added lots, mostly the new auth-related option(s)

1 files changed, 35 insertions, 14 deletions

diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3
index 8aefb4ae8..2566ea0f5 100644
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -334,27 +334,47 @@ prompted for it. \fICURLOPT_PASSWDFUNCTION\fP can be used to set your own
 prompt function.
 .TP
 .B CURLOPT_HTTPAUTH
-Pass a long set to one of the curl_httpauth values, to tell libcurl what
-authentication method you want it to use. Set the actual name and password
-with the \fICURLOPT_USERPWD\fP option. (Added in 7.10.6)
+Pass a long as parameter, which is set to a bitmask, to tell libcurl what
+authentication method(s) you want it to use. The available bits are listed
+below. If more than one bit is set, libcurl will first query the site to see
+what authentication methods it supports and then pick the best one you allow
+it to use. Note that for some methods, this will induce an extra network
+round-trip. Set the actual name and password with the \fICURLOPT_USERPWD\fP
+option. (Added in 7.10.6)
 .RS
 .TP 5
 .B CURLHTTP_BASIC
-enables HTTP Basic authentication. This is the default choice, and the only
-method that is in wide-spread use and supported everywhere.
+HTTP Basic authentication. This is the default choice, and the only method
+that is in wide-spread use and supported virtually everywhere. This is sending
+the user name and password over the network in plain text, easily captured by
+others.
 .TP
 .B CURLHTTP_DIGEST
-enables HTTP Digest authentication.  Digest authentication is defined in
-RFC2617 and is a somewhat more secure way to do user+password checking over
-public networks than the regular old-fashioned Basic authentication. By
-default, libcurl uses Basic.
+HTTP Digest authentication.  Digest authentication is defined in RFC2617 and
+is a more secure way to do authentication over public networks than the
+regular old-fashioned Basic method.
 .TP
-.B CURLHTTP_NEGOTIATE
-enables HTTP Negotiate authentication.  The Negotiate method was designed by
+.B CURLHTTP_GSSNEGOTIATE
+HTTP GSS-Negotiate authentication. The GSS-Negotiate method was designed by
 Microsoft and is used in their web aplications. It is primarily meant as a
 support for Kerberos5 authentication but may be also used along with another
 authentication methods. For more information see IETF draft
 draft-brezak-spnego-http-04.txt.
+.TP
+.B CURLHTTP_NTLM
+HTTP NTLM authentication. A proprietary protocol invented and used by
+Microsoft. It uses a challenge-response and hash concept similar to Digest to
+prevent the password from being evesdropped.
+.TP
+.B CURLHTTP_ANY
+This is a convenience macro that sets all bits and thus makes libcurl pick any
+it finds suitable. libcurl will automaticly select the one it finds most
+secure.
+.TP
+.B CURLHTTP_ANYSAFE
+This is a convenience macro that sets all bits except Basic and thus makes
+libcurl pick any it finds suitable. libcurl will automaticly select the one it
+finds most secure.
 .RE
 .PP
 .SH HTTP OPTIONS
@@ -644,9 +664,10 @@ want the transfer to start from.
 .TP
 .B CURLOPT_CUSTOMREQUEST
 Pass a pointer to a zero terminated string as parameter. It will be user
-instead of GET or HEAD when doing the HTTP request. This is useful for doing
-DELETE or other more or less obscure HTTP requests. Don't do this at will,
-make sure your server supports the command first.
+instead of GET or HEAD when doing a HTTP request, or instead of LIST or NLST
+when doing an ftp directory listing. This is useful for doing DELETE or other
+more or less obscure HTTP requests. Don't do this at will, make sure your
+server supports the command first.
 
 NOTE: many people have wrongly used this option to replace the entire request
 with their own, including multiple headers and POST contents. While that might