Don't set CURLOPT_CAINFO if sslverify is false

[johnbillion]

On OS X Yosemite and later, PHP can be compiled with a version of cURL that uses SecureTransport instead of OpenSSL. SecureTransport suffers from a bug whereby passing it a CA bundle but asking it not to verify the server's certificate causes the connection to fail with the following error:

SSL: CA certificate set, but certificate verification is disabled

In this situation, an https request through the HTTP API will fail if sslverify is set to false, because the sslcertificates argument is always populated with core's CA bundle.

This is fixed by not setting the CURLOPT_CAINFO setting when sslverify is false, which makes sense regardless of this bug.

Further reading:

• ​https://stackoverflow.com/questions/26710482/
• ​https://stackoverflow.com/questions/26461966/

[johnbillion]

33978.patch​ is a patch with a test, although the test has limited use because the bug only affects the particular environment described above.

[johnbillion]

In 34638:

Introduce WP_UnitTestCase::assertNotWPError() for when a test needs to assert that something is, well, not a WP_Error.

See #33978

[johnbillion]

In 34639:

Don't set CURLOPT_CAINFO when sslverify is false when sending HTTP API requests through cURL. This avoids sending redundant information to cURL, and avoids a bug in Apple's SecureTransport library which causes a request to fail when a CA bundle is set but certificate verification is disabled.

This fixes issues with local HTTPS requests (eg. WP Cron) on OS X where cURL is using SecureTransport instead of OpenSSL.

Fixes #33978