too big

internally, with code provided by sslgen.c. All SSL-layer-specific code is
then written in ssluse.c (for OpenSSL) and gtls.c (for GnuTLS).

As far as possible, internals should not need to know what SSL layer that is
in use. Building with GnuTLS currently makes two test cases fail.

TODO.gnutls contains a few known outstanding issues for the GnuTLS support.

GnuTLS support is enabled with configure --with-gnutls

used, it slows initialization too much reading an infinitely long file!

remote certificate name when it didn't match the used host name.

a precedence problem with the zlib header. See CHANGES for details.

ssluse.*: Added SSL_strerror(). Curl_SSL_engines_list() now returns a slist
which must be freed by caller.

UrlState sub-struct. Also made the engine_list exist for non-ssl builds to
make curl build.

Added Curl_SSL_engines_list(), cleanup SSL in url.c
(no HAVE_OPENSSL_x etc.).

already UTF-8 encoded. We check for this case and copy the raw string manually
to avoid the problem. This code can be made conditional in the future when
OpenSSL has been fixed. Work-around brought by Alexis S. L. Carvalho.

and not an int.

use when built with a very old OpenSSL version.

generic connect uses

precaution to prevent mistakes to lead to buffer overflows.

mailing list.

about that passed-in argument not being used.
* killed trailing whitespace

verification:

- when multiple common names are used (as in the curl tests), the last name
needs to be selected.

- allow comparing with encoded values, at least with BMP and ISO latin1
encoded T61strings.

memory.h is included everywhere for this.

all things up to work with encoded host names internally, as well as keeping
'display names' to show in debug messages. IDN resolves work for me now using
ipv6, ipv4 and ares resolving. Even cookies on IDN sites seem to do right.