This is the "OpenSSL available" global init function after all

In order to further avoid using ifdef's in our code flow, provide the
function `OPENSSL_init_ssl` in case we are using the legacy OpenSSL API.

By now, we have several locations where we are checking the version of
OpenSSL to determine whether we can use the new "modern" API or need to
use the pre-1.1 legacy API. As we have multiple implementations of
OpenSSL with the rather recent libressl implementation, these checks
need to honor versions of both implementations, which is rather tedious.
Instead, we can just check once for the correct versions and define
`OPENSSL_LEGACY_API` in case we cannot use the modern API.

OpenSSL version 1.1 has broken its API in quite a few ways. To avoid
having to use ifdef's everywhere, we have implemented the BIO functions
added in version 1.1 ourselves in case we are using the legacy API. We
were implementing them in the header file, though, which doesn't make a
lot of sense, since these functions are only ever being used the the
openssl stream implementation.

Move these functions to the implementation file and mark them static.

Fix build with LibreSSL 2.7

appveyor: workaround for intermittent test failures

sha1dc: update to fix errors with endianess

LibreSSL 2.7 adds OpenSSL 1.1 API

Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>

submodule: check index for path and prefix before adding submodule

odb: mempack: fix leaking objects when freeing mempacks

Our CI builds have intermittent failures in our online tests, e.g. with
the message "A provided buffer was too small". This is not a programming
error in libgit2 but rather an error in the SChannel component of
Windows. Under certain circumstances involving Diffie-Hellman key
exchange, SChannel is unable to correctly handle input from the server.
This bug has already been fixed in recent patches for Windows 10 and
Windows Server 2016, but they are not yet available for AppVeyor.

Manually pamper over that issue by disabling all ciphersuites using DHE
via the registry. While this disables more ciphers than necessary, we
really don't care for that at all but just want to avoid build failures
due to that bug.

See [1], [2] or [3] for additional information.

1: https://github.com/aws/aws-sdk-cpp/issues/671
2: https://github.com/dotnet/corefx/issues/7812
3: https://support.microsoft.com/en-us/help/2992611/ms14-066-vulnerability-in-schannel-could-allow-remote-code-execution-n

There are multiple references to undefined functions in the Microsoft
builds. Add headers to make them known.

When a ODB mempack gets free'd, we take no measures at all to free its
contents, most notably the objects added to the database, resulting in a
memory leak. Call `git_mempack_reset` previous to freeing the ODB
structures themselves, which takes care of releasing all associated
data structures.

This updates the version of SHA1DC to c3e1304ea3.

types: remove unused git_merge_result

`git_merge_result` is currently unused in the codebase and generates a blank page in the [documentation](https://libgit2.github.com/libgit2/#HEAD/type/git_merge_result).

submodule: check path and prefix before adding submodule


submodule: fix test errors

checkout: change default strategy to SAFE

As per #4200, our default is quite surprising to users that expect checkout to just "do the thing".

Add myself to git.git-authors

odb: fix writing to fake write streams

In commit 7ec7aa4a (odb: assert on logic errors when writing objects,
2018-02-01), the check for whether we are trying to overflowing the fake
stream buffer was changed from returning an error to raising an assert.
The conversion forgot though that the logic around `assert`s are
basically inverted. Previously, if the statement

    stream->written + len > steram->size

evaluated to true, we would return a `-1`. Now we are asserting that
this statement is true, and in case it is not we will raise an error. So
the conversion to the `assert` in fact changed the behaviour to the
complete opposite intention.

Fix the assert by inverting its condition again and add a regression
test.

Our mempack ODB backend has no test coverage at all right now. Add a
simple test suite to at least have some coverage of the most basic
operations on the ODB.

online tests: update auth for bitbucket test

Update the settings to use a specific read-only token for accessing our
test repositories in Bitbucket.

Refactor `gitno_extract_url_parts`

RFC 3986 says that hostnames can be percent encoded.  Percent decode
hostnames in our URLs.

Now that we can decode percent-encoded strings as part of `git_buf`s,
use that decoder in `gitno_extract_url_parts`.

Use `git_buf_decode_percent` so that we can avoid allocating a temporary
buffer.

Introduce a function to take a percent-encoded string (URI encoded,
described by RFC 1738) and decode it into a `git_buf`.