... it was previously unchecked in two places and thus errors could
remain undetected and cause trouble.

Closes #2681

Follow-up to b6a16afa

... to work with longer passwords etc. Grow it from a 256 to a 4096
bytes buffer.

Reported-by: Dario Nieuwenhuis
Fixes #2676
Closes #2680

Closes #2673

Fixes #2677
Closes #2679

Follow-up to 2c15693a.

Bug #2674
Closes #2675

Bug: https://curl.haxx.se/mail/lib-2018-06/0100.html

This will make possible to select the SSL backend (using
curl_global_sslset()) even when the libcurl is built using CMake

Closes #2665

By masking sure to use the *current* easy handle with extracted
connections from the cache, and make sure to NULLify the ->data pointer
when the connection is put into the cache to make this mistake easier to
detect in the future.

Reported-by: Will Dietz
Fixes #2669
Closes #2672

... run a few more tortured based and run all tests event-based.

Closes #2664

When the application just started the transfer and then stops it while
the name resolve in the background thread hasn't completed, we need to
wait for the resolve to complete and then cleanup data accordingly.

Enabled test 1553 again and added test 1590 to also check when the host
name resolves successfully.

Detected by OSS-fuzz.
Closes #1968

Ref: https://github.com/curl/curl/pull/2660

Closes https://github.com/curl/curl/pull/2662

Fixes my local configure to detect a custom installed c-ares without
pkgconfig.

Closes #2663

maketgz creates release tarballs and removes the -DEV string in curl
version (e.g. 7.58.0-DEV), else -DEV shows up on command line when curl
is run. maketgz works fine on linux but fails on OSX. Problem is with
the sed commands that use option -i without an extension. Maketgz
expects GNU sed instead of BSD and this simply won't work on OSX. Adding
a backup extension .bak after -i fixes this issue

Running the script as if on OSX gives this error:

sed: -e: No such file or directory

Adding a .bak extension resolves it

Closes #2660

Fix the -ldl and -ldl + -lpthread checks for OpenSSL, necessary for
building with static libs without pkg-config.

Reported-by: Marcel Raad
Fixes #2199
Closes #2659

First check if there's c-ares information given as pkg-config info and use
that as first preference.

Reported-by: pszemus on github
Fixes #2203
Closes #2658

Closes #2657

Closes #2120

Closes #2281

certdata.txt should be deleted also when the process is interrupted by
"same certificate downloaded, exiting"

The certdata.txt is currently kept on disk even if you give the -u
option

Closes #2655

Reported-by: Peter Wu
Closes #2654

Implemented by Björn in 946ce5b6

Closes #2653

... and make use of that to make 1455 work better without using a fixed
local port number.

Fixes #2649
Closes #2650

The struct field is never set (since 5e0d9aea) so remove the use of it
and remove the connectdata pointer from the prototype.

Reported-by: Tejas
Bug: https://curl.haxx.se/mail/lib-2018-06/0054.html
Closes #2647

with clang-6.0:
```
vtls/schannel_verify.c: In function 'add_certs_to_store':
vtls/schannel_verify.c:212:30: warning: passing argument 11 of 'CryptQueryObject' from incompatible pointer type [-Wincompatible-pointer-types]
                              &cert_context)) {
                              ^
In file included from /usr/share/mingw-w64/include/schannel.h:10:0,
                 from /usr/share/mingw-w64/include/schnlsp.h:9,
                 from vtls/schannel.h:29,
                 from vtls/schannel_verify.c:40:
/usr/share/mingw-w64/include/wincrypt.h:4437:26: note: expected 'const void **' but argument is of type 'CERT_CONTEXT ** {aka struct _CERT_CONTEXT **}'
   WINIMPM WINBOOL WINAPI CryptQueryObject (DWORD dwObjectType, const void *pvObject, DWORD dwExpectedContentTypeFlags, DWORD dwExpectedFormatTypeFlags, DWORD dwFlags,
                          ^~~~~~~~~~~~~~~~
```
Ref: https://msdn.microsoft.com/library/windows/desktop/aa380264

Closes https://github.com/curl/curl/pull/2648

Given the contstraints of SChannel, I'm exposing these as the algorithms
themselves instead; while replicating the ciphersuite as specified by
OpenSSL would have been preferable, I found no way in the SChannel API
to do so.

To use this from the commandline, you need to pass the names of contants
defining the desired algorithms. For example, curl --ciphers
"CALG_SHA1:CALG_RSA_SIGN:CALG_RSA_KEYX:CALG_AES_128:CALG_DH_EPHEM"
https://github.com The specific names come from wincrypt.h

Closes #2630

shifting the expiry date to 2037 for now
to be before the possibly problematic year 2038

similar in spirit to commit e6293cf8

Closes #2646

- Get rid of variable that was generating false positive warning
(unitialized)

- Fix issues in tests

- Reduce scope of several variables all over

etc

Closes #2631

Previously it was checked for in configure/cmake, but that would then
leave other build systems built without engine support.

While engine support probably existed prior to 1.0.1, I decided to play
safe. If someone experience a problem with this, we can widen the
version check.

Fixes #2641
Closes #2644