Please find a big patch in attachment:
 
It implements a new SSL backend: GSKit. It runs on OS400, but IBM
supports it on other platforms too.

Aside of it, this patch also prepares support of CURLINFO_CERTINFO for
every SSL backend able to provide peer certificate and/or chain in DER
format. This has been done by some code factorisation:

- init_certinfo(), push_certinfo*() have been moved to sslgen.c
- a new module x509asn1.c implements very lightweight ASN.1 and X509
parsers, with functions to generate the certinfo from DER certificates.
These are now already used (in the patch) by the QsoSSL and GSKit SSL
backends, and may be easily called from other backends not implementing
certinfo yet.

The only info fields left TODO are the X509 V3 extensions.

The internal function Curl_slist_append_nodup() has been implemented and
used wherever needed.

OS400 users will now have the ability to get CURLINFO_* slists in
EBCDIC, including certinfo.

The advantages of GSKit over QsoSSL are:
- Not limited to a single SSL keyring per job: each connection may have
its own SSL environment.
- Reentrant.
- Asynchronous handshake.
- Cipher control.
- SNI support (on OS400 version >= 7.1).
- QsoSSL is obsolescent.

Your comments are welcome. If nobody objects, I'll commit it in a few
days.

Good week-end to all of you,
Patrick

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html