... which the help text already implied since we switched to libidn2
from libidn in commit 9c91ec77 back in October 2016.

Reported-by: Christian Weisgerber
Bug: https://curl.haxx.se/mail/lib-2016-12/0110.html

To avoid dereferencing a NULL pointer.

Reported-by: Daniel Romero

wolfSSL configure script relevant changes from 3.9 to 3.10:

- DES3 no longer enabled by default
- Shamir no longer enabled by default
- Extended master secret enabled by default
- RSA and ECC timing protections enabled by default

For backwards compatibility I enabled DES3 and ECC shamir config options
(ie no change from 3.9), and the other changes are included.

... it only confuses people.

and fail appropriately if it returns error

Since several compilers had problems with the previous one

Reported-by: Ray Satiro
Bug: https://curl.haxx.se/mail/lib-2016-12/0098.html

Old legacy parsing that 1) hid problems for us and 2) probably isn't
needed anymore.

... just like we already do in src/ and lib/

This file is riddled with them...

Visual C++ complained:
warning C4267: '=': conversion from 'size_t' to 'long', possible loss of data
warning C4701: potentially uninitialized local variable 'path' used

CID 1397391 (#1 of 1): Unchecked return value (CHECKED_RETURN)

Follow-up to d00f2a8f

- Check for pending data before waiting on the socket.

Bug: https://github.com/curl/curl/issues/1156
Reported-by: Adam Langley

Fixes a few issues in manual wildcard cert name validation in
schannel support code for Win32 CE:
- when comparing the wildcard name to the hostname, the wildcard
  character was removed from the cert name and the hostname
  was checked to see if it ended with the modified cert name.
  This allowed cert names like *.com to match the connection
  hostname. This violates recommendations from RFC 6125.
- when the wildcard name in the certificate is longer than the
  connection hostname, a buffer overread of the connection
  hostname buffer would occur during the comparison of the
  certificate name and the connection hostname.

... and add a bunch of floating point printf tests

and regenerated curl.1

Reported-by: Gisle Vanem

Follow-up to 82245eaa: Fix the example program sendrecv.c (handle
CURLE_AGAIN, handle incomplete send). Improve the documentation
for curl_easy_recv() and curl_easy_send().

Reviewed-by: Frank Meier
Assisted-by: Jay Satiro

See https://github.com/curl/curl/pull/1134

It doesn't benefit us much as the connection could get closed at
any time, and also by checking we lose the ability to determine
if the socket was closed by reading zero bytes.

Reported-by: Michael Kaufmann

Closes https://github.com/curl/curl/pull/1134

As the official docs seems really hard to keep track of and link to over
time

Fixed trailing whitespace and numerous formatting glitches