This is a follow up to the parent commit dcdd4be3 which fixes one leak
but creates another by failing to free the credentials handle if out of
memory. Also there's a second location a few lines down where we fail to
do same. This commit fixes both of those issues.

This patch allocates memory to "output_token" only when it is required
so that memory is not leaked if function returns.

Follow-up commit to c5098080 to make this test pass.

- Linux TFO + TLS is not implemented yet.

Bug: https://github.com/curl/curl/issues/907

- Curl_ipv6works() is not thread-safe until after the first call, so
call it once during global init to avoid a possible race condition.

Bug: https://github.com/curl/curl/issues/915
PR: https://github.com/curl/curl/pull/918

Closes https://github.com/curl/curl/pull/914

Closes https://github.com/curl/curl/pull/913

Closes https://github.com/curl/curl/pull/911

Explain how some FTP servers support the machine readable listing
format MLSD from RFC 3659 and compare it to LIST.

Ref: https://github.com/curl/curl/issues/906

Closes #892

Closes #896

Reported-by: Gou Lingfeng
Bug: https://curl.haxx.se/mail/lib-2016-06/0139.html

Reported-by: Richard Gray
Bug: https://curl.haxx.se/mail/lib-2016-06/0136.html

- the expression of an 'if' was always true
- a 'while' contained a condition that was always true
- use 'if(k->exp100 > EXP100_SEND_DATA)' instead of 'if(k->exp100)'
- fixed a typo

Closes #889

... as otherwise we could get a 0 which would count as no error and we'd
wrongly continue and could end up segfaulting.

Bug: https://curl.haxx.se/mail/lib-2016-06/0052.html
Reported-by: 暖和的和暖

... as previously the README.cmake would be picked and put at the bottom
of the docs page there and it wasn't very representative!

rawgit.com asks to use the domain cdn.rawgit.com for production

See #900

Closes #740

The FreeBSD Port security/ca_root_nss installs the Mozilla NSS CA bundle
to /usr/local/share/certs/ca-root-nss.crt. Use this bundle in the
discovery process.

This change also removes the former FreeBSD path that has been obsolete
for 8 years since this FreeBSD ports commit:
https://svnweb.freebsd.org/ports/head/security/?view=revision&revision=215953

Closes #894

Another follow up for crypt32.lib linking with winssl

follow-up from 120bf29e

Necessary since 6cabd785

Necessary since 6cabd785

Fixes #853

Closes #854

Broken since 6cabd785, which adds use of the Curl_extract_certinfo
function from the x509asn1.c file.

... and save the typedef'ed names for headers and external APIs.

Instead of typedef'ing to void, typedef to their corresponding actual
struct names to allow compilers to type-check.

Assisted-by: Reinhard Max

Prior to this change we called Curl_ssl_getsessionid and
Curl_ssl_addsessionid regardless of whether session ID reusing was
enabled. According to comments that is in case session ID reuse was
disabled but then later enabled.

The old way was not intuitive and probably not something users expected.
When a user disables session ID caching I'd guess they don't expect the
session ID to be cached anyway in case the caching is later enabled.

Closes #883