Update libcurl and migrate/update polarssl to mbedtls (same library, new maintenance) #59
Description
I think this should be expanded to a proper update and full test by @ps3dev/developers because we are super behind on libcurl and polarssl ->mbedtls, which is a security concern depending on what an end user does with the libraries we provide. I am almost sure most of us developers find it pertinent to remove sticks from the paths of less security focused and/or less experienced developers by not building insecure versions of curl and ssl libraries for extended periods of time. Leaving the older versions as an option for BC I can understand,
for when older software just will not build with updated versions (that those downstream applications should also just be updated is another discussion, let's control what we can) but as the default I am feeling a sense of responsibility.
As this is a substantial change, I think I will convert this comment to an issue so we can discuss and maybe I'll create a PR/branch and just start working on it. This is going to go fairly deep with dependency, because practically everything uses libcurl or ssl in some way these days lol.
At the same time, the --no-check-certificate is fairly obsolete today, since the advent of free valid ssl certificates from letsencrypt.
Originally posted by @miigotu in #58 (comment)