WIP: .devcontainer: settings for a codespace workflow

CMake. hash sha1 header has been added.

Co-authored-by: Edward Thomson <ethomson@github.com>

git_array_alloc: return objects of correct type

Homogenize semantics for atomic-related functions

Set refs/remotes/origin/HEAD to default branch when branch is specified

There were some subtle semantic differences between the various
implementations of atomic functions. Now they behave the same, have
tests and are better documented to avoid this from happening again in
the future.

Of note:

* The semantics chosen for `git_atomic_compare_and_swap` match
  `InterlockedCompareExchangePointer`/`__sync_cal_compare_and_swap` now.
* The semantics chosen for `git_atomic_add` match
  `InterlockedAdd`/`__atomic_add_fetch`.
* `git_atomic_swap` and `git_atomic_load` still have a bit of semantic
  difference with the gcc builtins / msvc interlocked operations, since
  they require an l-value (not a pointer). If desired, this can be
  homogenized.

This reverts commit 487f2a82, reversing
changes made to c6cf7f0e.

array: check dereference from void * type

GCC C11 warnings

Instead of buf->"typeofbuffer"ReparseBuffer the members will be
referenced with buf->ReparseBuffer."typeofbuffer"

https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/ntifs/ns-ntifs-_reparse_data_buffer?redirectedfrom=MSDN
calls the union DUMMYUNIONNAME but that looks a bit cluttered.

Introduce GIT_WARN_UNUSED_RESULT

open: input validation for empty segments in path

C11 warnings

Dynamically load OpenSSL (optionally)

Add Xenial, Bionic, CentOS 7 and 8 workflows with OpenSSL-Dynamic builds
nightly.

Defer dlopen until it's needed when dynamically loading OpenSSL
libraries.

The ntlmclient dependency can now dynamically load OpenSSL.

dlopen sets up some thread-local state that isn't cleaned up by
`dlclose`.  Additionally, now that we're linking against different
versions of libssh2 and OpenSSL, we're seeing different leak signatures.

Provide an interface around OpenSSL to dynamically load the libraries
and symbols, so that users can distribute a libgit2 library that is not
linked directly against OpenSSL.  This enables users to target multiple
distributions with a single binary.

This mechanism is optional and disabled by default.  Configure cmake
with -DUSE_HTTPS=OpenSSL-Dynamic to use it.

Refactor the OpenSSL stream implementation so that the legacy code is better
abstracted.  This will enable future development.

ci: tag new containers with the latest tag

Update all the container versions to force a rebuild so that they'll get
tagged with latest (due to changes in the CI scripts).

ci: update centos builds

openssl: don't fail when we can't customize allocators

During valgrind runs, we try to swap out the OpenSSL allocators for our
own.  This allows us to avoid some unnecessary warnings about usage.
Unfortunately, many builds of OpenSSL do not allow you to swap
allocators; for example FIPS builds and the builds running in CentOS.

Try to swap the allocators, but do not fail when they cannot be
customized.