This fixes another run-time check failure because of a narrowing cast on
Visual C++.

Closes #408

- Warn that cookies without a domain are sent to any domain:
CURLOPT_COOKIELIST, CURLOPT_COOKIEFILE, --cookie

- Note that imported Set-Cookie cookies without a domain are no longer
exported:
CURLINFO_COOKIELIST, CURLOPT_COOKIEJAR, --cookie-jar

tool_sdecls.h:139 warning: comma at end of enumerator list

Introduced in commit 59f3f92b this function is only implemented when
CURL_DISABLE_CRYPTO_AUTH is not defined. As such we shouldn't define
the function in the header file either.

In places the "host name" and "realm" variable was referred to as
"instance" whilst in others it was referred to as "host".

Turns out HMAC_Init is now deprecated in openssl master (and I spelled
HMAC_Init_ex wrong in previous commit)

Set HAVE_DES_SET_ODD_PARITY when using OpenSSL/BoringSSL as native
Windows builds don't use the autoconf tools.

curl_ntlm_core.c:150: warning 'Curl_des_set_odd_parity' undefined;
                      assuming extern returning int

But kept the original author, when they were specified in a comment, as
the initial copyright holder.

Put braces around empty "if" body in libcurl.m4 check to avoid warning:

        suggest braces around empty body in an 'if' statement

and make it work with -Werror builds.

Closes #402

Closes #398

remove redundant '}'

Closes #399

It isn't always clear to the user which options that cause the HTTP
methods to conflict so by spelling them out it should hopefully be
easier to understand why curl complains.

Closes #395

... since HTTP is forbidden to return any such.

This patch addresses known bug #76, where on 64-bit Windows SOCKET is 64
bits wide, but long is only 32, making CURLINFO_LASTSOCKET unreliable.

Signed-off-by: Razvan Cojocaru <rcojocaru@bitdefender.com>

Leftovers from when we removed the private socket hash.

Coverity CID 1317365, "Logically dead code"

Coverity CID 1317367, "Missing break in switch"

"Explicit null dereferenced (FORWARD_NULL)"

Coverity CID 1317366

- Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default
protocol for schemeless URLs.

- Add new tool option --proto-default to expose
CURLOPT_DEFAULT_PROTOCOL.

In the case of schemeless URLs libcurl will behave in this way:

When the option is used libcurl will use the supplied default.

When the option is not used, libcurl will follow its usual plan of
guessing from the hostname and falling back to 'http'.

... so improve the #ifdefs for using our local implementation.

Since boringssl brought back DES_set_odd_parity again, it cannot be used
to differentiate from boringssl. Using the OPENSSL_IS_BORINGSSL define
seems better anyway.

URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/
Original-patch-by: Bertrand Simonnet

Closes #393

... since boringssl moved the former ones and the check started to fail.

URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/
Original-patch-by: Bertrand Simonnet

If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER
and CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server
doesn't present a certificate at all.

Closes #392

The multi state machine would otherwise go into the DO_MORE state after
DO, even for the case when the FTP state machine had already performed
those duties, which caused libcurl to get stuck in that state and fail
miserably. This occured for for active ftp uploads.

Reported-by: Patricia Muscalu