Before, if something went wrong with DNS lookup and there were unrelated
records (i.e. not A or AAAA) then we would still attempt to build a
resolve list. This resulted in curl errors related to the option itself
and displayed as "unknown network error" to the user.
Previously, we leaked the `curl_slist`s on every request. This also
validates the pointer we get from `curl_slist_append` before setting the
option.
Also, use the `set_option` helper for CURLOPT_RESOLVE as it will print
when there is an error.
By moving `Certificate` to `LibCrypto` it is possible to reuse a bunch
of code from in `LibCrypto` itself. It also moves some constants
and pieces of code to a more appropriate place than `LibTLS`.
This also makes future work on WebCryptoAPI easier.
The declaration of `DefaultRootCACertificates` was in `Certificate.h`
and its implementation in `TLSv12.cpp`. It has been moved over
to `TLSv12.h` for consistency.
This is in preparation of the next commits to split the changes.
...and make sure it will eventually complete (or fail) by adding a
timeout retry sequence.
Fixes an issue where RequestServer would stick around after exit,
waiting for piled up DNS requests for a long time.
