Upgrade to OpenSSL-1.0.2

[indutny]

See https://www.openssl.org/docs/ssl/SSL_CTX_set_cert_cb.html

Basically, we will be able to eliminate our hello parser and use new APIs for async OCSP/SNI and stuff like that.

cc @bnoordhuis

[jbergstroem]

I started porting yesterday. The import is pretty simple but since I can't find any traces of google incorporating 1.0.2, the gyp-file needs work. I haven't even started looking at asm/yet..

[indutny]

@jbergstroem cool! Just FYI, this .gyp file is barely related to the one that was done by Google team. The comment above it is mostly a legacy thing, we rewrote it a couple of times.

[jbergstroem]

See #723 for work in progress by @shigeki.

[shigeki]

I missed this issue. Yes, I'm working on it. The current branch of openssl-1.0.2 supports only Linux and MacOS and I will do work on Windows next, but I don't have an arm environment for development and tests. I hope someone helps it.

[jbergstroem]

@shigeki just wanted people visiting that issue to check your work out. I'm doing some testing on FreeBSD at the moment.

[indutny]

@shigeki need any help on this? I'd like to ship it as soon as possible ;)

[indutny]

Mostly because of http://blog.chromium.org/2015/02/hello-http2-goodbye-spdy-http-is_9.html and https://www.openssl.org/docs/ssl/SSL_CTX_set_cert_cb.html

[shigeki]

@indutny asm was done for x64 in linux and macos. I will work windows today but I don't have arm and others. ALPN has already been done based on Node-0.11 as in shigeki@5d6c147 .

@chrisdickinson @rvagg How can I use jenkins-iojs.nodesource.com for build testing?

[rvagg]

@shigeki I'll try and get around to adding you today to CI, I have a list of people I need to add

[indutny]

@shigeki there is no need for ALPN patch, this feature is in OpenSSL-1.0.2 anyway.

[shigeki]

@indutny This patch uses ALPN API in OpenSSL-1.0.2 and add options.ALPNProtocols. Openssl-1.0.2 was applied to Node-v0.11 by git submodule without using gyp. I think this can be applied to io.js after upgrading openssl-1.0.2

[indutny]

@shigeki aaah, I see now. You was talking about node.js support, not about patching OpenSSL itself. Good job, man. Let's move it forward! ;)