... by making sure the first request is completed before doing the
remainder.

... even if the last IPv6 connection attempt has failed.

Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c4

... in case the protocol versions are mixed in a DNS response
(IPv6 -> IPv4 -> IPv6).

Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c3

Remove cmake as marked for removal. It is in much better state now.

SSL_CTX_load_verify_locations by default (and if given non-Null
parameters) searches the CAfile first and falls back to CApath.  This
allows for CAfile to be a basis (e.g. installed by the package manager)
and CApath to be a user configured directory.

This wasn't reflected by the previous configure constraint which this
patch fixes.

Bug: https://github.com/bagder/curl/pull/139

Correctly check for memcmp() return value (it returns 0 if the strings match).

This is not really important, since curl is going to use http/1.1 anyway, but
it's still a bug I guess.

Correctly check for strncmp() return value (it returns 0 if the strings
match).

Use "cmake -E echo" instead of "echo".

Reviewed-by: Brad King <brad.king@kitware.com>

Set CMAKE_REQUIRED_DEFINITIONS to include definitions needed to get
the winsock2 API from windows.h.  Simplify the order of checks to
avoid extra conditions.

Use check_include_file instead of check_include_file_concat to look
for OpenSSL headers.  They do not need to participate in a sequence
of dependent system headers.  Also they may cause winsock.h to be
included before ws2tcpip.h, causing the latter to not be detected
in the sequence.

Reviewed-by: Brad King <brad.king@kitware.com>

Visual Studio 2005 and above defaults to disabling the startup banner
for the Compiler, Linker and MIDL tools (with /NOLOGO). As such there
is no need to explicitly set the SuppressStartupBanner directive, as
this is a leftover from the VC7 and VC7.1 projects being upgraded to
VC8 and above.

lib/vtls/openssl.c:1450:7: warning: extra tokens at end of #endif directive

For consistency with other conditionally compiled code in openssl.c,
use OPENSSL_IS_BORINGSSL rather than HAVE_BORINGSSL and try to use
HAVE_BORINGSSL outside of openssl.c when the OpenSSL header files are
not included.

Versions of OpenSSL prior to v0.9.8h do not support the necessary
functions for OCSP stapling.

Previously we don't ignore PUSH_PROMISE header fields in on_header
callback.  It makes header values mixed with following HEADERS,
resulting protocol error.

Prior to this change the options for exclusive SSL protocol versions did
not actually set the protocol exclusive.

http://curl.haxx.se/mail/lib-2015-01/0002.html
Reported-by: Dan Fandrich

Reported-by: Jon Seymour

Removed the curl_ prefix from the schannel source files as discussed
with Marc and Daniel at FOSDEM.

The struct went private in 1.0.2 so we cannot read the version number
from there anymore. Use SSL_version() instead!

Reported-by: Gisle Vanem
Bug: http://curl.haxx.se/mail/lib-2015-02/0034.html

The previous one was "encumbered" by RSA Inc - to avoid the licensing
restrictions it has being replaced. This is the initial import,
inserting the md5.c and md5.h files from
http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5

Code-by: Alexander Peslyak

The previous one was "encumbered" by RSA Inc - to avoid the licensing
restrictions it has being replaced. This is the initial import,
inserting the md4.c and md4.h files from
http://openwall.info/wiki/people/solar/software/public-domain-source-code/md4

Code-by: Alexander Peslyak