.. also fix some typos in test's FILEFORMAT spec.

Static analysis indicated that my commit 9008f3d5 ("ntlm_wb: Fix
hard-coded limit on NTLM auth packet size") introduced a potential
memory leak on an error path, because we forget to free the buffer
before returning an error.

Fix this.

Although actually, it never happens in practice because we never *get*
here with state == NTLMSTATE_TYPE1. The state is always zero. That
might want cleaning up in a separate patch.

Reported-by: Terri Oda

This prevents valgrind from reporting possibly lost memory that NSPR
uses for file descriptor cache and other globally allocated internal
data structures.

Reported-by: Štefan Kremeň

setup-vms.h: More symbols for SHA256, hacks for older VAX

openssl.h: Use OpenSSL OPENSSL_NO_SHA256 macro to allow building on VAX.

openssl.c: Use OpenSSL version checks and OPENSSL_NO_SHA256 macro to
allow building on VAX and 64 bit VMS.

setup-vms.h: Symbol case fixups submitted by Michael Steve

build_gnv_curl_pcsi_desc.com: VSI aka as VMS Software, is now the
supplier of new versions of VMS.  The install kit needs to accept
VSI as a producer.

This change necessary for binary compatibility.

Prior to this change test 1135 failed due to the order of functions.

Prior to this change test 1119 failed due to the missing symbols.

For security reasons, until there is a fix.

Bug: http://curl.haxx.se/mail/lib-2015-06/0143.html
Reported-by: Gustavo Grieco, Feist Josselin

Just to underscore how we treat each other in this project. Nothing new
really, but could be useful for newcomers and outsiders to see our
values.

Flush the header stream when -D is used so that they are sent off
earlier.

Bug: https://github.com/bagder/curl/issues/324
Reported-by: Cédric Connes

Reported-by: bemoody
Bug: https://github.com/bagder/curl/issues/325

Since we do prefix match using given header by application code
against header name pair in format "NAME:VALUE", and VALUE part can
contain ":", we have to careful about existence of ":" in header
parameter.  ":" should be allowed to match HTTP/2 pseudo-header field,
and other use of ":" in header must be treated as error, and
curl_pushheader_byname should return NULL.  This commit implements
this behaviour.

Following the fix made in 903b6e05.

... to properly support that options are set to the handle after it is
added to the multi handle.

Bug: http://curl.haxx.se/mail/lib-2015-06/0122.html
Reported-by: Stefan Bühler

Advise that WinSSL in versions <= XP will not be able to connect to
servers that no longer support the legacy handshakes and algorithms used
by those versions, and to use an alternate backend like OpenSSL instead.

Bug: https://github.com/bagder/curl/issues/253


Reported-by: zenden2k <zenden2k@gmail.com>

... in commit curl-7_43_0-18-g570076e8