aboutsummaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/curl.151
-rw-r--r--docs/libcurl/curl_easy_getinfo.33
-rw-r--r--docs/libcurl/curl_easy_setopt.336
-rw-r--r--docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.344
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_CAINFO.364
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_CAPATH.354
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_CRLFILE.361
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.346
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.356
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.349
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.351
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.351
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.381
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.366
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.362
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYHOST.388
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYPEER.382
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.348
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.353
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.346
-rw-r--r--docs/libcurl/opts/CURLOPT_SOCKS_PROXY.388
-rw-r--r--docs/libcurl/opts/CURLOPT_SOCKS_PROXYTYPE.355
-rw-r--r--docs/libcurl/opts/Makefile.am19
-rw-r--r--docs/libcurl/symbols-in-versions20
24 files changed, 1274 insertions, 0 deletions
diff --git a/docs/curl.1 b/docs/curl.1
index cfa17aed3..04346867e 100644
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -1468,6 +1468,33 @@ the default authentication method curl uses with proxies.
.IP "--proxy-digest"
Tells curl to use HTTP Digest authentication when communicating with the given
proxy. Use \fI--digest\fP for enabling HTTP Digest with a remote host.
+.IP "--proxy-cacert <CA certificate>"
+(SSL) Same as --cacert but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-capath <CA certificate directory>"
+(SSL) Same as --capath but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-cert <certificate[:password]>"
+(SSL) Same as \fI--cert\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-cert-type <type>"
+(SSL) Same as \fI--cert-type\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-ciphers <list of ciphers>"
+(SSL) Same as \fI--ciphers\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-crlfile <file>"
+(HTTPS) Same as \fI--crlfile\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-insecure"
+(SSL) Same as \fI--insecure\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-key <key>"
+(SSL) Same as \fI--key\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-key-type <type>"
+(SSL) Same as \fI--key-type\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
.IP "--proxy-negotiate"
Tells curl to use HTTP Negotiate (SPNEGO) authentication when communicating
with the given proxy. Use \fI--negotiate\fP for enabling HTTP Negotiate (SPNEGO)
@@ -1475,11 +1502,35 @@ with a remote host. (Added in 7.17.1)
.IP "--proxy-ntlm"
Tells curl to use HTTP NTLM authentication when communicating with the given
proxy. Use \fI--ntlm\fP for enabling NTLM with a remote host.
+.IP "--proxy-pass <phrase>"
+(SSL) Same as \fI--pass\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
.IP "--proxy-service-name <servicename>"
This option allows you to change the service name for proxy negotiation.
Examples: --proxy-negotiate proxy-name \fI--proxy-service-name\fP sockd would use
sockd/proxy-name. (Added in 7.43.0).
+.IP "--proxy-ssl-allow-beast"
+(SSL) Same as \fI--ssl-allow-beast\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-sslv2"
+(SSL) Same as \fI--sslv2\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-sslv3"
+(SSL) Same as \fI--sslv3\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-tlsauthtype <authtype>"
+Same as \fI--tlsauthtype\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-tlspassword <password>"
+Same as \fI--tlspassword\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-tlsuser <user>"
+Same as \fI--tlsuser\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
+.IP "--proxy-tlsv1"
+(SSL) Same as \fI--tlsv1\fP but used in HTTPS proxy context.
+(Added in 7.XXX)
.IP "--proxy1.0 <proxyhost[:port]>"
Use the specified HTTP 1.0 proxy. If the port number is not specified, it is
assumed at port 1080.
diff --git a/docs/libcurl/curl_easy_getinfo.3 b/docs/libcurl/curl_easy_getinfo.3
index 9ffcd14af..4f36561ac 100644
--- a/docs/libcurl/curl_easy_getinfo.3
+++ b/docs/libcurl/curl_easy_getinfo.3
@@ -104,6 +104,9 @@ See \fICURLINFO_REQUEST_SIZE(3)\fP
.IP CURLINFO_SSL_VERIFYRESULT
Certificate verification result.
See \fICURLINFO_SSL_VERIFYRESULT(3)\fP
+.IP CURLINFO_PROXY_SSL_VERIFYRESULT
+Proxy certificate verification result.
+See \fICURLINFO_PROXY_SSL_VERIFYRESULT(3)\fP
.IP CURLINFO_SSL_ENGINES
A list of OpenSSL crypto engines.
See \fICURLINFO_SSL_ENGINES(3)\fP
diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3
index b32e1c03b..590a47f8c 100644
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -159,10 +159,14 @@ Protocols to allow redirects to. See \fICURLOPT_REDIR_PROTOCOLS(3)\fP
Default protocol. See \fICURLOPT_DEFAULT_PROTOCOL(3)\fP
.IP CURLOPT_PROXY
Proxy to use. See \fICURLOPT_PROXY(3)\fP
+.IP CURLOPT_SOCKS_PROXY
+Socks proxy to use. See \fICURLOPT_SOCKS_PROXY(3)\fP
.IP CURLOPT_PROXYPORT
Proxy port to use. See \fICURLOPT_PROXYPORT(3)\fP
.IP CURLOPT_PROXYTYPE
Proxy type. See \fICURLOPT_PROXYTYPE(3)\fP
+.IP CURLOPT_SOCKS_PROXYTYPE
+Socks proxy type. See \fICURLOPT_SOCKS_PROXYTYPE(3)\fP
.IP CURLOPT_NOPROXY
Filter out hosts from proxy use. \fICURLOPT_NOPROXY(3)\fP
.IP CURLOPT_HTTPPROXYTUNNEL
@@ -228,10 +232,16 @@ Proxy password. See \fICURLOPT_PROXYPASSWORD(3)\fP
HTTP server authentication methods. See \fICURLOPT_HTTPAUTH(3)\fP
.IP CURLOPT_TLSAUTH_USERNAME
TLS authentication user name. See \fICURLOPT_TLSAUTH_USERNAME(3)\fP
+.IP CURLOPT_PROXY_TLSAUTH_USERNAME
+Proxy TLS authentication user name. See \fICURLOPT_PROXY_TLSAUTH_USERNAME(3)\fP
.IP CURLOPT_TLSAUTH_PASSWORD
TLS authentication password. See \fICURLOPT_TLSAUTH_PASSWORD(3)\fP
+.IP CURLOPT_PROXY_TLSAUTH_PASSWORD
+Proxy TLS authentication password. See \fICURLOPT_PROXY_TLSAUTH_PASSWORD(3)\fP
.IP CURLOPT_TLSAUTH_TYPE
TLS authentication methods. See \fICURLOPT_TLSAUTH_TYPE(3)\fP
+.IP CURLOPT_PROXY_TLSAUTH_TYPE
+Proxy TLS authentication methods. See \fICURLOPT_PROXY_TLSAUTH_TYPE(3)\fP
.IP CURLOPT_PROXYAUTH
HTTP proxy authentication methods. See \fICURLOPT_PROXYAUTH(3)\fP
.IP CURLOPT_SASL_IR
@@ -447,14 +457,24 @@ Timeout for waiting for the server's connect back to be accepted. See \fICURLOPT
.SH SSL and SECURITY OPTIONS
.IP CURLOPT_SSLCERT
Client cert. See \fICURLOPT_SSLCERT(3)\fP
+.IP CURLOPT_PROXY_SSLCERT
+Proxy client cert. See \fICURLOPT_PROXY_SSLCERT(3)\fP
.IP CURLOPT_SSLCERTTYPE
Client cert type. See \fICURLOPT_SSLCERTTYPE(3)\fP
+.IP CURLOPT_PROXY_SSLCERTTYPE
+Proxy client cert type. See \fICURLOPT_PROXY_SSLCERTTYPE(3)\fP
.IP CURLOPT_SSLKEY
Client key. See \fICURLOPT_SSLKEY(3)\fP
+.IP CURLOPT_PROXY_SSLKEY
+Proxy client key. See \fICURLOPT_PROXY_SSLKEY(3)\fP
.IP CURLOPT_SSLKEYTYPE
Client key type. See \fICURLOPT_SSLKEYTYPE(3)\fP
+.IP CURLOPT_PROXY_SSLKEYTYPE
+Proxy client key type. See \fICURLOPT_PROXY_SSLKEYTYPE(3)\fP
.IP CURLOPT_KEYPASSWD
Client key password. See \fICURLOPT_KEYPASSWD(3)\fP
+.IP CURLOPT_PROXY_KEYPASSWD
+Proxy client key password. See \fICURLOPT_PROXY_KEYPASSWD(3)\fP
.IP CURLOPT_SSL_ENABLE_ALPN
Enable use of ALPN. See \fICURLOPT_SSL_ENABLE_ALPN(3)\fP
.IP CURLOPT_SSL_ENABLE_NPN
@@ -467,20 +487,32 @@ Default SSL engine. See \fICURLOPT_SSLENGINE_DEFAULT(3)\fP
Enable TLS False Start. See \fICURLOPT_SSL_FALSESTART(3)\fP
.IP CURLOPT_SSLVERSION
SSL version to use. See \fICURLOPT_SSLVERSION(3)\fP
+.IP CURLOPT_PROXY_SSLVERSION
+Proxy SSL version to use. See \fICURLOPT_PROXY_SSLVERSION(3)\fP
.IP CURLOPT_SSL_VERIFYHOST
Verify the host name in the SSL certificate. See \fICURLOPT_SSL_VERIFYHOST(3)\fP
+.IP CURLOPT_PROXY_SSL_VERIFYHOST
+Verify the host name in the proxy SSL certificate. See \fICURLOPT_PROXY_SSL_VERIFYHOST(3)\fP
.IP CURLOPT_SSL_VERIFYPEER
Verify the SSL certificate. See \fICURLOPT_SSL_VERIFYPEER(3)\fP
+.IP CURLOPT_PROXY_SSL_VERIFYPEER
+Verify the proxy SSL certificate. See \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP
.IP CURLOPT_SSL_VERIFYSTATUS
Verify the SSL certificate's status. See \fICURLOPT_SSL_VERIFYSTATUS(3)\fP
.IP CURLOPT_CAINFO
CA cert bundle. See \fICURLOPT_CAINFO(3)\fP
+.IP CURLOPT_PROXY_CAINFO
+Proxy CA cert bundle. See \fICURLOPT_PROXY_CAINFO(3)\fP
.IP CURLOPT_ISSUERCERT
Issuer certificate. See \fICURLOPT_ISSUERCERT(3)\fP
.IP CURLOPT_CAPATH
Path to CA cert bundle. See \fICURLOPT_CAPATH(3)\fP
+.IP CURLOPT_PROXY_CAPATH
+Path to proxy CA cert bundle. See \fICURLOPT_PROXY_CAPATH(3)\fP
.IP CURLOPT_CRLFILE
Certificate Revocation List. See \fICURLOPT_CRLFILE(3)\fP
+.IP CURLOPT_PROXY_CRLFILE
+Proxy Certificate Revocation List. See \fICURLOPT_PROXY_CRLFILE(3)\fP
.IP CURLOPT_CERTINFO
Extract certificate info. See \fICURLOPT_CERTINFO(3)\fP
.IP CURLOPT_PINNEDPUBLICKEY
@@ -491,10 +523,14 @@ Provide source for entropy random data. See \fICURLOPT_RANDOM_FILE(3)\fP
Identify EGD socket for entropy. See \fICURLOPT_EGDSOCKET(3)\fP
.IP CURLOPT_SSL_CIPHER_LIST
Ciphers to use. See \fICURLOPT_SSL_CIPHER_LIST(3)\fP
+.IP CURLOPT_PROXY_SSL_CIPHER_LIST
+Proxy ciphers to use. See \fICURLOPT_PROXY_SSL_CIPHER_LIST(3)\fP
.IP CURLOPT_SSL_SESSIONID_CACHE
Disable SSL session-id cache. See \fICURLOPT_SSL_SESSIONID_CACHE(3)\fP
.IP CURLOPT_SSL_OPTIONS
Control SSL behavior. See \fICURLOPT_SSL_OPTIONS(3)\fP
+.IP CURLOPT_PROXY_SSL_OPTIONS
+Control proxy SSL behavior. See \fICURLOPT_PROXY_SSL_OPTIONS(3)\fP
.IP CURLOPT_KRBLEVEL
Kerberos security level. See \fICURLOPT_KRBLEVEL(3)\fP
.IP CURLOPT_GSSAPI_DELEGATION
diff --git a/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.3 b/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.3
new file mode 100644
index 000000000..8f09df5c4
--- /dev/null
+++ b/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.3
@@ -0,0 +1,44 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_PROXY_SSL_VERIFYRESULT 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_getinfo options"
+.SH NAME
+CURLINFO_PROXY_SSL_VERIFYRESULT \- get the result of the proxy certification verification
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_PROXY_SSL_VERIFYRESULT, long *result);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a pointer to a long to receive the result of the certification
+verification that was requested (using the \fICURLOPT_SSL_VERIFYPEER(3)\fP
+option.
+.SH PROTOCOLS
+All using TLS
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.5
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_CAINFO.3 b/docs/libcurl/opts/CURLOPT_PROXY_CAINFO.3
new file mode 100644
index 000000000..31fc562e8
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_CAINFO.3
@@ -0,0 +1,64 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_CAINFO 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_CAINFO \- path to proxy Certificate Authority (CA) bundle
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CAINFO, char *path);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a char * to a zero terminated string naming a file holding one or more
+certificates to verify the peer with.
+
+If \fICURLOPT_SSL_VERIFYPEER(3)\fP is zero and you avoid verifying the
+server's certificate, \fICURLOPT_CAINFO(3)\fP need not even indicate an
+accessible file.
+
+This option is by default set to the system path where libcurl's cacert bundle
+is assumed to be stored, as established at build time.
+
+If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
+(libnsspem.so) needs to be available for this option to work properly.
+
+(iOS and macOS only) If curl is built against Secure Transport, then this
+option is supported for backward compatibility with other SSL engines, but it
+should not be set. If the option is not set, then curl will use the
+certificates in the system and user Keychain to verify the peer, which is the
+preferred method of verifying the peer's certificate chain.
+.SH DEFAULT
+Built-in system specific
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+For SSL engines that don't support certificate files the CURLOPT_PROXY_CAINFO option
+is ignored. Refer to https://curl.haxx.se/docs/ssl-compared.html
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_CAPATH "(3), "
+.BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_SSL_VERIFYHOST "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3 b/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3
new file mode 100644
index 000000000..7c984538a
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3
@@ -0,0 +1,54 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_CAPATH 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_CAPATH \- specify directory holding proxy CA certificates
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CAPATH, char *capath);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a char * to a zero terminated string naming a directory holding multiple
+CA certificates to verify the peer with. If libcurl is built against OpenSSL,
+the certificate directory must be prepared using the openssl c_rehash utility.
+This makes sense only when used in combination with the
+\fICURLOPT_SSL_VERIFYPEER(3)\fP option.
+
+The \fICURLOPT_CAPATH(3)\fP function apparently does not work in Windows due
+to some limitation in openssl.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+This option is supported by the OpenSSL, GnuTLS and PolarSSL backends. The NSS
+backend provides the option only for backward compatibility.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS enabled, and CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_CAINFO "(3), "
+.BR CURLOPT_STDERR "(3), " CURLOPT_DEBUGFUNCTION "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_CRLFILE.3 b/docs/libcurl/opts/CURLOPT_PROXY_CRLFILE.3
new file mode 100644
index 000000000..956cc5691
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_CRLFILE.3
@@ -0,0 +1,61 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_CRLFILE 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_CRLFILE \- specify a proxy Certificate Revocation List file
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CRLFILE, char *file);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a char * to a zero terminated string naming a \fIfile\fP with the
+concatenation of CRL (in PEM format) to use in the certificate validation that
+occurs during the SSL exchange.
+
+When curl is built to use NSS or GnuTLS, there is no way to influence the use
+of CRL passed to help in the verification process. When libcurl is built with
+OpenSSL support, X509_V_FLAG_CRL_CHECK and X509_V_FLAG_CRL_CHECK_ALL are both
+set, requiring CRL check against all the elements of the certificate chain if
+a CRL file is passed.
+
+This option makes sense only when used in combination with the
+\fICURLOPT_SSL_VERIFYPEER(3)\fP option.
+
+A specific error code (\fICURLE_SSL_CRL_BADFILE\fP) is defined with the
+option. It is returned when the SSL exchange fails because the CRL file cannot
+be loaded. A failure in certificate verification due to a revocation
+information found in the CRL does not trigger this specific error.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All TLS-based protocols
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.51.1
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_SSL_VERIFYHOST "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.3 b/docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.3
new file mode 100644
index 000000000..5f328020e
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.3
@@ -0,0 +1,46 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_KEYPASSWD 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_KEYPASSWD \- set passphrase to proxy private key
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_KEYPASSWD, char *pwd);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a pointer to a zero terminated string as parameter. It will be used as
+the password required to use the \fICURLOPT_SSLKEY(3)\fP or
+\fICURLOPT_SSH_PRIVATE_KEYFILE(3)\fP private key. You never needed a pass
+phrase to load a certificate but you need one to load your private key.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+TODO
+.SH RETURN VALUE
+Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_SSLKEY "(3), " CURLOPT_SSH_PRIVATE_KEYFILE "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.3 b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.3
new file mode 100644
index 000000000..8ce38592d
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.3
@@ -0,0 +1,56 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSLCERT 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSLCERT \- set SSL proxy client certificate
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLCERT, char *cert);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a pointer to a zero terminated string as parameter. The string should be
+the file name of your client certificate. The default format is "P12" on
+Secure Transport and "PEM" on other engines, and can be changed with
+\fICURLOPT_SSLCERTTYPE(3)\fP.
+
+With NSS or Secure Transport, this can also be the nickname of the certificate
+you wish to authenticate with as it is named in the security database. If you
+want to use a file from the current directory, please precede it with "./"
+prefix, in order to avoid confusion with a nickname.
+
+When using a client certificate, you most likely also need to provide a
+private key with \fICURLOPT_SSLKEY(3)\fP.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_SSLCERTTYPE "(3), " CURLOPT_SSLKEY "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.3 b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.3
new file mode 100644
index 000000000..297cc0c30
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.3
@@ -0,0 +1,49 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSLCERTTYPE 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSLCERTTYPE \- specify type of the proxy client SSL certificate
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLCERTTYPE, char *type);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a pointer to a zero terminated string as parameter. The string should be
+the format of your certificate. Supported formats are "PEM" and "DER", except
+with Secure Transport. OpenSSL (versions 0.9.3 and later) and Secure Transport
+(on iOS 5 or later, or OS X 10.7 or later) also support "P12" for
+PKCS#12-encoded files.
+.SH DEFAULT
+"PEM"
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_SSLCERT "(3), " CURLOPT_SSLKEY "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.3 b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.3
new file mode 100644
index 000000000..6301ae8f4
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.3
@@ -0,0 +1,51 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSLKEY 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSLKEY \- specify private keyfile for TLS and SSL proxy client cert
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLKEY, char *keyfile);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a pointer to a zero terminated string as parameter. The string should be
+the file name of your private key. The default format is "PEM" and can be
+changed with \fICURLOPT_SSLKEYTYPE(3)\fP.
+
+(iOS and Mac OS X only) This option is ignored if curl was built against
+Secure Transport. Secure Transport expects the private key to be already
+present in the keychain or PKCS#12 file containing the certificate.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_SSLKEYTYPE "(3), " CURLOPT_SSLCERT "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.3 b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.3
new file mode 100644
index 000000000..8c81b49f0
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.3
@@ -0,0 +1,51 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSLKEYTYPE 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSLKEYTYPE \- set type of the proxy private key file
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLKEYTYPE, char *type);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a pointer to a zero terminated string as parameter. The string should be
+the format of your private key. Supported formats are "PEM", "DER" and "ENG".
+
+The format "ENG" enables you to load the private key from a crypto engine. In
+this case \fICURLOPT_SSLKEY(3)\fP is used as an identifier passed to the
+engine. You have to set the crypto engine with \fICURLOPT_SSLENGINE(3)\fP.
+\&"DER" format key file currently does not work because of a bug in OpenSSL.
+.SH DEFAULT
+"PEM"
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_SSLKEY "(3), " CURLOPT_SSLCERT "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3 b/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3
new file mode 100644
index 000000000..ef65b169c
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3
@@ -0,0 +1,81 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSLVERSION 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSLVERSION \- set proxy preferred TLS/SSL version
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLVERSION, long version);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a long as parameter to control which version of SSL/TLS to attempt to
+use.
+
+Use one of the available defines for this purpose. The available options are:
+.RS
+.IP CURL_SSLVERSION_DEFAULT
+The default action. This will attempt to figure out the remote SSL protocol
+version.
+.IP CURL_SSLVERSION_TLSv1
+TLSv1.x
+.IP CURL_SSLVERSION_SSLv2
+SSLv2
+.IP CURL_SSLVERSION_SSLv3
+SSLv3
+.IP CURL_SSLVERSION_TLSv1_0
+TLSv1.0 (Added in 7.34.0)
+.IP CURL_SSLVERSION_TLSv1_1
+TLSv1.1 (Added in 7.34.0)
+.IP CURL_SSLVERSION_TLSv1_2
+TLSv1.2 (Added in 7.34.0)
+.IP CURL_SSLVERSION_TLSv1_3
+TLSv1.3 (Added in 7.51.1)
+.RE
+.SH DEFAULT
+CURL_SSLVERSION_DEFAULT
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
+
+ /* ask libcurl to use TLS version 1.0 or later */
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLVERSION, CURL_SSLVERSION_TLSv1);
+
+ /* Perform the request */
+ curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+SSLv2 is disabled by default since 7.18.1. Other SSL versions availability may
+vary depending on which backend libcurl has been built to use.
+
+SSLv3 is disabled by default since 7.39.0.
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_USE_SSL "(3), " CURLOPT_HTTP_VERSION "(3), "
+.BR CURLOPT_IPRESOLVE "(3) "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.3 b/docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.3
new file mode 100644
index 000000000..a7cbc6af7
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.3
@@ -0,0 +1,66 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSL_CIPHER_LIST 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSL_CIPHER_LIST \- specify ciphers to use for proxy TLS
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_CIPHER_LIST, char *list);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a char *, pointing to a zero terminated string holding the list of
+ciphers to use for the SSL connection. The list must be syntactically correct,
+it consists of one or more cipher strings separated by colons. Commas or
+spaces are also acceptable separators but colons are normally used, \&!, \&-
+and \&+ can be used as operators.
+
+For OpenSSL and GnuTLS valid examples of cipher lists include 'RC4-SHA',
+\'SHA1+DES\', 'TLSv1' and 'DEFAULT'. The default list is normally set when you
+compile OpenSSL.
+
+You'll find more details about cipher lists on this URL:
+
+ https://www.openssl.org/docs/apps/ciphers.html
+
+For NSS, valid examples of cipher lists include 'rsa_rc4_128_md5',
+\'rsa_aes_128_sha\', etc. With NSS you don't add/remove ciphers. If one uses
+this option then all known ciphers are disabled and only those passed in are
+enabled.
+
+You'll find more details about the NSS cipher lists on this URL:
+
+ http://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives
+.SH DEFAULT
+NULL, use internal default
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_SSLVERSION "(3), " CURLOPT_USE_SSL "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.3 b/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.3
new file mode 100644
index 000000000..6b4cbaeb4
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.3
@@ -0,0 +1,62 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSL_OPTIONS 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSL_OPTIONS \- set proxy SSL behavior options
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_OPTIONS, long bitmask);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a long with a bitmask to tell libcurl about specific SSL behaviors.
+
+\fICURLSSLOPT_ALLOW_BEAST\fP tells libcurl to not attempt to use any
+workarounds for a security flaw in the SSL3 and TLS1.0 protocols. If this
+option isn't used or this bit is set to 0, the SSL layer libcurl uses may use a
+work-around for this flaw although it might cause interoperability problems
+with some (older) SSL implementations. WARNING: avoiding this work-around
+lessens the security, and by setting this option to 1 you ask for exactly that.
+This option is only supported for DarwinSSL, NSS and OpenSSL.
+
+Added in 7.44.0:
+
+\fICURLSSLOPT_NO_REVOKE\fP tells libcurl to disable certificate revocation
+checks for those SSL backends where such behavior is present. \fBCurrently this
+option is only supported for WinSSL (the native Windows SSL library), with an
+exception in the case of Windows' Untrusted Publishers blacklist which it seems
+can't be bypassed.\fP This option may have broader support to accommodate other
+SSL backends in the future.
+https://curl.haxx.se/docs/ssl-compared.html
+
+
+.SH DEFAULT
+0
+.SH PROTOCOLS
+All TLS-based protocols
+.SH EXAMPLE
+TODO
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_SSLVERSION "(3), " CURLOPT_SSL_CIPHER_LIST "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYHOST.3 b/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYHOST.3
new file mode 100644
index 000000000..9a0d69ab6
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYHOST.3
@@ -0,0 +1,88 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSL_VERIFYHOST 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSL_VERIFYHOST \- verify the proxy certificate's name against host
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_VERIFYHOST, long verify);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a long as parameter specifying what to \fIverify\fP.
+
+This option determines whether libcurl verifies that the server cert is for
+the server it is known as.
+
+When negotiating TLS and SSL connections, the server sends a certificate
+indicating its identity.
+
+When \fICURLOPT_SSL_VERIFYHOST(3)\fP is 2, that certificate must indicate that
+the server is the server to which you meant to connect, or the connection
+fails. Simply put, it means it has to have the same name in the certificate as
+is in the URL you operate against.
+
+Curl considers the server the intended one when the Common Name field or a
+Subject Alternate Name field in the certificate matches the host name in the
+URL to which you told Curl to connect.
+
+When the \fIverify\fP value is 1, \fIcurl_easy_setopt\fP will return an error
+and the option value will not be changed. It was previously (in 7.28.0 and
+earlier) a debug option of some sorts, but it is no longer supported due to
+frequently leading to programmer mistakes. Future versions will stop returning
+an error for 1 and just treat 1 and 2 the same.
+
+When the \fIverify\fP value is 0, the connection succeeds regardless of the
+names in the certificate. Use that ability with caution!
+
+The default value for this option is 2.
+
+This option controls checking the server's certificate's claimed identity.
+The server could be lying. To control lying, see
+\fICURLOPT_SSL_VERIFYPEER(3)\fP. If libcurl is built against NSS and
+\fICURLOPT_SSL_VERIFYPEER(3)\fP is zero, \fICURLOPT_SSL_VERIFYHOST(3)\fP is
+also set to zero and cannot be overridden.
+.SH DEFAULT
+2
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
+
+ /* Set the default value: strict name check please */
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSL_VERIFYHOST, 2L);
+
+ curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS is supported, and CURLE_UNKNOWN_OPTION if not.
+
+If 1 is set as argument, \fICURLE_BAD_FUNCTION_ARGUMENT\fP is returned.
+.SH "SEE ALSO"
+.BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_CAINFO "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYPEER.3 b/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYPEER.3
new file mode 100644
index 000000000..294c77b37
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYPEER.3
@@ -0,0 +1,82 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSL_VERIFYPEER 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSL_VERIFYPEER \- verify the proxy peer's SSL certificate
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_VERIFYPEER, long verify);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a long as parameter to enable or disable.
+
+This option determines whether curl verifies the authenticity of the peer's
+certificate. A value of 1 means curl verifies; 0 (zero) means it doesn't.
+
+When negotiating a TLS or SSL connection, the server sends a certificate
+indicating its identity. Curl verifies whether the certificate is authentic,
+i.e. that you can trust that the server is who the certificate says it is.
+This trust is based on a chain of digital signatures, rooted in certification
+authority (CA) certificates you supply. curl uses a default bundle of CA
+certificates (the path for that is determined at build time) and you can
+specify alternate certificates with the \fICURLOPT_CAINFO(3)\fP option or the
+\fICURLOPT_CAPATH(3)\fP option.
+
+When \fICURLOPT_SSL_VERIFYPEER(3)\fP is enabled, and the verification fails to
+prove that the certificate is authentic, the connection fails. When the
+option is zero, the peer certificate verification succeeds regardless.
+
+Authenticating the certificate is not enough to be sure about the server. You
+typically also want to ensure that the server is the server you mean to be
+talking to. Use \fICURLOPT_SSL_VERIFYHOST(3)\fP for that. The check that the
+host name in the certificate is valid for the host name you're connecting to
+is done independently of the \fICURLOPT_SSL_VERIFYPEER(3)\fP option.
+
+WARNING: disabling verification of the certificate allows bad guys to
+man-in-the-middle the communication without you knowing it. Disabling
+verification makes the communication insecure. Just having encryption on a
+transfer is not enough as you cannot be sure that you are communicating with
+the correct end-point.
+.SH DEFAULT
+By default, curl assumes a value of 1.
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
+
+ /* Set the default value: strict certificate check please */
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSL_VERIFYPEER, 1L);
+
+ curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_SSL_VERIFYHOST "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.3 b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.3
new file mode 100644
index 000000000..ed2544bd1
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.3
@@ -0,0 +1,48 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_TLSAUTH_PASSWORD 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_TLSAUTH_PASSWORD \- password to use for proxy TLS authentication
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_TLSAUTH_PASSWORD, char *pwd);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a char * as parameter, which should point to the zero terminated password
+to use for the TLS authentication method specified with the
+\fICURLOPT_TLSAUTH_TYPE(3)\fP option. Requires that the
+\fICURLOPT_TLSAUTH_USERNAME(3)\fP option also be set.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All TLS-based protocols
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.21.4
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_TLSAUTH_TYPE "(3), " CURLOPT_TLSAUTH_USERNAME "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.3 b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.3
new file mode 100644
index 000000000..f30256ab7
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.3
@@ -0,0 +1,53 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_TLSAUTH_TYPE 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_TLSAUTH_TYPE \- set proxy TLS authentication methods
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_TLSAUTH_TYPE, char *type);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a pointer to a zero terminated string as parameter. The string
+should be the method of the TLS authentication. Supported method is "SRP".
+
+.IP SRP
+TLS-SRP authentication. Secure Remote Password authentication for TLS is
+defined in RFC5054 and provides mutual authentication if both sides have a
+shared secret. To use TLS-SRP, you must also set the
+\fICURLOPT_TLSAUTH_USERNAME(3)\fP and \fICURLOPT_TLSAUTH_PASSWORD(3)\fP
+options.
+.SH DEFAULT
+blank
+.SH PROTOCOLS
+All TLS-based protocols
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+You need to build libcurl with GnuTLS or OpenSSL with TLS-SRP support for this
+to work.
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_TLSAUTH_USERNAME "(3), " CURLOPT_TLSAUTH_PASSWORD "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.3 b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.3
new file mode 100644
index 000000000..53c8378a4
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.3
@@ -0,0 +1,46 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_TLSAUTH_USERNAME 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_TLSAUTH_USERNAME \- user name to use for proxy TLS authentication
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_TLSAUTH_USERNAME, char *user);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a char * as parameter, which should point to the zero terminated username
+to use for the TLS authentication method specified with the
+\fICURLOPT_TLSAUTH_TYPE(3)\fP option. Requires that the
+\fICURLOPT_TLSAUTH_PASSWORD(3)\fP option also be set.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All TLS-based protocols
+.SH EXAMPLE
+TODO
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_TLSAUTH_TYPE "(3), " CURLOPT_TLSAUTH_PASSWORD "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_SOCKS_PROXY.3 b/docs/libcurl/opts/CURLOPT_SOCKS_PROXY.3
new file mode 100644
index 000000000..bddb40a18
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_SOCKS_PROXY.3
@@ -0,0 +1,88 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_SOCKS_PROXY 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_SOCKS_PROXY \- set socks proxy to use
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SOCKS_PROXY, char *proxy);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Set the \fIproxy\fP to use for the upcoming request. The parameter should be a
+char * to a zero terminated string holding the host name or dotted numerical
+IP address. A numerical IPv6 address must be written within [brackets].
+
+To specify port number in this string, append :[port] to the end of the host
+name. The proxy's port number may optionally be specified with the separate
+option \fICURLOPT_PROXYPORT(3)\fP. If not specified, libcurl will default to
+using port 1080 for proxies.
+
+The proxy string may be prefixed with [scheme]:// to specify which kind of
+proxy is used. Use socks4://, socks4a://, socks5:// or socks5h:// (the last
+one to enable socks5 and asking the proxy to do the resolving, also known as
+\fICURLPROXY_SOCKS5_HOSTNAME\fP type) to request the specific SOCKS version to
+be used. No scheme specified or http://, will be treated as HTTP proxies.
+
+Without a scheme prefix, \fICURLOPT_PROXYTYPE(3)\fP can be used to specify
+which kind of proxy the string identifies.
+
+When you tell the library to use a HTTP proxy, libcurl will transparently
+convert operations to HTTP even if you specify an FTP URL etc. This may have
+an impact on what other features of the library you can use, such as
+\fICURLOPT_QUOTE(3)\fP and similar FTP specifics that don't work unless you
+tunnel through the HTTP proxy. Such tunneling is activated with
+\fICURLOPT_HTTPPROXYTUNNEL(3)\fP.
+
+libcurl respects the environment variables \fBhttp_proxy\fP, \fBftp_proxy\fP,
+\fBall_proxy\fP etc, if any of those are set. The \fICURLOPT_PROXY(3)\fP
+option does however override any possibly set environment variables.
+
+Setting the proxy string to "" (an empty string) will explicitly disable the
+use of a proxy, even if there is an environment variable set for it.
+
+A proxy host string can also include protocol scheme (http://) and embedded
+user + password.
+.SH DEFAULT
+Default is NULL, meaning no proxy is used.
+
+When you set a host name to use, do not assume that there's any particular
+single port number used widely for proxies. Specify it!
+.SH PROTOCOLS
+All except file://. Note that some protocols don't do very well over proxy.
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Since 7.14.1 the proxy environment variable names can include the protocol
+scheme.
+
+Since 7.21.7 the proxy string supports the socks protocols as "schemes".
+
+Since 7.50.2, unsupported schemes in proxy strings cause libcurl to return
+error.
+.SH RETURN VALUE
+Returns CURLE_OK if proxies are supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXYPORT "(3), " CURLOPT_HTTPPROXYTUNNEL "(3), "
+.BR CURLOPT_PROXYTYPE "(3)"
diff --git a/docs/libcurl/opts/CURLOPT_SOCKS_PROXYTYPE.3 b/docs/libcurl/opts/CURLOPT_SOCKS_PROXYTYPE.3
new file mode 100644
index 000000000..789bfb877
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_SOCKS_PROXYTYPE.3
@@ -0,0 +1,55 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_SOCKS_PROXYTYPE 3 "16 Nov 2016" "libcurl 7.51.1" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_SOCKS_PROXYTYPE \- socks proxy protocol type
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SOCKS_PROXYTYPE, long type);
+.SH DESCRIPTION
+TODO: Make this text specific to HTTPS proxy. (Added in 7.XXX)
+Pass a long with this option to set type of the proxy. Available options for
+this are \fICURLPROXY_HTTP\fP, \fICURLPROXY_HTTP_1_0\fP
+\fICURLPROXY_SOCKS4\fP, \fICURLPROXY_SOCKS5\fP, \fICURLPROXY_SOCKS4A\fP and
+\fICURLPROXY_SOCKS5_HOSTNAME\fP. The HTTP type is default.
+
+If you set \fICURLOPT_PROXYTYPE(3)\fP to \fICURLPROXY_HTTP_1_0\fP, it will
+only affect how libcurl speaks to a proxy when CONNECT is used. The HTTP
+version used for "regular" HTTP requests is instead controlled with
+\fICURLOPT_HTTP_VERSION(3)\fP.
+
+Often it is more convenient to specify the proxy type with the scheme part of
+the \fICURLOPT_PROXY(3)\fP string.
+.SH DEFAULT
+CURLPROXY_HTTP
+.SH PROTOCOLS
+Most
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Always
+.SH RETURN VALUE
+Returns CURLE_OK
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY "(3), " CURLOPT_PROXYPORT "(3), "
diff --git a/docs/libcurl/opts/Makefile.am b/docs/libcurl/opts/Makefile.am
index 8cb1b52b8..1ef4f2bc1 100644
--- a/docs/libcurl/opts/Makefile.am
+++ b/docs/libcurl/opts/Makefile.am
@@ -49,6 +49,7 @@ man_MANS = \
CURLINFO_PRIMARY_IP.3 \
CURLINFO_PRIMARY_PORT.3 \
CURLINFO_PRIVATE.3 \
+ CURLINFO_PROXY_SSL_VERIFYRESULT.3 \
CURLINFO_PROXYAUTH_AVAIL.3 \
CURLINFO_REDIRECT_COUNT.3 \
CURLINFO_REDIRECT_TIME.3 \
@@ -223,6 +224,24 @@ man_MANS = \
CURLOPT_PROXYUSERPWD.3 \
CURLOPT_PROXY_SERVICE_NAME.3 \
CURLOPT_PROXY_TRANSFER_MODE.3 \
+ CURLOPT_PROXY_CAINFO.3 \
+ CURLOPT_PROXY_CAPATH.3 \
+ CURLOPT_PROXY_CRLFILE.3 \
+ CURLOPT_PROXY_KEYPASSWD.3 \
+ CURLOPT_PROXY_SSLCERT.3 \
+ CURLOPT_PROXY_SSLCERTTYPE.3 \
+ CURLOPT_PROXY_SSLKEY.3 \
+ CURLOPT_PROXY_SSLKEYTYPE.3 \
+ CURLOPT_PROXY_SSLVERSION.3 \
+ CURLOPT_PROXY_SSL_CIPHER_LIST.3 \
+ CURLOPT_PROXY_SSL_OPTIONS.3 \
+ CURLOPT_PROXY_SSL_VERIFYHOST.3 \
+ CURLOPT_PROXY_SSL_VERIFYPEER.3 \
+ CURLOPT_PROXY_TLSAUTH_PASSWORD.3 \
+ CURLOPT_PROXY_TLSAUTH_TYPE.3 \
+ CURLOPT_PROXY_TLSAUTH_USERNAME.3 \
+ CURLOPT_SOCKS_PROXY.3 \
+ CURLOPT_SOCKS_PROXYTYPE.3 \
CURLOPT_PUT.3 \
CURLOPT_QUOTE.3 \
CURLOPT_RANDOM_FILE.3 \
diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions
index ef730c8a9..fb3330f14 100644
--- a/docs/libcurl/symbols-in-versions
+++ b/docs/libcurl/symbols-in-versions
@@ -240,6 +240,7 @@ CURLINFO_PRIMARY_IP 7.19.0
CURLINFO_PRIMARY_PORT 7.21.0
CURLINFO_PRIVATE 7.10.3
CURLINFO_PROXYAUTH_AVAIL 7.10.8
+CURLINFO_PROXY_SSL_VERIFYRESULT 7.51.1
CURLINFO_REDIRECT_COUNT 7.9.7
CURLINFO_REDIRECT_TIME 7.9.7
CURLINFO_REDIRECT_URL 7.18.2
@@ -468,7 +469,23 @@ CURLOPT_PROXYPORT 7.1
CURLOPT_PROXYTYPE 7.10
CURLOPT_PROXYUSERNAME 7.19.1
CURLOPT_PROXYUSERPWD 7.1
+CURLOPT_PROXY_CAINFO 7.51.1
+CURLOPT_PROXY_CAPATH 7.51.1
+CURLOPT_PROXY_CRLFILE 7.51.1
+CURLOPT_PROXY_KEYPASSWD 7.51.1
CURLOPT_PROXY_SERVICE_NAME 7.43.0
+CURLOPT_PROXY_SSLCERT 7.51.1
+CURLOPT_PROXY_SSLCERTTYPE 7.51.1
+CURLOPT_PROXY_SSLKEY 7.51.1
+CURLOPT_PROXY_SSLKEYTYPE 7.51.1
+CURLOPT_PROXY_SSLVERSION 7.51.1
+CURLOPT_PROXY_SSL_CIPHER_LIST 7.51.1
+CURLOPT_PROXY_SSL_OPTIONS 7.51.1
+CURLOPT_PROXY_SSL_VERIFYHOST 7.51.1
+CURLOPT_PROXY_SSL_VERIFYPEER 7.51.1
+CURLOPT_PROXY_TLSAUTH_PASSWORD 7.51.1
+CURLOPT_PROXY_TLSAUTH_TYPE 7.51.1
+CURLOPT_PROXY_TLSAUTH_USERNAME 7.51.1
CURLOPT_PROXY_TRANSFER_MODE 7.18.0
CURLOPT_PUT 7.1
CURLOPT_QUOTE 7.1
@@ -498,6 +515,8 @@ CURLOPT_SOCKOPTDATA 7.16.0
CURLOPT_SOCKOPTFUNCTION 7.16.0
CURLOPT_SOCKS5_GSSAPI_NEC 7.19.4
CURLOPT_SOCKS5_GSSAPI_SERVICE 7.19.4 7.49.0
+CURLOPT_SOCKS_PROXY 7.51.1
+CURLOPT_SOCKS_PROXYTYPE 7.51.1
CURLOPT_SOURCE_HOST 7.12.1 - 7.15.5
CURLOPT_SOURCE_PATH 7.12.1 - 7.15.5
CURLOPT_SOURCE_PORT 7.12.1 - 7.15.5
@@ -611,6 +630,7 @@ CURLPROTO_TELNET 7.19.4
CURLPROTO_TFTP 7.19.4
CURLPROXY_HTTP 7.10
CURLPROXY_HTTP_1_0 7.19.4
+CURLPROXY_HTTPS 7.51.1
CURLPROXY_SOCKS4 7.10
CURLPROXY_SOCKS4A 7.18.0
CURLPROXY_SOCKS5 7.10