With the introduction of expire IDs and the fact that existing timers
can be removed now and thus never expire, the concept with adding a
"latest" timer is not working anymore as it risks to not expire at all.

So, to be certain the timers actually are in line and will expire, the
plain Curl_expire() needs to be used. The _latest() function was added
as a sort of shortcut in the past that's quite simply not necessary
anymore.

Follow-up to 31b39c40

Reported-by: Paul Harris

Closes #1555

... as it would previously just get the "now" timestamp before the
transfer starts and then not update it again.

Closes #1550

mk-lib1521.pl generates a test program (lib1521.c) that calls
curl_easy_setopt() for every known option with a few typical values to
make sure they work (ignoring the return codes).

Some small changes were necessary to avoid asserts and NULL accesses
when doing this.

The perl script needs to be manually rerun when we add new options.

Closes #1543

This was the only remaining use of toupper in the entire source code.

Suggested-by: Daniel Stenberg

Otherwise, clang on Cygwin64 warns:
curl_ntlm_core.c:525:35: error: array subscript is of type 'char'
[-Werror,-Wchar-subscripts]
    dest[2 * i] = (unsigned char)(toupper(src[i]));
                                  ^~~~~~~~~~~~~~~
/usr/include/ctype.h:152:25: note: expanded from macro 'toupper'
      (void) __CTYPE_PTR[__x]; (toupper) (__x);})
                        ^~~~

This fixes the following warning with CURL_DISABLE_CRYPTO_AUTH,
as seen in the autobuilds:

curl_sasl.c:417:9: warning: unused variable 'serverdata'
[-Wunused-variable]

cyassl/ssl.h needs the macros from cyassl/options.h, so define them
before including cyassl/ssl.h the first time, which happens in
urldata.h.
This broke the build on Ubuntu Xenial, which comes with WolfSSL 3.4.8
and therefore redefines the symbols from cyassl/options.h instead of
including the header.

Closes https://github.com/curl/curl/pull/1536

Found when updating test 1395, which I did to increase test coverage of
this source file...

Closes #1535

mbedtls_x509_crt_profile_fr is only used locally.
This fixes a missing-variable-declarations warning with clang.

Unaligned access is on purpose here and the warning is harmless on
affected architectures. GCC knows that, while clang warns on all
architectures.

Closes #1529

Closes #1528

... with a strlen() if no size was set, and do this in the pretransfer
function so that the info is set early. Otherwise, the default strlen()
done on the POSTFIELDS data never sets state.infilesize.

Reported-by: Vincas Razma
Bug: #1294

vtls/mbedtls.c:804:69: warning: declaration of 'entropy' shadows a global declaration [-Wshadow]
 CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy,
                                                                     ^~~~~~~

follow-up to f31760e6

Reported-by: Michael Kaufmann
Bug: https://github.com/curl/curl/pull/1495#issuecomment-303982793

Fix bugs and compiler warnings on systems with 32-bit long and
64-bit time_t.

Reviewed-by: Daniel Stenberg

Closes #1499

Test 1261 added to verify.

Reported-by: Lloyd Fournier

Fixes #1489
Closes #1497

* LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG)

* ldap: updated per build options handling

* ldap: fixed logic for auth selection

Fixed a syntax error with setting cache variables (The type and
docstring were missing), resulting in build errors.  Quoted the
CURL_CA_PATH and CURL_CA_BUNDLE otherwise the path was written without
quotes in C code, resulting in build errors.

Closes #1503

Signed-off-by: Akhil <akhil.kedia@samsung.com>

follow-up to 4cdb1be8

.... caused by a typo in the last commit (fixing issue #1504):

memdebug.c: In function ‘curl_fclose’:
memdebug.c:444:3: error: implicit declaration of function
‘DEBUGDEBUGASSERT’ [-Werror=implicit-function-declaration]

... as it does extra checks to actually work.

Reported-by: jonrumsey at github
Fixes #1504

This is for symmetry with the autoconf generated curl_config.h.in

... as otherwise it risks not cleaning up the libssh2 handle properly
which leads to memory leak!

Assisted-by: Joel Depooter

Closes #1495
Closes #1479

Bug: https://curl.haxx.se/mail/lib-2017-04/0024.html

if no error was raised by the API but the SecIdentityRef was null

Fixes #1450

Reported-by: wyattoday at github
Fixes #1487

Closes #1400

Some code (e.g. Curl_fillreadbuffer) assumes that this buffer is not
exceedingly tiny and will break if it is. This same check is already
done at run time in the CURLOPT_BUFFERSIZE option.

The function IsPipeliningPossible() would return TRUE if either
pipelining OR HTTP/2 were possible on a connection, which would lead to
it returning TRUE even for POSTs on HTTP/1 connections.

It now returns a bitmask so that the caller can differentiate which kind
the connection allows.

Fixes #1481
Closes #1483
Reported-by: stootill at github

Tested with servers: IIS 7.5; OpenSSL 1.0.2.

Closes https://github.com/curl/curl/pull/1475

clang 5.0 complains:
possible misuse of comma operator here [-Wcomma]

Change the comma to a semicolon to fix that.

... since the total amount is low this is faster, easier and reduces
memory overhead.

Also, Curl_expire_done() can now mark an expire timeout as done so that
it never times out.

Closes #1472

 A) reduces the timeout lists drastically

 B) prevents a lot of superfluous loops for timers that expires "in vain"
    when it has actually already been extended to fire later on

... to really make sure the boundary fits in the target buffer.

Fixes unused parameter 'buflen' warning.

Reported-by: Michael Kaufmann
Bug: https://github.com/curl/curl/pull/1468#issuecomment-300078754

When the random seed is purposely made predictable for testing purposes
by using the CURL_ENTROPY environment variable, process that data in an
endian agnostic way so the the initial random seed is the same
regardless of endianness.

- Change Curl_rand to write to a char array instead of int array.

- Add Curl_rand_hex to write random hex characters to a buffer.

Fixes #1315
Closes #1468

Co-authored-by: Daniel Stenberg
Reported-by: Michael Kaufmann

Don't do anything in this file if CURLRES_THREADED is not defined.

The cases this warns about are handled elsewhere, so just use an
intermediate variable to silence the warning.