Revisit curl+boringssl

[springmeyer]

Ticket to track that I plan to revisit building latest curl against:

• static boringssl (https://boringssl.googlesource.com/boringssl/)
• all the normal CA certs bundled in

The goal would be to have a curl binary that could be:

• extremely solid on all platforms (ubuntu/debian, centos/rhel, osx)
• support https without depending on openssl
• be very very small and fast to install

If we could provide such a thing it could unblock:

• mason itself depending on this curl by default instead of assuming system curl (drops an apt/yum dep)
• building the mason cmake against a static curl (to allow mason.cmake to use built-in cmake HTTPS to download mason packages instead of assuming system curl - refs #74)

Cons are:

• We'd need to maintain security updates of this curl binary if boringssl reported any
• Security updates would need to trickle down to cmake package updates

[kkaefer]

building the mason cmake against a static curl (to allow mason.cmake to use built-in cmake HTTPS to download mason packages instead of assuming system curl - refs #74)

This would unblock a major obstacle I've found: There are many cmake versions out there which are built without SSL support, making it impossible for us to download with cmake.