Use github.com/mattn/go-pointer to save/restore "pointers" across FFI
bounderies. Go reserves the right to move pointers, so using
`unsafe.Pointer` for this is not safe.
- created a uniform shim layer for the Go code to invoke that does the
right thing depending on the version of openssl. functions that have
yet to be moved can be done so as needed.
- fixed the incorrect use of X509_STORE_CTX_get_app_data in verify_cb to
pull out the SSL object from the x509 store context, which causes
crashes when the SSL object index happens to not be zero.
- fix engine not being passed to HMAC_Init_ex
- fix HMAC tests not checking for failures with NewHMAC
