CVE-2021-22897: schannel cipher selection surprise

## Summary: [Commit "schannel: support selecting ciphers"](https://github.com/curl/curl/commit/9aefbff30d280c60fc9d8cc3e0b2f19fc70a2f28) added support for selecting the ciphers with SCHANNEL. However, due to use of a static `algIds` array for ciphers in `set_ssl_ciphers` the last configured cipher list will override configuration used by other connections, leading to potential wrong configuration for them. This may have security implications if insecure cipher configuration is used where secure cipher configuration is expected. ## Steps To Reproduce: 1.Create two or more separate curl handles with `curl_easy_init` 2. Set different cipher lists with `curl_easy_setopt` `CURLOPT_SSL_CIPHER_LIST` to the curl handles 3. Create simultaneous connections with there the separate curl handles Instead of each connection using the specific cipher list some of them will share the wrong configuration. If/how this happens exactly depends on how the connection setup overlaps. Note that to be vulnerable some existing application using libcurl would needs to use such mixed `CURLOPT_SSL_CIPHER_LIST` configuration with multiple curl handles to begin with. It is not really known how likely this really is, but it seems somewhat rare use case. ## Supporting Material/References: - Commit adding the vulnerable feature: https://github.com/curl/curl/commit/9aefbff30d280c60fc9d8cc3e0b2f19fc70a2f28 ## Impact Potentially wrong cipher configuration used for connections.