;
-  if (run_with_timeout(opt.read_timeout, ssl_connect_with_timeout_callback,
-                       &scwt_ctx)) {
-    DEBUGP (("SSL handshake timed out.\n"));
-    goto timeout;
-  }
-  if (scwt_ctx.result <= 0 || !SSL_is_init_finished(conn))
-    goto error;
+  if (ssl_connect_with_timeout(fd, conn, opt.read_timeout) <= 0
+      || !SSL_is_init_finished(conn))
+    goto timedout;
 
   ctx = xnew0 (struct openssl_transport_context);
   ctx->conn = conn;
@@ -693,12 +860,17 @@ ssl_connect_wget (int fd, const char *hostname, int *continue_session)
   fd_register_transport (fd, &openssl_transport, ctx);
   DEBUGP (("Handshake successful; connected socket %d to SSL handle 0x%0*lx\n",
            fd, PTR_FORMAT (conn)));
+
+  ERR_clear_error ();
   return true;
 
+ timedout:
+  if (errno == ETIMEDOUT)
+    DEBUGP (("SSL handshake timed out.\n"));
+  else
  error:
-  DEBUGP (("SSL handshake failed.\n"));
+    DEBUGP (("SSL handshake failed.\n"));
   print_errors ();
- timeout:
   if (conn)
     SSL_free (conn);
   return false;
diff --git a/src/options.h b/src/options.h
index 881e2b2..9a02f3a 100644
--- a/src/options.h
+++ b/src/options.h
@@ -1,5 +1,5 @@
 /* struct options.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/progress.c b/src/progress.c
index 8e5709c..d8b57e3 100644
--- a/src/progress.c
+++ b/src/progress.c
@@ -1,5 +1,5 @@
 /* Download progress.
-   Copyright (C) 2001-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2001-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -51,7 +51,7 @@ struct progress_implementation {
   void (*update) (void *, wgint, double);
   void (*draw) (void *);
   void (*finish) (void *, double);
-  void (*set_params) (char *);
+  void (*set_params) (const char *);
 };
 
 /* Necessary forward declarations. */
@@ -60,13 +60,13 @@ static void *dot_create (const char *, wgint, wgint);
 static void dot_update (void *, wgint, double);
 static void dot_finish (void *, double);
 static void dot_draw (void *);
-static void dot_set_params (char *);
+static void dot_set_params (const char *);
 
 static void *bar_create (const char *, wgint, wgint);
 static void bar_update (void *, wgint, double);
 static void bar_draw (void *);
 static void bar_finish (void *, double);
-static void bar_set_params (char *);
+static void bar_set_params (const char *);
 
 static struct progress_implementation implementations[] = {
   { "dot", 0, dot_create, dot_update, dot_draw, dot_finish, dot_set_params },
@@ -112,7 +112,7 @@ set_progress_implementation (const char *name)
 {
   size_t i, namelen;
   struct progress_implementation *pi = implementations;
-  char *colon;
+  const char *colon;
 
   if (!name)
     name = DEFAULT_PROGRESS_IMPLEMENTATION;
@@ -184,6 +184,15 @@ progress_interactive_p (void *progress _GL_UNUSED)
 void
 progress_update (void *progress, wgint howmuch, double dltime)
 {
+  // sanitize input
+  if (dltime >= INT_MAX)
+    dltime = INT_MAX - 1;
+  else if (dltime < 0)
+    dltime = 0;
+
+  if (howmuch < 0)
+	  howmuch = 0;
+
   current_impl->update (progress, howmuch, dltime);
   current_impl->draw (progress);
 }
@@ -194,6 +203,12 @@ progress_update (void *progress, wgint howmuch, double dltime)
 void
 progress_finish (void *progress, double dltime)
 {
+  // sanitize input
+  if (dltime >= INT_MAX)
+    dltime = INT_MAX - 1;
+  else if (dltime < 0)
+    dltime = 0;
+
   current_impl->finish (progress, dltime);
 }
 
@@ -205,11 +220,11 @@ struct dot_progress {
   wgint total_length;           /* expected total byte count when the
                                    download finishes */
 
-  int accumulated;              /* number of bytes accumulated after
+  wgint accumulated;            /* number of bytes accumulated after
                                    the last printed dot */
 
   double dltime;                /* download time so far */
-  int rows;                     /* number of rows printed so far */
+  wgint rows;                   /* number of rows printed so far */
   int dots;                     /* number of dots printed in this row */
 
   double last_timer_value;
@@ -267,6 +282,21 @@ dot_create (const char *f_download _GL_UNUSED, wgint initial, wgint total)
 
 static const char *eta_to_human_short (int, bool);
 
+/* ADD_DOT_ROWS_THRS - minimal (1 << ADD_DOT_ROWS_THRS) ROWS to be added
+   to the current row if dp->accumulated too much.
+   Allows to reduce dot_draw io, times.
+   According to the way progress_update is currently has being called, this
+   should happens only when fuzzing, or (paranoia) if somehow buffer will
+   be too large.
+   Can be disabled by default if this is not fuzzing build. */
+#ifndef ADD_DOT_ROWS_THRS
+#if FUZZING
+#define ADD_DOT_ROWS_THRS 2
+#else
+#define ADD_DOT_ROWS_THRS 2
+#endif
+#endif /* ADD_DOT_ROWS_THRS */
+
 /* Prints the stats (percentage of completion, speed, ETA) for current
    row.  DLTIME is the time spent downloading the data in current
    row.
@@ -276,7 +306,11 @@ static const char *eta_to_human_short (int, bool);
    might be worthwhile to split it to two different functions.  */
 
 static void
+#if ADD_DOT_ROWS_THRS
+print_row_stats (struct dot_progress *dp, double dltime, bool last, wgint added_rows)
+#else
 print_row_stats (struct dot_progress *dp, double dltime, bool last)
+#endif
 {
   const wgint ROW_BYTES = opt.dot_bytes * opt.dots_in_line;
 
@@ -288,6 +322,9 @@ print_row_stats (struct dot_progress *dp, double dltime, bool last)
     /* For last row also count bytes accumulated after last dot */
     bytes_displayed += dp->accumulated;
 
+  if (bytes_displayed < 0)
+    bytes_displayed = 0;
+
   if (dp->total_length)
     {
       /* Round to floor value to provide gauge how much data *has*
@@ -298,12 +335,16 @@ print_row_stats (struct dot_progress *dp, double dltime, bool last)
     }
 
   {
-    static char names[] = {' ', 'K', 'M', 'G'};
+    static char names[] = {' ', 'K', 'M', 'G', 'T'};
     int units;
     double rate;
     wgint bytes_this_row;
     if (!last)
+#if ADD_DOT_ROWS_THRS
+      bytes_this_row = ROW_BYTES * added_rows;
+#else
       bytes_this_row = ROW_BYTES;
+#endif
     else
       /* For last row also include bytes accumulated after last dot.  */
       bytes_this_row = dp->dots * opt.dot_bytes + dp->accumulated;
@@ -323,10 +364,12 @@ print_row_stats (struct dot_progress *dp, double dltime, bool last)
          Belperchinov-Shabanski's "wget-new-percentage" patch.  */
       if (dp->total_length)
         {
-          wgint bytes_remaining = dp->total_length - bytes_displayed;
+          wgint bytes_remaining = dp->total_length > bytes_displayed ? dp->total_length - bytes_displayed : 0;
           /* The quantity downloaded in this download run. */
-          wgint bytes_sofar = bytes_displayed - dp->initial_length;
+          wgint bytes_sofar = bytes_displayed > dp->initial_length ? bytes_displayed - dp->initial_length : 1;
           double eta = dltime * bytes_remaining / bytes_sofar;
+          if (eta < 0)
+            eta = 0;
           if (eta < INT_MAX - 1)
             logprintf (LOG_PROGRESS, " %s",
                        eta_to_human_short ((int) (eta + 0.5), true));
@@ -348,6 +391,15 @@ print_row_stats (struct dot_progress *dp, double dltime, bool last)
 static void
 dot_update (void *progress, wgint howmuch, double dltime)
 {
+  // sanitize input
+  if (dltime >= INT_MAX)
+    dltime = INT_MAX - 1;
+  else if (dltime < 0)
+    dltime = 0;
+
+  if (howmuch < 0)
+	  howmuch = 0;
+
   struct dot_progress *dp = progress;
   dp->accumulated += howmuch;
   dp->dltime = dltime;
@@ -362,8 +414,9 @@ dot_draw (void *progress)
 
   log_set_flush (false);
 
-  for (; dp->accumulated >= dot_bytes; dp->accumulated -= dot_bytes)
+  while (dp->accumulated >= dot_bytes)
     {
+      dp->accumulated -= dot_bytes;
       if (dp->dots == 0)
         logprintf (LOG_PROGRESS, "\n%6sK",
                    number_to_static_string (dp->rows * ROW_BYTES / 1024));
@@ -375,10 +428,26 @@ dot_draw (void *progress)
       ++dp->dots;
       if (dp->dots >= opt.dots_in_line)
         {
-          ++dp->rows;
           dp->dots = 0;
-
+#if ADD_DOT_ROWS_THRS
+          {
+            wgint added_rows = 1;
+            if (dp->accumulated >= (ROW_BYTES << ADD_DOT_ROWS_THRS))
+              {
+                added_rows += dp->accumulated / ROW_BYTES;
+                dp->accumulated %= ROW_BYTES;
+              }
+            if (WGINT_MAX - dp->rows >= added_rows)
+              dp->rows += added_rows;
+            else
+              dp->rows = WGINT_MAX;
+            print_row_stats (dp, dp->dltime, false, added_rows);
+          }
+#else
+          if (dp->rows < WGINT_MAX)
+            ++dp->rows;
           print_row_stats (dp, dp->dltime, false);
+#endif /* ADD_DOT_ROWS_THRS */
         }
     }
 
@@ -406,7 +475,16 @@ dot_finish (void *progress, double dltime)
       logputs (LOG_PROGRESS, " ");
     }
 
+  // sanitize input
+  if (dltime >= INT_MAX)
+    dltime = INT_MAX - 1;
+  else if (dltime < 0)
+    dltime = 0;
+#if ADD_DOT_ROWS_THRS
+  print_row_stats (dp, dltime, true, 1);
+#else
   print_row_stats (dp, dltime, true);
+#endif
   logputs (LOG_VERBOSE, "\n\n");
   log_set_flush (false);
 
@@ -419,8 +497,9 @@ dot_finish (void *progress, double dltime)
    giga.  */
 
 static void
-dot_set_params (char *params)
+dot_set_params (const char *params)
 {
+  current_impl->interactive = false;
   if (!params || !*params)
     params = opt.dot_style;
 
@@ -473,8 +552,10 @@ dot_set_params (char *params)
 #define DEFAULT_SCREEN_WIDTH 80
 
 /* Minimum screen width we'll try to work with.  If this is too small,
-   create_image will overflow the buffer.  */
-#define MINIMUM_SCREEN_WIDTH 45
+   create_image will overflow the buffer.
+   width = width/4 + 1 + PROGRESS_PERCENT_LEN + PROGRESS_FILESIZE_LEN
+           + PROGRESS_DWNLOAD_RATE + PROGRESS_ETA_LEN => widh = 38*4/3 (+1) */
+#define MINIMUM_SCREEN_WIDTH 51
 
 /* The last known screen width.  This can be updated by the code that
    detects that SIGWINCH was received (but it's never updated from the
@@ -507,7 +588,7 @@ static volatile sig_atomic_t received_sigwinch;
 #define ETA_REFRESH_INTERVAL 0.99
 
 struct bar_progress {
-  const char *f_download;       /* Filename of the downloaded file */
+  char *f_download;             /* Filename of the downloaded file */
   wgint initial_length;         /* how many bytes have been downloaded
                                    previously. */
   wgint total_length;           /* expected total byte count when the
@@ -564,6 +645,72 @@ struct bar_progress {
 static void create_image (struct bar_progress *, double, bool);
 static void display_image (char *);
 
+#if USE_NLS_PROGRESS_BAR
+static size_t
+prepare_filename (char *dest, const char *src)
+{
+  size_t ret = 1;
+  if (src)
+    {
+      mbi_iterator_t iter;
+      mbchar_t mbc;
+      mbi_init (iter, src, strlen (src));
+      while (mbi_avail (iter))
+        {
+          size_t i;
+          mbc = mbi_cur(iter);
+          /* replace invalid || unprintable || zero-width mbc ws hexdgt code */
+          if (!mb_isprint (mbc) || !mb_width (mbc))
+            for (i=0; i < mb_len (mbc); i++)
+              {
+                if (dest)
+                  dest += sprintf (dest, "%%%02x", (unsigned char) *(mb_ptr(mbc) + i));
+                ret  += 3;
+              }
+          else
+            {
+              if (dest)
+                for (i=0; i < mb_len (mbc); i++)
+                  *dest++ = *(mb_ptr (mbc) + i);
+              ret += mb_len (mbc);
+            }
+          mbi_advance (iter);
+        }
+    }
+  if (dest)
+    *dest = 0;
+  return ret;
+}
+#else
+#include <ctype.h>
+static size_t
+prepare_filename (char *dest, const char *src)
+{
+  size_t ret = 1;
+  if (src)
+    while (*src)
+      {
+        /* isprint with some lang return false for some chars */
+        if(!iscntrl (*src))
+          {
+            if (dest)
+              *dest++ = *src;
+            ret++;
+          }
+        else
+          {
+            if (dest)
+              dest += sprintf (dest, "%%%02x", (unsigned char) *src );
+            ret += 3;
+          }
+        src++;
+      }
+  if (dest)
+    *dest = 0;
+  return ret;
+}
+#endif /* USE_NLS_PROGRESS_BAR */
+
 static void *
 bar_create (const char *f_download, wgint initial, wgint total)
 {
@@ -576,7 +723,11 @@ bar_create (const char *f_download, wgint initial, wgint total)
 
   bp->initial_length = initial;
   bp->total_length   = total;
-  bp->f_download     = f_download;
+  /* Zero-width mbc must be replaced to avoid buffer overflow.
+     Another way is to allocate a buffer that allows contain
+     full f_download, but in this case some escape sequences may break "bar" */
+  bp->f_download  = xmalloc (prepare_filename (NULL, f_download));
+  prepare_filename (bp->f_download, f_download);
 
   /* Initialize screen_width if this hasn't been done or if it might
      have changed, as indicated by receiving SIGWINCH.  */
@@ -594,8 +745,8 @@ bar_create (const char *f_download, wgint initial, wgint total)
   bp->width = screen_width - 1;
   /* + enough space for the terminating zero, and hopefully enough room
    * for multibyte characters. */
-#define BUF_LEN (bp->width + 100)
-  bp->buffer = xmalloc (BUF_LEN);
+#define BUF_LEN (bp->width * 2 + 100)
+  bp->buffer = xcalloc (BUF_LEN, 1);
 
   logputs (LOG_VERBOSE, "\n");
 
@@ -613,7 +764,10 @@ bar_update (void *progress, wgint howmuch, double dltime)
   struct bar_progress *bp = progress;
 
   bp->dltime = dltime;
-  bp->count += howmuch;
+  if (WGINT_MAX - (bp->count + bp->initial_length) >= howmuch)
+    bp->count += howmuch;
+  else
+    bp->count = WGINT_MAX - bp->initial_length;
   if (bp->total_length > 0
       && bp->count + bp->initial_length > bp->total_length)
     /* We could be downloading more than total_length, e.g. when the
@@ -645,7 +799,7 @@ bar_draw (void *progress)
       if (screen_width != old_width)
         {
           bp->width = screen_width - 1;
-          bp->buffer = xrealloc (bp->buffer, bp->width + 100);
+          bp->buffer = xrealloc (bp->buffer, BUF_LEN);
           force_screen_update = true;
         }
       received_sigwinch = 0;
@@ -676,6 +830,7 @@ bar_finish (void *progress, double dltime)
   logputs (LOG_VERBOSE, "\n");
   logputs (LOG_PROGRESS, "\n");
 
+  xfree (bp->f_download);
   xfree (bp->buffer);
   xfree (bp);
 }
@@ -793,27 +948,17 @@ update_speed_ring (struct bar_progress *bp, wgint howmuch, double dltime)
 static int
 count_cols (const char *mbs)
 {
-  wchar_t wc;
-  int     bytes;
-  int     remaining = strlen(mbs);
-  int     cols = 0;
-  int     wccols;
-
-  while (*mbs != '\0')
+  mbchar_t mbc;
+  mbi_iterator_t iter;
+  int cols = 0;
+  mbi_init (iter, mbs, strlen(mbs));
+  while (mbi_avail (iter))
     {
-      bytes = mbtowc (&wc, mbs, remaining);
-      assert (bytes != 0);  /* Only happens when *mbs == '\0' */
-      if (bytes == -1)
-        {
-          /* Invalid sequence. We'll just have to fudge it. */
-          return cols + remaining;
-        }
-      mbs += bytes;
-      remaining -= bytes;
-      wccols = wcwidth(wc);
-      cols += (wccols == -1? 1 : wccols);
+      mbc = mbi_cur (iter);
+      cols += mb_width (mbc);
+      mbi_advance (iter);
     }
-  return cols;
+ return cols;
 }
 
 static int
@@ -842,11 +987,14 @@ cols_to_bytes (const char *mbs, const int cols, int *ncols)
 }
 #else
 static int count_cols (const char *mbs) { return (int) strlen(mbs); }
+
 static int
-cols_to_bytes (const char *mbs _GL_UNUSED, const int cols, int *ncols)
+cols_to_bytes (const char *mbs, const int cols, int *ncols)
 {
-  *ncols = cols;
-  return cols;
+  int len = strlen(mbs);
+  int ret = len < cols ? len : cols;
+  *ncols = ret;
+  return ret;
 }
 #endif
 
@@ -945,20 +1093,30 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
   int cols_diff;
   const char *down_size;
 
-  memset (bp->buffer, '\0', BUF_LEN);
-
   if (progress_size < 5)
     progress_size = 0;
 
-  if (orig_filename_cols <= MAX_FILENAME_COLS)
+  // sanitize input
+  if (dl_total_time >= INT_MAX)
+    dl_total_time = INT_MAX - 1;
+  else if (dl_total_time < 0)
+    dl_total_time = 0;
+
+  if (orig_filename_cols < MAX_FILENAME_COLS)
     {
-      padding = MAX_FILENAME_COLS - orig_filename_cols;
-      p += sprintf (p, "%s ", bp->f_download);
+      p += sprintf (p, "%s", bp->f_download);
+      padding = MAX_FILENAME_COLS - orig_filename_cols + 1;
       memset (p, ' ', padding);
       p += padding;
     }
   else
     {
+/*
+      memcpy(p, bp->f_download, MAX_FILENAME_COLS);
+      p += MAX_FILENAME_COLS;
+      *p++ = ' ';
+    }
+*/
       int offset_cols;
       int bytes_in_filename, offset_bytes, col;
       int *cols_ret = &col;
@@ -996,6 +1154,7 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
       p += padding + 1;
     }
 
+
   /* "xx% " */
   if (bp->total_length > 0)
     {
@@ -1073,15 +1232,18 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
   /* " 234.56M" */
   down_size = human_readable (size, 1000, 2);
   cols_diff = PROGRESS_FILESIZE_LEN - count_cols (down_size);
-  memset (p, ' ', cols_diff);
-  p += cols_diff;
+  if (cols_diff > 0)
+    {
+      memset (p, ' ', cols_diff);
+      p += cols_diff;
+    }
   p += sprintf (p, "%s", down_size);
 
   /* " 12.52Kb/s or 12.52KB/s" */
   if (hist->total_time > 0 && hist->total_bytes)
     {
-      static const char *short_units[] = { " B/s", "KB/s", "MB/s", "GB/s" };
-      static const char *short_units_bits[] = { " b/s", "Kb/s", "Mb/s", "Gb/s" };
+      static const char *short_units[] = { " B/s", "KB/s", "MB/s", "GB/s", "TB/s" };
+      static const char *short_units_bits[] = { " b/s", "Kb/s", "Mb/s", "Gb/s", "Tb/s" };
       int units = 0;
       /* Calculate the download speed using the history ring and
          recent data that hasn't made it to the ring yet.  */
@@ -1143,8 +1305,10 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
       int nbytes;
       int ncols;
 
-      /* Note to translators: this should not take up more room than
-         available here (6 columns).  Abbreviate if necessary.  */
+      /* TRANSLATORS: The meaning is "elapsed time", and it is shown
+       * next to the progress bar once the download is done.
+       * This should not take up more room than
+       * available here (6 columns).  Abbreviate if necessary.  */
       strcpy (p, _("    in "));
       nbytes = strlen (p);
       ncols  = count_cols (p);
@@ -1154,16 +1318,25 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
       else
         ncols += sprintf (p + nbytes, "%ss", print_decimal (dl_total_time));
       p += ncols + bytes_cols_diff;
-      memset (p, ' ', PROGRESS_ETA_LEN - ncols);
-      p += PROGRESS_ETA_LEN - ncols;
+      if (ncols < PROGRESS_ETA_LEN)
+        {
+          memset (p, ' ', PROGRESS_ETA_LEN - ncols);
+          p += PROGRESS_ETA_LEN - ncols;
+        }
     }
 
+  *p = '\0';
+
   padding = bp->width - count_cols (bp->buffer);
   assert (padding >= 0 && "Padding length became non-positive!");
-  padding = padding > 0 ? padding : 0;
-  memset (p, ' ', padding);
-  p += padding;
-  *p = '\0';
+  if (padding > 0)
+  {
+//    if (padding > BUF_LEN - (p - bp->buffer) - 1)
+//    padding = BUF_LEN - (p - bp->buffer) - 1;
+    memset (p, ' ', padding);
+    p += padding;
+    *p = '\0';
+  }
 
   /* 2014-11-14  Darshit Shah  <darnir@gmail.com>
    * Assert that the length of the progress bar is lesser than the size of the
@@ -1191,18 +1364,27 @@ display_image (char *buf)
 }
 
 static void
-bar_set_params (char *params)
+bar_set_params (const char *params)
 {
+/* if run_with_timeout() will be used for read, needs to disable interactive bar,
+   or  on every timeout(1s) we will have 'retry' with error "decryption failed" */
+#if (defined(HAVE_LIBSSL) || defined(HAVE_LIBSSL32)) && defined(OPENSSL_RUN_WITHTIMEOUT)
+  current_impl->interactive = false;
+#else
+  current_impl->interactive = true;
+#endif
   if (params)
     {
-      char *param = strtok (params, ":");
-      do
+      for (const char *param = params; *param; )
         {
-          if (0 == strcmp (param, "force"))
+          if (!strncmp (param, "force", 5))
             current_impl_locked = 1;
-          else if (0 == strcmp (param, "noscroll"))
+          else if (!strncmp (param, "noscroll", 8))
             opt.noscroll = true;
-        } while ((param = strtok (NULL, ":")) != NULL);
+
+          if (*(param = strchrnul(param, ':')))
+            param++;
+        }
     }
 
   if (((opt.lfilename && opt.show_progress != 1)
@@ -1253,7 +1435,7 @@ progress_handle_sigwinch (int sig _GL_UNUSED)
 static const char *
 eta_to_human_short (int secs, bool condensed)
 {
-  static char buf[10];          /* 8 should be enough, but just in case */
+  static char buf[16]; /* enough space to be on the safe side */
   static int last = -1;
   const char *space = condensed ? "" : " ";
 
diff --git a/src/progress.h b/src/progress.h
index e650371..c05e9f3 100644
--- a/src/progress.h
+++ b/src/progress.h
@@ -1,5 +1,5 @@
 /* Download progress.
-   Copyright (C) 2001-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2001-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/ptimer.c b/src/ptimer.c
index 00a64e5..2e5efbc 100644
--- a/src/ptimer.c
+++ b/src/ptimer.c
@@ -1,5 +1,5 @@
 /* Portable timers.
-   Copyright (C) 2005-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2005-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/ptimer.h b/src/ptimer.h
index 1d6187c..14b2973 100644
--- a/src/ptimer.h
+++ b/src/ptimer.h
@@ -1,5 +1,5 @@
 /* Declarations for ptimer.c.
-   Copyright (C) 2005-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2005-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/recur.c b/src/recur.c
index b319048..8b408b6 100644
--- a/src/recur.c
+++ b/src/recur.c
@@ -1,5 +1,5 @@
 /* Handling of recursive HTTP retrieving.
-   Copyright (C) 1996-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/recur.h b/src/recur.h
index f2b9b6d..ea89d99 100644
--- a/src/recur.h
+++ b/src/recur.h
@@ -1,5 +1,5 @@
 /* Declarations for recur.c.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/res.c b/src/res.c
index f828111..0ed0df9 100644
--- a/src/res.c
+++ b/src/res.c
@@ -1,5 +1,5 @@
 /* Support for Robot Exclusion Standard (RES).
-   Copyright (C) 2001, 2006-2011, 2015, 2018-2019 Free Software
+   Copyright (C) 2001, 2006-2011, 2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of Wget.
@@ -391,7 +391,7 @@ res_parse_from_file (const char *filename)
   struct file_memory *fm = wget_read_file (filename);
   if (!fm)
     {
-      logprintf (LOG_NOTQUIET, _("Cannot open %s: %s"),
+      logprintf (LOG_NOTQUIET, _("Cannot open %s: %s\n"),
                  filename, strerror (errno));
       return NULL;
     }
@@ -419,7 +419,7 @@ free_specs (struct robot_specs *specs)
 #define DECODE_MAYBE(c, ptr) do {                               \
   if (c == '%' && c_isxdigit (ptr[1]) && c_isxdigit (ptr[2]))       \
     {                                                           \
-      char decoded = X2DIGITS_TO_NUM (ptr[1], ptr[2]);          \
+      unsigned char decoded = X2DIGITS_TO_NUM (ptr[1], ptr[2]);          \
       if (decoded != '/')                                       \
         {                                                       \
           c = decoded;                                          \
@@ -479,15 +479,6 @@ res_match_path (const struct robot_specs *specs, const char *path)
 
 static struct hash_table *registered_specs;
 
-/* Stolen from cookies.c. */
-#define SET_HOSTPORT(host, port, result) do {           \
-  int HP_len = strlen (host);                           \
-  result = alloca (HP_len + 1 + numdigit (port) + 1);   \
-  memcpy (result, host, HP_len);                        \
-  result[HP_len] = ':';                                 \
-  number_to_string (result + HP_len + 1, port);         \
-} while (0)
-
 /* Register RES specs that below to server on HOST:PORT.  They will
    later be retrievable using res_get_specs.  */
 
@@ -495,21 +486,27 @@ void
 res_register_specs (const char *host, int port, struct robot_specs *specs)
 {
   struct robot_specs *old;
-  char *hp, *hp_old;
-  SET_HOSTPORT (host, port, hp);
+  char buf[256], *hp, *hp_old;
+
+  if (((unsigned) snprintf (buf, sizeof (buf), "%s:%d", host, port)) >= sizeof (buf))
+    hp = aprintf("%s:%d", host, port);
+  else
+    hp = buf;
 
   if (!registered_specs)
     registered_specs = make_nocase_string_hash_table (0);
 
   if (hash_table_get_pair (registered_specs, hp, &hp_old, &old))
     {
+      if (hp != buf)
+        xfree (hp);
       if (old)
         free_specs (old);
       hash_table_put (registered_specs, hp_old, specs);
     }
   else
     {
-      hash_table_put (registered_specs, xstrdup (hp), specs);
+      hash_table_put (registered_specs, hp == buf ? xstrdup (hp) : hp, specs);
     }
 }
 
@@ -518,10 +515,16 @@ res_register_specs (const char *host, int port, struct robot_specs *specs)
 struct robot_specs *
 res_get_specs (const char *host, int port)
 {
-  char *hp;
-  SET_HOSTPORT (host, port, hp);
+  char buf[256], *hp;
+
   if (!registered_specs)
     return NULL;
+
+  if (((unsigned) snprintf (buf, sizeof (buf), "%s:%d", host, port)) >= sizeof (buf))
+    hp = aprintf("%s:%d", host, port);
+  else
+    hp = buf;
+
   return hash_table_get (registered_specs, hp);
 }
 
@@ -596,6 +599,7 @@ is_robots_txt_url (const char *url)
   return ret;
 }
 
+#if defined DEBUG_MALLOC || defined TESTING
 void
 res_cleanup (void)
 {
@@ -613,6 +617,7 @@ res_cleanup (void)
       registered_specs = NULL;
     }
 }
+#endif
 
 #ifdef TESTING
 
diff --git a/src/res.h b/src/res.h
index a4bd650..9235e39 100644
--- a/src/res.h
+++ b/src/res.h
@@ -1,5 +1,5 @@
 /* Declarations for res.c.
-   Copyright (C) 2001, 2007-2011, 2015, 2018-2019 Free Software
+   Copyright (C) 2001, 2007-2011, 2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of Wget.
diff --git a/src/retr.c b/src/retr.c
index ebea6e4..9a17be3 100644
--- a/src/retr.c
+++ b/src/retr.c
@@ -1,5 +1,5 @@
 /* File retrieval.
-   Copyright (C) 1996-2011, 2014-2015, 2018-2019 Free Software
+   Copyright (C) 1996-2011, 2014-2015, 2018-2020 Free Software
    Foundation, Inc.
 
 This file is part of GNU Wget.
@@ -417,6 +417,8 @@ fd_read_body (const char *downloaded_filename, int fd, FILE *out, wgint toread,
              timeout, so that the gauge can be updated regularly even
              when the data arrives very slowly or stalls.  */
           tmout = 0.95;
+          /* avoid wrong 'interactive timeout' */
+          errno = 0;
           if (opt.read_timeout)
             {
               double waittm;
@@ -425,7 +427,8 @@ fd_read_body (const char *downloaded_filename, int fd, FILE *out, wgint toread,
                 {
                   /* Don't let total idle time exceed read timeout. */
                   tmout = opt.read_timeout - waittm;
-                  if (tmout < 0)
+                  /* if 0 fd_read can be 'blocked read' */
+                  if (tmout <= 0)
                     {
                       /* We've already exceeded the timeout. */
                       ret = -1, errno = ETIMEDOUT;
@@ -559,10 +562,12 @@ fd_read_body (const char *downloaded_filename, int fd, FILE *out, wgint toread,
   if (progress)
     progress_finish (progress, ptimer_read (timer));
 
-  if (elapsed)
-    *elapsed = ptimer_read (timer);
   if (timer)
-    ptimer_destroy (timer);
+    {
+      if (elapsed)
+        *elapsed = ptimer_read (timer);
+      ptimer_destroy (timer);
+    }
 
 #ifdef HAVE_LIBZ
   if (gzbuf != NULL)
@@ -581,9 +586,9 @@ fd_read_body (const char *downloaded_filename, int fd, FILE *out, wgint toread,
         }
       xfree (gzbuf);
 
-      if (gzstream.total_in != sum_read)
+      if (gzstream.total_in != (uLong) sum_read)
         {
-          DEBUGP(("zlib read size differs from raw read size (%lu/%lu)\n",
+          DEBUGP(("zlib read size differs from raw read size (%lu/%ld)\n",
                   gzstream.total_in, sum_read));
         }
     }
@@ -809,14 +814,12 @@ double
 calc_rate (wgint bytes, double secs, int *units)
 {
   double dlrate;
-  double bibyte = 1000.0;
+  double bibyte;
 
   if (!opt.report_bps)
     bibyte = 1024.0;
-
-
-  assert (secs >= 0);
-  assert (bytes >= 0);
+  else
+    bibyte = 1000.0;
 
   if (secs == 0)
     /* If elapsed time is exactly zero, it means we're under the
@@ -825,17 +828,20 @@ calc_rate (wgint bytes, double secs, int *units)
        0 and the timer's resolution, assume half the resolution.  */
     secs = ptimer_resolution () / 2.0;
 
-  dlrate = convert_to_bits (bytes) / secs;
+  dlrate = secs ? convert_to_bits (bytes) / secs : 0;
   if (dlrate < bibyte)
     *units = 0;
   else if (dlrate < (bibyte * bibyte))
     *units = 1, dlrate /= bibyte;
   else if (dlrate < (bibyte * bibyte * bibyte))
     *units = 2, dlrate /= (bibyte * bibyte);
-
-  else
-    /* Maybe someone will need this, one day. */
+  else if (dlrate < (bibyte * bibyte * bibyte * bibyte))
     *units = 3, dlrate /= (bibyte * bibyte * bibyte);
+  else {
+    *units = 4, dlrate /= (bibyte * bibyte * bibyte * bibyte);
+    if (dlrate > 99.99)
+		 dlrate = 99.99; // upper limit 99.99TB/s
+  }
 
   return dlrate;
 }
@@ -933,6 +939,8 @@ retrieve_url (struct url * orig_parsed, const char *origurl, char **file,
           iri_free (pi);
           RESTORE_METHOD;
           result = PROXERR;
+          if (orig_parsed != u)
+            url_free (u);
           goto bail;
         }
       if (proxy_url->scheme != SCHEME_HTTP && proxy_url->scheme != u->scheme)
@@ -944,6 +952,8 @@ retrieve_url (struct url * orig_parsed, const char *origurl, char **file,
           iri_free (pi);
           RESTORE_METHOD;
           result = PROXERR;
+          if (orig_parsed != u)
+            url_free (u);
           goto bail;
         }
       iri_free(pi);
@@ -1154,9 +1164,7 @@ retrieve_url (struct url * orig_parsed, const char *origurl, char **file,
     xfree (local_file);
 
   if (orig_parsed != u)
-    {
-      url_free (u);
-    }
+    url_free (u);
 
   if (redirection_count || iri_fallbacked)
     {
@@ -1408,10 +1416,10 @@ rotate_backups(const char *fname)
 # define AVSL 0
 #endif
 
-  int maxlen = strlen (fname) + sizeof (SEP) + numdigit (opt.backups) + AVSL;
-  char *from = alloca (maxlen);
-  char *to = alloca (maxlen);
+  /* avoid alloca() here */
+  char from[1024], to[1024];
   struct stat sb;
+  bool overflow;
   int i;
 
   if (stat (fname, &sb) == 0)
@@ -1428,19 +1436,24 @@ rotate_backups(const char *fname)
        */
       if (i == opt.backups)
         {
-          snprintf (to, sizeof(to), "%s%s%d%s", fname, SEP, i, AVS);
-          delete (to);
+          if (((unsigned) snprintf (to, sizeof (to), "%s%s%d%s", fname, SEP, i, AVS)) >= sizeof (to))
+            logprintf (LOG_NOTQUIET, "Failed to delete %s: File name truncation\n", to);
+          else
+            delete (to);
         }
 #endif
-      snprintf (to, maxlen, "%s%s%d", fname, SEP, i);
-      snprintf (from, maxlen, "%s%s%d", fname, SEP, i - 1);
-      if (rename (from, to))
+      if ((overflow = ((unsigned) snprintf (to, sizeof (to), "%s%s%d", fname, SEP, i)) >= sizeof (to)))
+	     errno = ENAMETOOLONG;
+      else if ((overflow = ((unsigned) snprintf (from, sizeof (from), "%s%s%d", fname, SEP, i - 1)) >= sizeof (from)))
+	     errno = ENAMETOOLONG;
+      if (overflow || rename (from, to))
         logprintf (LOG_NOTQUIET, "Failed to rename %s to %s: (%d) %s\n",
                    from, to, errno, strerror (errno));
     }
 
-  snprintf (to, maxlen, "%s%s%d", fname, SEP, 1);
-  if (rename(fname, to))
+  if ((overflow = ((unsigned) snprintf (to, sizeof (to), "%s%s%d", fname, SEP, 1)) >= sizeof (to)))
+    errno = ENAMETOOLONG;
+  if (overflow || rename(fname, to))
     logprintf (LOG_NOTQUIET, "Failed to rename %s to %s: (%d) %s\n",
                fname, to, errno, strerror (errno));
 }
diff --git a/src/retr.h b/src/retr.h
index 730d8b3..9da2a27 100644
--- a/src/retr.h
+++ b/src/retr.h
@@ -1,5 +1,5 @@
 /* Declarations for retr.c.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/spider.c b/src/spider.c
index df80c14..8727185 100644
--- a/src/spider.c
+++ b/src/spider.c
@@ -1,5 +1,6 @@
 /* Keep track of visited URLs in spider mode.
-   Copyright (C) 2006-2011, 2015, 2019 Free Software Foundation, Inc.
+   Copyright (C) 2006-2011, 2015, 2019-2020 Free Software Foundation,
+   Inc.
 
 This file is part of GNU Wget.
 
@@ -44,12 +45,14 @@ static struct hash_table *nonexisting_urls_set;
 
 /* Cleanup the data structures associated with this file.  */
 
+#if defined DEBUG_MALLOC || defined TESTING
 void
 spider_cleanup (void)
 {
   if (nonexisting_urls_set)
     string_set_free (nonexisting_urls_set);
 }
+#endif
 
 /* Remembers broken links.  */
 void
diff --git a/src/spider.h b/src/spider.h
index d515e8f..48e0ae8 100644
--- a/src/spider.h
+++ b/src/spider.h
@@ -1,5 +1,6 @@
 /* Declarations for spider.c
-   Copyright (C) 2006-2011, 2015, 2019 Free Software Foundation, Inc.
+   Copyright (C) 2006-2011, 2015, 2019-2020 Free Software Foundation,
+   Inc.
 
 This file is part of GNU Wget.
 
diff --git a/src/ssl.h b/src/ssl.h
index e0c7766..e348252 100644
--- a/src/ssl.h
+++ b/src/ssl.h
@@ -1,5 +1,5 @@
 /* SSL support.
-   Copyright (C) 2000-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2000-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
    Originally contributed by Christian Fraenkel.
 
@@ -33,6 +33,7 @@ as that of the covered work.  */
 #define GEN_SSLFUNC_H
 
 bool ssl_init (void);
+void ssl_cleanup (void);
 bool ssl_connect_wget (int, const char *, int *);
 bool ssl_check_certificate (int, const char *);
 
diff --git a/src/sysdep.h b/src/sysdep.h
index c17fa01..f623e8d 100644
--- a/src/sysdep.h
+++ b/src/sysdep.h
@@ -1,5 +1,5 @@
 /* Dirty system-dependent hacks.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -36,7 +36,6 @@ as that of the covered work.  */
 
 /* Provided by gnulib on systems that don't have it: */
 
-#include <alloca.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <stdint.h>
diff --git a/src/url.c b/src/url.c
index 2c49023..950002b 100644
--- a/src/url.c
+++ b/src/url.c
@@ -1,5 +1,5 @@
 /* URL handling.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -175,8 +175,8 @@ static const unsigned char urlchr_table[256] =
 static void
 url_unescape_1 (char *s, unsigned char mask)
 {
-  char *t = s;                  /* t - tortoise */
-  char *h = s;                  /* h - hare     */
+  unsigned char *t = (unsigned char *) s; /* t - tortoise */
+  unsigned char *h = (unsigned char *) s; /* h - hare     */
 
   for (; *h; h++, t++)
     {
@@ -187,7 +187,7 @@ url_unescape_1 (char *s, unsigned char mask)
         }
       else
         {
-          char c;
+          unsigned char c;
           /* Do nothing if '%' is not followed by two hex digits. */
           if (!h[1] || !h[2] || !(c_isxdigit (h[1]) && c_isxdigit (h[2])))
             goto copychar;
@@ -1462,23 +1462,36 @@ append_uri_pathel (const char *b, const char *e, bool escaped,
                    struct growable *dest)
 {
   const char *p;
+  char buf[1024];
+  char *unescaped = NULL;
   int quoted, outlen;
-
   int mask;
+
+  if (!dest)
+    return;
+
   if (opt.restrict_files_os == restrict_unix)
     mask = filechr_not_unix;
   else if (opt.restrict_files_os == restrict_vms)
     mask = filechr_not_vms;
   else
     mask = filechr_not_windows;
+
   if (opt.restrict_files_ctrl)
     mask |= filechr_control;
 
   /* Copy [b, e) to PATHEL and URL-unescape it. */
   if (escaped)
     {
-      char *unescaped;
-      BOUNDED_TO_ALLOCA (b, e, unescaped);
+      size_t len = e - b;
+		if (len < sizeof (buf))
+        unescaped = buf;
+      else
+        unescaped = xmalloc(len + 1);
+
+		memcpy(unescaped, b, len);
+		unescaped[len] = 0;
+
       url_unescape (unescaped);
       b = unescaped;
       e = unescaped + strlen (unescaped);
@@ -1545,6 +1558,9 @@ append_uri_pathel (const char *b, const char *e, bool escaped,
 
   TAIL_INCR (dest, outlen);
   append_null (dest);
+
+  if (unescaped && unescaped != buf)
+	  free (unescaped);
 }
 
 #ifdef HAVE_ICONV
@@ -1847,7 +1863,7 @@ url_file_name (const struct url *u, char *replaced_filename)
     }
   else
     {
-      unique = unique_name (fname, true);
+      unique = unique_name_passthrough (fname);
       if (unique != fname)
         xfree (fname);
     }
diff --git a/src/url.h b/src/url.h
index c672f1c..9313c2f 100644
--- a/src/url.h
+++ b/src/url.h
@@ -1,5 +1,5 @@
 /* Declarations for url.c.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
diff --git a/src/utils.c b/src/utils.c
index 89a87b0..89a8687 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -1,5 +1,5 @@
 /* Various utility functions.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -464,10 +464,10 @@ datetime_str (time_t t)
 
 #ifdef __VMS
 
-void
+bool
 fork_to_background (void)
 {
-  return;
+  return false;
 }
 
 #else /* def __VMS */
@@ -659,7 +659,7 @@ unique_name_1 (const char *prefix)
 {
   int count = 1;
   int plen = strlen (prefix);
-  char *template = (char *)alloca (plen + 1 + 24);
+  char *template = xmalloc (plen + 1 + 24);
   char *template_tail = template + plen;
 
   memcpy (template, prefix, plen);
@@ -667,9 +667,9 @@ unique_name_1 (const char *prefix)
 
   do
     number_to_string (template_tail, count++);
-  while (file_exists_p (template, NULL));
+  while (file_exists_p (template, NULL) && count < 999999);
 
-  return xstrdup (template);
+  return template;
 }
 
 /* Return a unique file name, based on FILE.
@@ -686,21 +686,27 @@ unique_name_1 (const char *prefix)
    by this function exists until you open it with O_EXCL or
    equivalent.
 
-   If ALLOW_PASSTHROUGH is 0, it always returns a freshly allocated
-   string.  Otherwise, it may return FILE if the file doesn't exist
+   unique_name() always returns a freshly allocated string.
+
+   unique_name_passthrough() may return FILE if the file doesn't exist
    (and therefore doesn't need changing).  */
 
 char *
-unique_name (const char *file, bool allow_passthrough)
+unique_name_passthrough (const char *file)
 {
   /* If the FILE itself doesn't exist, return it without
-     modification. */
-  if (!file_exists_p (file, NULL))
-    return allow_passthrough ? (char *)file : xstrdup (file);
+     modification. Otherwise, find a numeric suffix that results in unused
+     file name and return it.  */
+  return file_exists_p (file, NULL) ? unique_name_1 (file) : (char *) file;
+}
 
-  /* Otherwise, find a numeric suffix that results in unused file name
-     and return it.  */
-  return unique_name_1 (file);
+char *
+unique_name (const char *file)
+{
+  /* If the FILE itself doesn't exist, return it without
+     modification. Otherwise, find a numeric suffix that results in unused
+     file name and return it.  */
+  return file_exists_p (file, NULL) ? unique_name_1 (file) : xstrdup (file);
 }
 
 #else /* def UNIQ_SEP */
@@ -709,10 +715,17 @@ unique_name (const char *file, bool allow_passthrough)
    possible.
 */
 char *
-unique_name (const char *file, bool allow_passthrough)
+unique_name_passthrough (const char *file, bool allow_passthrough)
+{
+  /* Return the FILE itself, without modification, irregardful. */
+  return (char *) file);
+}
+char *
+
+unique_name (const char *file)
 {
   /* Return the FILE itself, without modification, irregardful. */
-  return allow_passthrough ? (char *)file : xstrdup (file);
+  return xstrdup (file);
 }
 
 #endif /* def UNIQ_SEP [else] */
@@ -726,12 +739,12 @@ FILE *
 unique_create (const char *name, bool binary, char **opened_name)
 {
   /* unique file name, based on NAME */
-  char *uname = unique_name (name, false);
+  char *uname = unique_name (name);
   FILE *fp;
   while ((fp = fopen_excl (uname, binary)) == NULL && errno == EEXIST)
     {
       xfree (uname);
-      uname = unique_name (name, false);
+      uname = unique_name (name);
     }
   if (opened_name)
     {
@@ -886,7 +899,7 @@ fopen_stat(const char *fname, const char *mode, file_stats_t *fstats)
        fdstats.st_ino != fstats->st_ino))
   {
     /* File changed since file_exists_p() : NOT SAFE */
-    logprintf (LOG_NOTQUIET, _("File %s changed since the last check. Security check failed."), fname);
+    logprintf (LOG_NOTQUIET, _("File %s changed since the last check. Security check failed.\n"), fname);
     fclose (fp);
     return NULL;
   }
@@ -937,7 +950,7 @@ open_stat(const char *fname, int flags, mode_t mode, file_stats_t *fstats)
        fdstats.st_ino != fstats->st_ino))
   {
     /* File changed since file_exists_p() : NOT SAFE */
-    logprintf (LOG_NOTQUIET, _("Trying to open file %s but it changed since last check. Security check failed."), fname);
+    logprintf (LOG_NOTQUIET, _("Trying to open file %s but it changed since last check. Security check failed.\n"), fname);
     close (fd);
     return -1;
   }
@@ -956,11 +969,19 @@ int
 make_directory (const char *directory)
 {
   int i, ret, quit = 0;
+  char buf[1024];
   char *dir;
+  size_t len = strlen (directory);
 
   /* Make a copy of dir, to be able to write to it.  Otherwise, the
      function is unsafe if called with a read-only char *argument.  */
-  STRDUP_ALLOCA (dir, directory);
+  if (len < sizeof(buf))
+    {
+      memcpy(buf, directory, len + 1);
+      dir = buf;
+	}
+  else
+    dir = xstrdup(directory);
 
   /* If the first character of dir is '/', skip it (and thus enable
      creation of absolute-pathname directories.  */
@@ -983,6 +1004,10 @@ make_directory (const char *directory)
       else
         dir[i] = '/';
     }
+
+  if (dir != buf)
+	  xfree (dir);
+
   return ret;
 }
 
@@ -1017,23 +1042,10 @@ file_merge (const char *base, const char *file)
 int
 fnmatch_nocase (const char *pattern, const char *string, int flags)
 {
-#ifdef FNM_CASEFOLD
   /* The FNM_CASEFOLD flag started as a GNU extension, but it is now
-     also present on *BSD platforms, and possibly elsewhere.  */
+     also present on *BSD platforms, and possibly elsewhere.
+     Gnulib provides this flag in case it doesn't exist.  */
   return fnmatch (pattern, string, flags | FNM_CASEFOLD);
-#else
-  /* Turn PATTERN and STRING to lower case and call fnmatch on them. */
-  char *patcopy = (char *) alloca (strlen (pattern) + 1);
-  char *strcopy = (char *) alloca (strlen (string) + 1);
-  char *p;
-  for (p = patcopy; *pattern; pattern++, p++)
-    *p = c_tolower (*pattern);
-  *p = '\0';
-  for (p = strcopy; *string; string++, p++)
-    *p = c_tolower (*string);
-  *p = '\0';
-  return fnmatch (patcopy, strcopy, flags);
-#endif
 }
 
 static bool in_acclist (const char *const *, const char *, bool);
@@ -1668,7 +1680,7 @@ with_thousand_seps (wgint n)
    some detail.  */
 
 char *
-human_readable (HR_NUMTYPE n, const int acc, const int decimals)
+human_readable (wgint n, const int acc, const int decimals)
 {
   /* These suffixes are compatible with those of GNU `ls -lh'. */
   static char powers[] =
@@ -1786,12 +1798,6 @@ number_to_string (char *buffer, wgint number)
 
   int last_digit_char = 0;
 
-#if (SIZEOF_WGINT != 4) && (SIZEOF_WGINT != 8)
-  /* We are running in a very strange environment.  Leave the correct
-     printing to sprintf.  */
-  p += sprintf (buf, "%j", (intmax_t) (n));
-#else  /* (SIZEOF_WGINT == 4) || (SIZEOF_WGINT == 8) */
-
   if (n < 0)
     {
       if (n < -WGINT_MAX)
@@ -1826,14 +1832,6 @@ number_to_string (char *buffer, wgint number)
   else if (n < 10000000)                 DIGITS_7 (1000000);
   else if (n < 100000000)                DIGITS_8 (10000000);
   else if (n < 1000000000)               DIGITS_9 (100000000);
-#if SIZEOF_WGINT == 4
-  /* wgint is 32 bits wide: no number has more than 10 digits. */
-  else                                   DIGITS_10 (1000000000);
-#else
-  /* wgint is 64 bits wide: handle numbers with 9-19 decimal digits.
-     Constants are constructed by compile-time multiplication to avoid
-     dealing with different notations for 64-bit constants
-     (nL/nLL/nI64, depending on the compiler and architecture).  */
   else if (n < 10*(W)1000000000)         DIGITS_10 (1000000000);
   else if (n < 100*(W)1000000000)        DIGITS_11 (10*(W)1000000000);
   else if (n < 1000*(W)1000000000)       DIGITS_12 (100*(W)1000000000);
@@ -1844,13 +1842,11 @@ number_to_string (char *buffer, wgint number)
   else if (n < 100000000*(W)1000000000)  DIGITS_17 (10000000*(W)1000000000);
   else if (n < 1000000000*(W)1000000000) DIGITS_18 (100000000*(W)1000000000);
   else                                   DIGITS_19 (1000000000*(W)1000000000);
-#endif
 
   if (last_digit_char)
     *p++ = last_digit_char;
 
   *p = '\0';
-#endif /* (SIZEOF_WGINT == 4) || (SIZEOF_WGINT == 8) */
 
   return p;
 }
diff --git a/src/utils.h b/src/utils.h
index 3cffd2a..b1ab901 100644
--- a/src/utils.h
+++ b/src/utils.h
@@ -1,5 +1,5 @@
 /* Declarations for utils.c.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -51,8 +51,6 @@ as that of the covered work.  */
 #define xnew_array(type, len) (xmalloc ((len) * sizeof (type)))
 #define xnew0_array(type, len) (xcalloc ((len), sizeof (type)))
 
-#define alloca_array(type, size) ((type *) alloca ((size) * sizeof (type)))
-
 #define xfree(p) do { free ((void *) (p)); p = NULL; } while (0)
 
 struct hash_table;
@@ -90,7 +88,8 @@ bool file_exists_p (const char *, file_stats_t *);
 bool file_non_directory_p (const char *);
 wgint file_size (const char *);
 int make_directory (const char *);
-char *unique_name (const char *, bool);
+char *unique_name_passthrough (const char *);
+char *unique_name (const char *);
 FILE *unique_create (const char *, bool, char **);
 FILE *fopen_excl (const char *, int);
 FILE *fopen_stat (const char *, const char *, file_stats_t *);
@@ -123,14 +122,8 @@ void free_keys_and_values (struct hash_table *);
 const char *with_thousand_seps (wgint);
 
 /* human_readable must be able to accept wgint and SUM_SIZE_INT
-   arguments.  On machines where wgint is 32-bit, declare it to accept
-   double.  */
-#if SIZEOF_WGINT >= 8
-# define HR_NUMTYPE wgint
-#else
-# define HR_NUMTYPE double
-#endif
-char *human_readable (HR_NUMTYPE, const int, const int);
+   arguments. */
+char *human_readable (wgint, const int, const int);
 
 
 int numdigit (wgint);
diff --git a/src/version.h b/src/version.h
index 95ae78a..49fb931 100644
--- a/src/version.h
+++ b/src/version.h
@@ -1,5 +1,5 @@
 /* Extern declarations for printing version information
-   Copyright (C) 2013, 2015, 2018-2019 Free Software Foundation, Inc.
+   Copyright (C) 2013, 2015, 2018-2020 Free Software Foundation, Inc.
 
 This file is part of GNU Wget.
 
diff --git a/src/warc.c b/src/warc.c
index 74c8ad9..f602444 100644
--- a/src/warc.c
+++ b/src/warc.c
@@ -1,5 +1,5 @@
 /* Utility functions for writing WARC files.
-   Copyright (C) 2011-2012, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 2011-2012, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -212,8 +212,19 @@ warc_write_start_record (void)
          In warc_write_end_record we will fill this space
          with information about the uncompressed and
          compressed size of the record. */
-      fseek (warc_current_file, EXTRA_GZIP_HEADER_SIZE, SEEK_CUR);
-      fflush (warc_current_file);
+      if (fseek (warc_current_file, EXTRA_GZIP_HEADER_SIZE, SEEK_CUR) < 0)
+        {
+          logprintf (LOG_NOTQUIET, _("Error setting WARC file position.\n"));
+          warc_write_ok = false;
+          return false;
+        }
+
+      if (fflush (warc_current_file) != 0)
+        {
+          logprintf (LOG_NOTQUIET, _("Error flushing WARC file to disk.\n"));
+          warc_write_ok = false;
+          return false;
+        }
 
       /* Start a new GZIP stream. */
       dup_fd = dup (fileno (warc_current_file));
@@ -316,7 +327,11 @@ warc_write_block_from_file (FILE *data_in)
 static bool
 warc_write_end_record (void)
 {
-  warc_write_buffer ("\r\n\r\n", 4);
+  if (warc_write_buffer ("\r\n\r\n", 4) != 4)
+    {
+      warc_write_ok = false;
+      return false;
+    }
 
 #ifdef HAVE_LIBZ
   /* We start a new gzip stream for each record.  */
@@ -357,8 +372,13 @@ warc_write_end_record (void)
       compressed_size = warc_current_gzfile_uncompressed_size;
 
       /* Go back to the static GZIP header. */
-      fseeko (warc_current_file, warc_current_gzfile_offset
+      result = fseeko (warc_current_file, warc_current_gzfile_offset
               + EXTRA_GZIP_HEADER_SIZE, SEEK_SET);
+      if (result != 0)
+        {
+          warc_write_ok = false;
+          return false;
+        }
 
       /* Read the header. */
       result = fread (static_header, 1, GZIP_STATIC_HEADER_SIZE,
@@ -631,7 +651,7 @@ warc_timestamp (char *timestamp, size_t timestamp_size)
    The string will be 47 characters long. */
 #if HAVE_LIBUUID
 void
-warc_uuid_str (char *urn_str)
+warc_uuid_str (char *urn_str, size_t urn_size)
 {
   char uuid_str[37];
   uuid_t record_id;
@@ -639,11 +659,11 @@ warc_uuid_str (char *urn_str)
   uuid_generate (record_id);
   uuid_unparse (record_id, uuid_str);
 
-  sprintf (urn_str, "<urn:uuid:%s>", uuid_str);
+  snprintf (urn_str, urn_size, "<urn:uuid:%s>", uuid_str);
 }
 #elif HAVE_UUID_CREATE
 void
-warc_uuid_str (char *urn_str)
+warc_uuid_str (char *urn_str, size_t urn_size)
 {
   char *uuid_str;
   uuid_t record_id;
@@ -651,7 +671,7 @@ warc_uuid_str (char *urn_str)
   uuid_create (&record_id, NULL);
   uuid_to_string (&record_id, &uuid_str, NULL);
 
-  sprintf (urn_str, "<urn:uuid:%s>", uuid_str);
+  snprintf (urn_str, urn_size, "<urn:uuid:%s>", uuid_str);
   xfree (uuid_str);
 }
 #else
@@ -662,7 +682,7 @@ typedef RPC_STATUS (RPC_ENTRY * UuidToString_proc) (UUID *, unsigned char **);
 typedef RPC_STATUS (RPC_ENTRY * RpcStringFree_proc) (unsigned char **);
 
 static int
-windows_uuid_str (char *urn_str)
+windows_uuid_str (char *urn_str, size_t urn_size)
 {
   static UuidCreate_proc pfn_UuidCreate = NULL;
   static UuidToString_proc pfn_UuidToString = NULL;
@@ -701,7 +721,7 @@ windows_uuid_str (char *urn_str)
 	{
 	  if (pfn_UuidToString (&uuid, &uuid_str) == RPC_S_OK)
 	    {
-	      sprintf (urn_str, "<urn:uuid:%s>", uuid_str);
+	      snprintf (urn_str, urn_size, "<urn:uuid:%s>", uuid_str);
 	      pfn_RpcStringFree (&uuid_str);
 	      return 1;
 	    }
@@ -719,7 +739,7 @@ windows_uuid_str (char *urn_str)
 
    The string will be 47 characters long. */
 void
-warc_uuid_str (char *urn_str)
+warc_uuid_str (char *urn_str, size_t urn_size)
 {
   /* RFC 4122, a version 4 UUID with only random numbers */
 
@@ -729,7 +749,7 @@ warc_uuid_str (char *urn_str)
 #ifdef WINDOWS
   /* If the native method fails (expected on older Windows versions),
      use the fallback below.  */
-  if (windows_uuid_str (urn_str))
+  if (windows_uuid_str (urn_str, urn_size))
     return;
 #endif
 
@@ -744,7 +764,7 @@ warc_uuid_str (char *urn_str)
 	*  clock_seq_hi_and_reserved to zero and one, respectively. */
   uuid_data[8] = (uuid_data[8] & 0xBF) | 0x80;
 
-  sprintf (urn_str,
+  snprintf (urn_str, urn_size,
     "<urn:uuid:%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x>",
     uuid_data[0], uuid_data[1], uuid_data[2], uuid_data[3], uuid_data[4],
     uuid_data[5], uuid_data[6], uuid_data[7], uuid_data[8], uuid_data[9],
@@ -765,7 +785,7 @@ warc_write_warcinfo_record (const char *filename)
   /* Write warc-info record as the first record of the file. */
   /* We add the record id of this info record to the other records in the
      file. */
-  warc_uuid_str (warc_current_warcinfo_uuid_str);
+  warc_uuid_str (warc_current_warcinfo_uuid_str, sizeof (warc_current_warcinfo_uuid_str));
 
   warc_timestamp (timestamp, sizeof(timestamp));
 
@@ -895,11 +915,10 @@ warc_start_new_file (bool meta)
 static bool
 warc_start_cdx_file (void)
 {
-  int filename_length = strlen (opt.warc_filename);
-  char *cdx_filename = alloca (filename_length + 4 + 1);
-  memcpy (cdx_filename, opt.warc_filename, filename_length);
-  memcpy (cdx_filename + filename_length, ".cdx", 5);
+  char *cdx_filename = aprintf("%s.cdx", opt.warc_filename);
   warc_current_cdx_file = fopen (cdx_filename, "a+");
+  free(cdx_filename);
+
   if (warc_current_cdx_file == NULL)
     return false;
 
@@ -1205,7 +1224,7 @@ warc_write_metadata (void)
   if (opt.warc_maxsize > 0)
     warc_start_new_file (true);
 
-  warc_uuid_str (manifest_uuid);
+  warc_uuid_str (manifest_uuid, sizeof (manifest_uuid));
 
   fflush (warc_manifest_fp);
   warc_write_metadata_record (manifest_uuid,
@@ -1423,7 +1442,7 @@ warc_write_revisit_record (const char *url, const char *timestamp_str,
   char block_digest[BASE32_LENGTH(SHA1_DIGEST_SIZE) + 1 + 5];
   char sha1_res_block[SHA1_DIGEST_SIZE];
 
-  warc_uuid_str (revisit_uuid);
+  warc_uuid_str (revisit_uuid, sizeof (revisit_uuid));
 
   sha1_stream (body, sha1_res_block);
   warc_base32_sha1_digest (sha1_res_block, block_digest, sizeof(block_digest));
@@ -1518,7 +1537,7 @@ warc_write_response_record (const char *url, const char *timestamp_str,
 
   /* Not a revisit, just store the record. */
 
-  warc_uuid_str (response_uuid);
+  warc_uuid_str (response_uuid, sizeof (response_uuid));
 
   fseeko (warc_current_file, 0L, SEEK_END);
   offset = ftello (warc_current_file);
@@ -1569,11 +1588,11 @@ warc_write_record (const char *record_type, const char *resource_uuid,
                  const ip_address *ip, const char *content_type, FILE *body,
                  off_t payload_offset)
 {
+  char uuid_buf[48];
+
   if (resource_uuid == NULL)
     {
-      /* using uuid_buf allows const for resource_uuid in function declaration */
-      char *uuid_buf = alloca (48);
-      warc_uuid_str (uuid_buf);
+      warc_uuid_str (uuid_buf, sizeof (uuid_buf));
       resource_uuid = uuid_buf;
     }
 
diff --git a/src/warc.h b/src/warc.h
index b34e9e0..7238cff 100644
--- a/src/warc.h
+++ b/src/warc.h
@@ -6,7 +6,7 @@
 
 void warc_init (void);
 void warc_close (void);
-void warc_uuid_str (char *id_str);
+void warc_uuid_str (char *id_str, size_t urn_size);
 
 char * warc_timestamp (char *timestamp, size_t timestamp_size);
 
diff --git a/src/wget.h b/src/wget.h
index 8543833..b6a9dca 100644
--- a/src/wget.h
+++ b/src/wget.h
@@ -1,5 +1,5 @@
 /* Miscellaneous declarations.
-   Copyright (C) 1996-2011, 2015, 2018-2019 Free Software Foundation,
+   Copyright (C) 1996-2011, 2015, 2018-2020 Free Software Foundation,
    Inc.
 
 This file is part of GNU Wget.
@@ -135,81 +135,20 @@ as that of the covered work.  */
    don't necessarily want to tie having a 64-bit type for internal
    calculations to having LFS support.  */
 
-#ifdef WINDOWS
-  /* nothing to do, see mswindows.h */
-#elif SIZEOF_LONG >= 8
-  /* long is large enough, so use it. */
-  typedef long wgint;
-# define SIZEOF_WGINT SIZEOF_LONG
-#elif SIZEOF_LONG_LONG >= 8
-  /* long long is large enough and available, use that */
-  typedef long long wgint;
-# define SIZEOF_WGINT SIZEOF_LONG_LONG
-#elif HAVE_INT64_T
-  typedef int64_t wgint;
-# define SIZEOF_WGINT 8
-#elif SIZEOF_OFF_T >= 8
-  /* In case off_t is typedeffed to a large non-standard type that our
-     tests don't find. */
-  typedef off_t wgint;
-# define SIZEOF_WGINT SIZEOF_OFF_T
-#else
-  /* Fall back to using long, which is always available and in most
-     cases large enough. */
-  typedef long wgint;
-# define SIZEOF_WGINT SIZEOF_LONG
-#endif
-
-/* Pick a strtol-compatible function that will work with wgint.  The
-   choices are strtol, strtoll, or our own implementation of strtoll
-   in cmpt.c, activated with NEED_STRTOLL.  */
-
-#ifdef WINDOWS
-  /* nothing to do, see mswindows.h */
-#elif SIZEOF_WGINT == SIZEOF_LONG
-# define str_to_wgint strtol
-#elif SIZEOF_WGINT == SIZEOF_LONG_LONG
-# define str_to_wgint strtoll
-# ifndef HAVE_STRTOLL
-#  define NEED_STRTOLL
-#  define strtoll_type long long
-# endif
-#else
-  /* wgint has a strange size; synthesize strtoll and use it. */
-# define str_to_wgint strtoll
-# define NEED_STRTOLL
-# define strtoll_type wgint
-#endif
-
-#define WGINT_MAX TYPE_MAXIMUM (wgint)
-
-/* Declare our strtoll replacement. */
-#ifdef NEED_STRTOLL
-strtoll_type strtoll (const char *, char **, int);
-#endif
-
-/* Now define a large numeric type useful for storing sizes of *sums*
-   of downloads, such as the value of the --quota option.  This should
-   be a type able to hold 2G+ values even on systems without large
-   file support.  (It is useful to limit Wget's download quota to say
-   10G even if a single file cannot be that large.)
+/* Gnulib's stdint.h module essentially guarantees the existence of int64_t.
+ * Thus we can simply assume it always exists and use it.
+ */
+#include <stdint.h>
 
-   To make sure we get the largest size possible, we use `double' on
-   systems without a 64-bit integral type.  (Since it is used in very
-   few places in Wget, this is acceptable.)  */
-
-#if SIZEOF_WGINT >= 8
-/* just use wgint */
+typedef int64_t wgint;
+#define WGINT_MAX INT64_MAX
 typedef wgint SUM_SIZE_INT;
-#else
-/* On systems without LFS, use double, which buys us integers up to 2^53. */
-typedef double SUM_SIZE_INT;
-#endif
+
+#define str_to_wgint strtol
 
 #include "options.h"
 
 /* Everything uses this, so include them here directly.  */
-#include <alloca.h>
 #ifdef __cplusplus
 #  undef _Noreturn
 #endif
@@ -239,10 +178,13 @@ typedef double SUM_SIZE_INT;
 #define xzero(x) memset (&(x), '\0', sizeof (x))
 
 /* Convert an ASCII hex digit to the corresponding number between 0
-   and 15.  H should be a hexadecimal digit that satisfies isxdigit;
+   and 15.  c should be a hexadecimal digit that satisfies c_isxdigit;
    otherwise, the result is undefined.  */
-#define XDIGIT_TO_NUM(h) ((h) < 'A' ? (h) - '0' : c_toupper (h) - 'A' + 10)
-#define X2DIGITS_TO_NUM(h1, h2) ((XDIGIT_TO_NUM (h1) << 4) + XDIGIT_TO_NUM (h2))
+static inline unsigned char _unhex(unsigned char c)
+{
+	return c <= '9' ? c - '0' : (c <= 'F' ? c - 'A' + 10 : c - 'a' + 10);
+}
+#define X2DIGITS_TO_NUM(h1, h2) ((_unhex (h1) << 4) + _unhex (h2))
 
 /* The reverse of the above: convert a number in the [0, 16) range to
    the ASCII representation of the corresponding hexadecimal digit.
@@ -250,18 +192,6 @@ typedef double SUM_SIZE_INT;
 #define XNUM_TO_DIGIT(x) ("0123456789ABCDEF"[x] + 0)
 #define XNUM_TO_digit(x) ("0123456789abcdef"[x] + 0)
 
-/* Copy the data delimited with BEG and END to alloca-allocated
-   storage, and zero-terminate it.  Arguments are evaluated only once,
-   in the order BEG, END, PLACE.  */
-#define BOUNDED_TO_ALLOCA(beg, end, place) do { \
-  const char *BTA_beg = (beg);                  \
-  int BTA_len = (end) - BTA_beg;                \
-  char **BTA_dest = &(place);                   \
-  *BTA_dest = alloca (BTA_len + 1);             \
-  memcpy (*BTA_dest, BTA_beg, BTA_len);         \
-  (*BTA_dest)[BTA_len] = '\0';                  \
-} while (0)
-
 /* Return non-zero if string bounded between BEG and END is equal to
    STRING_LITERAL.  The comparison is case-sensitive.  */
 #define BOUNDED_EQUAL(beg, end, string_literal)             \
@@ -273,19 +203,6 @@ typedef double SUM_SIZE_INT;
   ((end) - (beg) == sizeof (string_literal) - 1                 \
    && !c_strncasecmp (beg, string_literal, sizeof (string_literal) - 1))
 
-/* Like ptr=strdup(str), but allocates the space for PTR on the stack.
-   This cannot be an expression because this is not portable:
-     #define STRDUP_ALLOCA(str) (strcpy (alloca (strlen (str) + 1), str))
-   The problem is that some compilers can't handle alloca() being an
-   argument to a function.  */
-
-#define STRDUP_ALLOCA(ptr, str) do {                \
-  char **SA_dest = &(ptr);                          \
-  const char *SA_src = (str);                       \
-  *SA_dest = (char *)alloca (strlen (SA_src) + 1);  \
-  strcpy (*SA_dest, SA_src);                        \
-} while (0)
-
 /* Generally useful if you want to avoid arbitrary size limits but
    don't need a full dynamic array.  Assumes that BASEVAR points to a
    malloced array of TYPE objects (or possibly a NULL pointer, if
diff --git a/src/xattr.c b/src/xattr.c
index 05e902d..a5261f1 100644
--- a/src/xattr.c
+++ b/src/xattr.c
@@ -1,6 +1,6 @@
 /* xattr.h -- POSIX Extended Attribute support.
 
-   Copyright (C) 2016, 2018-2019 Free Software Foundation, Inc.
+   Copyright (C) 2016, 2018-2020 Free Software Foundation, Inc.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
diff --git a/src/xattr.h b/src/xattr.h
index bbe0fe4..20eebe0 100644
--- a/src/xattr.h
+++ b/src/xattr.h
@@ -1,6 +1,6 @@
 /* xattr.h -- POSIX Extended Attribute function mappings.
 
-   Copyright (C) 2016, 2018-2019 Free Software Foundation, Inc.
+   Copyright (C) 2016, 2018-2020 Free Software Foundation, Inc.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by