`git__timer` is now `git_time_monotonic`, and returns milliseconds
since an arbitrary epoch.

Using a floating point to store the number of seconds elapsed was
clever, as it better supports the wide range of precision from the
different monotonic clocks of different systems. But we're a version
control system, not a real-time clock.

Milliseconds is a good enough precision for our work _and_ it's the
units that system calls like `poll` take and that our users interact
with.

Make `git_time_monotonic` return the monotonically increasing number
of milliseconds "ticked" since some arbitrary epoch.

Users should provide us an array of object ids; we don't need a separate
type. And especially, we should not be mutating user-providing values.
Instead, use `git_oid *` in the shallow code.

Looks like a double-free here.

Teach the smart transport more about oid types, instead of assuming SHA1.

Add support for SSPI on Windows, which offers NTLM and Negotiate
authentication.

Add functions to use convert a string with length, instead of assuming
NUL termination.

In addition, move the utf8 to 16 conversion routines into the `git_utf8`
namespace instead of using namespaceless `git__` prefixed names.

Name the GSSAPI and ntlmclient authentication providers as such. Today
they're named after the authentication mechanism ("Negotiate", "NTLM")
instead of their implementation.

If we have competing implementations for the same mechanism (eg, a
future Windows SSPI-based provider for Negotiate and NTLM) then this
will get confusing.

Co-authored-by: Qix <Qix-@users.noreply.github.com>

This reverts commit f68b40c0.

Co-authored-by: Stefan Karpinski <stefan@karpinski.org>

Fixes https://github.com/libgit2/libgit2/issues/3866

Has been applied in all Julia builds since 2017:
https://github.com/JuliaLang/julia/pull/17459

Authored-by: Keno Fischer <kfischer@college.harvard.edu>

I spent an hour banging my head against this, when it was because the
remote didn't trust my key.

Use `git_sysdir_find_homedir_file` to identify the path to the home
directory's `.ssh/known_hosts`; this takes Windows paths into account by
preferring `HOME`, then falling back to `HOMEPATH` and `USERPROFILE`
directories.

This looks like a typo to me, from what i can see these lines were
added at the same time and because of how capabilities are calculated,
it's likely that this code will work in situations where these
capabilities were the last ones.

The server and client negotiate a single hostkey, but the "best" cipher may not
be the one for which we have an entry in `known_hosts`. This can lead to us not
finding the key in known_hosts even though we should be connecting.

Instead here we look up the hostname with a nonsense key to perform a lookup in
the known hosts and set that. This is roughly what the OpenSSH client does as
well.

It turns out this has been available in libssh2 for a long time and we should
have been verifying this the whole time.

Httpclient internally stores a copy of the certificate_check callback and
payload. When connecting via HTTPS, and if the server sends back
"Connection: close" after the first request, the following request would
attempt to re-use the httpclient and call the (now outdated) callback. In
particular for pygit2 this is a problem, since callbacks / payloads are only
valid for the duration of a libgit2 call, leading to a ffi.from_handle()
error and crashing the Python interpreter.

The experimental function signature is only available when
`GIT_EXPERIMENTAL_SHA256` is enabled.

`git_oid`s now have a type, and we require the oid type when creating
the object id from creation functions.

In preparation for SHA256 support, `GIT_OID_RAWSZ` and `GIT_OID_HEXSZ`
need to indicate that they're the size of _SHA1_ OIDs.

Co-authored-by: Edward Thomson <ethomson@github.com>