... including the associated option.

Fixes #2951
Closes #2952

Add functionality so that protocols can do custom keepalive on their
connections, when an external API function is called.

Add docs for the new options in 7.62.0

Closes #1641

Sometimes it may be considered a security risk to load an external
OpenSSL configuration automatically inside curl_global_init(). The
configuration option --disable-ssl-auto-load-config disables this
automatism. The Windows build scripts winbuild/Makefile.vs provide a
corresponding option ENABLE_SSL_AUTO_LOAD_CONFIG accepting a boolean
value.

Setting neither of these options corresponds to the previous behavior
loading the external OpenSSL configuration automatically.

Fixes #2724
Closes #2791

The gcc typecheck macros and coverity combined made it warn on the 2nd
argument for ERROR_CHECK_SETOPT(). Here's minor rearrange to please it.

Coverity CID 1439115 and CID 1439114.

SEC_E_APPLICATION_PROTOCOL_MISMATCH isn't defined in some versions of
mingw and would require an ifdef otherwise.

Reported-by: Thomas Glanzmann
Approved-by: Marc Hörsken
Bug: https://curl.haxx.se/mail/lib-2018-09/0020.html
Closes #2950

... and add "MAILINDEX".

As described in #2789, this is a suggested solution.  Changing UID=xx to
actually get mail with UID xx and add "MAILINDEX" to get a mail with a
special index in the mail box (old behavior).  So MAILINDEX=1 gives the
first non deleted mail in the mail box.

Fixes #2789
Closes #2815

This is step 3 of #2888.

Fixes #2888
Closes #2896

Closes #2668

Long live CURLE_PEER_FAILED_VERIFICATION

CURLE_PEER_FAILED_VERIFICATION makes more sense because Curl_parseX509
does not allocate memory internally as its first argument is a pointer
to the certificate structure. The same error code is also returned by
Curl_verifyhost when its call to Curl_parseX509 fails so the change
makes error handling more consistent.

Failure to extract the issuer name from the server certificate should
return a more specific error code like on other TLS backends.

Closes #2901

Closes #2901

Disable the CURLOPT_DNS_USE_GLOBAL_CACHE option and mark it for
deprecation and complete removal in six months.

Bug: https://curl.haxx.se/mail/lib-2018-09/0010.html
Closes #2942

Closes #2709

Starting 7.62.0, multiplexing is enabled by default in multi handles.

Approved-by: Daniel Gustafsson
Closes #2937

makes it not run in the CI builds

Closes #2941

Transparently. The related curl_multi_setopt() options all still returns
OK when pipelining is selected.

To re-enable the support, the single line change in lib/multi.c needs to
be reverted.

See docs/DEPRECATE.md

Closes #2705

Since scan-build would warn on the dead "Dead store/Dead increment"

Fixes #2939
Closes #2940

This is a follow-up to PR #2607 and PR #2926.

Closes #2936

- Treat 408 request timeout as transient so that curl will retry the
  request if --retry was used.

Closes #2925

The flag indicating TLS 1.3 cipher support in the OpenSSL backend was
missing.

Bug: https://github.com/curl/curl/pull/2607#issuecomment-417283187
Reported-by: Kamil Dudka

Closes #2926

... since it would cause an integer overflow if longer than (max size_t
/ 2).

This is CVE-2018-14618

Bug: https://curl.haxx.se/docs/CVE-2018-14618.html
Closes #2756
Reported-by: Zhaoyang Wu

Closes #2928

"precheck command error" is not very helpful.

Assisted-by: Rikard Falkeborn

Closes #2922

According to RFC6265 section 5.4, cookies with equal path lengths
SHOULD be sorted by creation-time (earlier first). This adds a
creation-time record to the cookie struct in order to make cookie
sorting more deterministic. The creation-time is defined as the
order of the cookies in the jar, the first cookie read fro the
jar being the oldest. The creation-time is thus not serialized
into the jar. Also remove the strcmp() matching in the sorting as
there is no lexicographic ordering in RFC6265. Existing tests are
updated to match.

Closes #2524

All these tests failed on Windows because something like
sftp://%HOSTIP:%SSHPORT%PWD/
expanded to
sftp://127.0.0.1:1234c/msys64/home/bla/curl
and then curl complained about the port number ending with a letter.

Use the original POSIX path instead of the Windows path created in
checksystem to fix this.

Closes https://github.com/curl/curl/pull/2920

Reported-by: Daniel Stenberg

Closes https://github.com/curl/curl/issues/2916