Untangle the notion of the http transport from the actual http
implementation.  The http transport now uses the httpclient.

Allow users to opt-in to expect/continue handling when sending a POST
and we're authenticated with a "connection-based" authentication
mechanism like NTLM or Negotiate.

If the response is a 100, return to the caller (to allow them to post
their body).  If the response is *not* a 100, buffer the response for
the caller.

HTTP expect/continue is generally safe, but some legacy servers
have not implemented it correctly.  Require it to be opt-in.

Fully support HTTP proxies, in particular CONNECT proxies, that allow us
to speak TLS through a proxy.

Detect responses that are sent with Transfer-Encoding: chunked, and
record that information so that we can consume the entire message body.

Store the last-seen credential challenges (eg, all the
'WWW-Authenticate' headers in a response message).  Given some
credentials, find the best (first) challenge whose mechanism supports
these credentials.  (eg, 'Basic' supports username/password credentials,
'Negotiate' supports default credentials).

Set up an authentication context for this mechanism and these
credentials.  Continue exchanging challenge/responses until we're
authenticated.

Introduce a function to format the path and query string for a URL,
suitable for creating an HTTP request.

When sending a new request, ensure that we got the entirety of the
response body.  Our caller may have decided that they were done reading.
If we were not at the end of the message, this means that we need to
tear down the connection and cannot do keep-alive.

However, if the caller read all of the message, but we still have a
final end-of-response chunk signifier (ie, "0\r\n\r\n") on the socket,
then we should consider that the response was successfully copmleted.

If we're asked to send a new request, try to read from the socket, just
to clear out that end-of-chunk message, marking ourselves as
disconnected on any errors.

The CLAR_TRACE_LEVEL environment variable was supported when building
with GIT_TRACE.  Now we always build with GIT_TRACE, but that variable
is not provided to tests.  Simply support clar tracing always.

Teach httpclient how to support chunking when POSTing request bodies.

Introduce a new http client implementation that can GET and POST to
remote URLs.

Consumers can use `git_http_client_init` to create a new client,
`git_http_client_send_request` to send a request to the remote server
and `git_http_client_read_response` to read the response.

The http client implementation will perform the I/O with the remote
server (http or https) but does not understand the git smart transfer
protocol.  This allows us to split the concerns of the http subtransport
from the actual http implementation.

Allow users to consume a buffer by the number of bytes, not just to an
ending pointer.

Provide a mechanism to add a path and query string to an existing url
so that we can easily append `/info/refs?...` type url segments to a url
given to us by a user.

Move the redirect handling into `git_net_url` for consistency.

(Also, mark all the declarations as extern.)

Clarify what it means to not send a length; this allows us to refactor
requests further.

We can't get a kerberos TGT easily on Windows; skip the negotiate tests.

This conditional was backwards.  We should instead test that clone
returns 4321, not that 4321 returns clone.

Disposal pattern; dispose on completion, allowing us to retry
authentication, which may happen on web servers that close
connection-based authenticated sessions (NTLM/SPNEGO) unexpectedly.

When USE_GSSAPI=OFF, still show information about what SPNEGO is, even
though it's disabled.  This is for parity with other disabled features
like SSH and debugpool that still show details about what is disabled.

The GSS_ERROR(x) macro may expand to `(x & value)` on some
implementations, instead of `((x) & value)`.  This is the case on macOS,
which means that if we attempt to wrap an expression in that macro, like
`a = b`, then that would expand to `(a = b & value)`.

Since `&` has a higher precedence, this is not at all what we want, and
will set our result code to an incorrect value.  Evaluate the expression
then test it with `GSS_ERROR` independently to avoid this.

Attempt to obtain a Kerberos ticket from LIBGIT2.ORG and then clone the
Negotiate-protected site at test.libgit2.org with that ticket.

internal types: change enums from `type_t` to `_t`

libgit2 does not use `type_t` suffixes as it's redundant; thus, rename
`git_http_authtype_t` to `git_http_auth_t` for consistency.

libgit2 does not use `type_t` suffixes as it's redundant; thus, rename
`git_iterator_type_t` to `git_iterator_t` for consistency.

libgit2 does not use `type_t` suffixes as it's redundant; thus, rename
`git_rebase_type_t` to `git_rebase_t` for consistency.

libgit2 does not use `type_t` suffixes as it's redundant; thus, rename
`git_merge_diff_type_t` to `git_merge_diff_t` for consistency.

merge: Return non-const git_repository from accessor method

Do not return free'd git_repository object on error

refs: refuse to delete HEAD

index: replace map macros with inline functions