Attempt to make it look more appealing on github

Fixed inconsistency from commit 1eae1140 and 0ad6c722 of the order
in which Perl was added to the PATH.

and removed erroneous reference to test case lib509

Since two of the cookies would now otherwise expire and cause the test
to fail after commit 20de9b4f

Discussed in #697

Bug: https://github.com/curl/curl/pull/693

Prior to this change when a single protocol CURL_SSLVERSION_ was
specified by the user that version was set only as the minimum version
but not as the maximum version as well.

In makefile.m32, option -ssh2 (libssh2) automatically implied -ssl
(OpenSSL) option, with no way to override it with -winssl. Since both
libssh2 and curl support using Windows's built-in SSL backend, modify
the logic to allow that combination.

Prior to this change cookies with an expiry date that failed parsing
and were converted to session cookies could be purged in remove_expired.

Bug: https://github.com/curl/curl/issues/697
Reported-by: Seth Mos

... as it was already checked previously within the function.

Reported-by: Dmitry-Me
Closes #695

Prevent a crash if 2 (or more) requests are made to the same host and
pipelining is enabled and the connection does not complete.

Bug: https://github.com/curl/curl/pull/690

using envvars `CURL_LDFLAG_EXTRAS_DLL` and
`CURL_LDFLAG_EXTRAS_EXE` respectively. This
is useful f.e. to pass ASLR-related extra
options, that are required to make this
feature work when using the mingw toolchain.

Ref: https://github.com/curl/curl/pull/670#issuecomment-190863985

Closes https://github.com/curl/curl/pull/689

Reported-by: Dmitry-Me
Fixes #688

The assignment of the mbedTLS TLS session info in the parent commit was
incorrect. Change the assignment to a pointer to the session structure.

.. and preprocessor check TLS session info is defined for all backends.

Some systems have special files that report as 0 bytes big, but still
contain data that can be read (for example /proc/cpuinfo on
Linux). Starting now, a zero byte size is considered "unknown" size and
will be read as far as possible anyway.

Reported-by: Jesse Tan

Closes #681

- Warn if --with-ca-bundle file does not exist.

- Warn if --with-ca-path directory does not contain certificates.

- Improve help messages for both.

Example configure output:

  ca cert bundle:   /some/file   (warning: certs not found)
  ca cert path:     /some/dir   (warning: certs not found)

Bug: https://github.com/curl/curl/issues/404
Reported-by: Jeffrey Walton

... as when pipelining is used, we read things into a unified buffer and
we don't do that with HTTP/2. This could then easily make programs that
set CURLMOPT_PIPELINING = CURLPIPE_HTTP1|CURLPIPE_MULTIPLEX to get data
intermixed or plain broken between HTTP/2 streams.

Reported-by: Anders Bakken

The two options are almost the same, except in the case of OpenSSL:

CURLINFO_TLS_SESSION OpenSSL session internals is SSL_CTX *.

CURLINFO_TLS_SSL_PTR OpenSSL session internals is SSL *.

For backwards compatibility we couldn't modify CURLINFO_TLS_SESSION to
return an SSL pointer for OpenSSL.

Also, add support for the 'internals' member to point to SSL object for
the other backends axTLS, PolarSSL, Secure Channel, Secure Transport and
wolfSSL.

Bug: https://github.com/curl/curl/issues/234


Reported-by:  <dkjjr89@users.noreply.github.com>

Bug: https://curl.haxx.se/mail/lib-2015-09/0127.html
Reported-by: Michael König

The internal Curl_done() function uses Curl_expire() at times and that
uses the timeout list. Better clean up the list once we're done using
it. This caused a segfault.

Reported-by: 蔡文凱
Bug: https://curl.haxx.se/mail/lib-2016-02/0097.html

DSA is no longer supported by OpenSSH 7.0, which causes all SCP/SFTP
test cases to be skipped.  Using RSA for host authentication works with
both old and new versions of OpenSSH.

Reported-by: Karlson2k

Closes #676

- Add tests.

- Add an example to CURLOPT_TFTP_NO_OPTIONS.3.

- Add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS.

Bug: https://github.com/curl/curl/issues/481

Some TFTP server implementations ignore the "TFTP Option extension"
(RFC 1782-1784, 2347-2349), or implement it in a flawed way, causing
problems with libcurl. Another switch for curl_easy_setopt
"CURLOPT_TFTP_NO_OPTIONS" is introduced which prevents libcurl from
sending TFTP option requests to a server, avoiding many problems caused
by faulty implementations.

Bug: https://github.com/curl/curl/issues/481

Closes #672

Sync with lib/Makefile.m32 which already uses those variables.

Bug: https://github.com/curl/curl/pull/670

If any parameter in a HTTP DIGEST challenge message is present multiple
times, memory allocated for all but the last entry should be freed.

Bug: https://github.com/curl/curl/pull/667