It seems that some systems (e.g. fairly consistently in some recent
Solaris autobuilds) would manage to get to the connect phase before the
progress callback was called, resulting in a CURLE_COULDNT_CONNECT
error. Reworked the test to point at a test server that never returns a
full result so the progress callback always gets a chance to be called
before the transfer can complete in some other way.

TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.

Coverity CID 1291167 pointed out that 'rc' was received but never used when
gnutls_credentials_set() was used. Added return code check now.

Coverity CID 1291165 pointed out 'chainp' could be dereferenced when
NULL if gnutls_certificate_get_peers() had previously failed.

Coverity CID 1291166 pointed out that we could read this variable
uninitialized.

The certificates were missing the digitalSignature and keyAgreement
usage types, of which at least digitalSignature was checked by CyaSSL.
This caused the test server in test 310 (among others) to fail the
startup verification and therefore run (see
http://curl.haxx.se/mail/lib-2014-07/0303.html).

The certificate generation scripts were also updated to better match the
format of the certificates currently checked in.

CID 1202732 warns on the previous use, although I cannot fine any
problems with it. I'm doing this change only to make the code use a more
familiar approach to accomplish the same thing.

This option can be used to enable/disable TLS False Start defined in the RFC
draft-bmoeller-tls-falsestart.

Reported-by: Frank Gevaerts

This change was made in CyaSSL/WolfSSL ver. 3.4.0

We prematurely changed protocol handler to HTTP/2 which made things very
slow (and wrong).

Reported-by: Stefan Eissing
Bug: https://github.com/bagder/curl/issues/169

Coverity CID 1288826

If a man page exists in the opts/ directory, it must also be referenced
either in curl_easy_setopt.3 or curl_multi_setopt.3

... if disabled at libcurl level.  Otherwise, we would allow to
negotiate NPN despite curl was invoked with the --no-npn option.

- Get rid of this flood of warnings in Windows mingw build:
warning: missing terminating " character

The warning is due to the carriage return. When msysgit checks out files
from the repo by default it converts the line endings to CRLF. Prior to
this change when mkhelp.pl processed the MANUAL and curl.1 in CRLF
format the trailing carriage returns caused unnecessary CR in the
output.

Using $< in a non-suffix rule context is a GNU make idiom.  This bug was
introduced in 7.41.0.

Reported-by: Stefan Eissing
Bug: https://github.com/bagder/curl/issues/169