I am about to merge the first patch that adds changes into the pending
release, and thus we bump the minor number.

Let's call it 7.27.1 for now, but it it probably going to become 7.28.0
when released.

Make sure CURL_VERSION_SSPI is present and works as in previous releases
for ABI and API compatibility reasons.

Added Windows SSPI version information to the curl version string when
SCHANNEL SSL is not enabled, as the version of the library should also
be included when SSPI is used to generate security contexts.

Removed SSPI from the feature list as the features are GSS-Negotiate,
NTLM and SSL depending on the usage of the SSPI library.

Due to new features

Info: http://curl.haxx.se/mail/lib-2012-04/0170.html

This protects from attribute names being defined by third party's code.

Improvement: http://curl.haxx.se/mail/lib-2012-04/0127.html

Configuration files such as curl_config.h and all config-*.h no longer exist
nor are generated/copied into 'src' directory, now these only exist in 'lib'
directory from where curl tool sources uses them.

Additionally old src/setup.h has been refactored into src/tool_setup.h which
now pulls lib/setup.h

The possibility of a makefile needing an include path adjustment exists.

As it turns out, some people do want that after all.

Added a new CURLOPT_MAIL_AUTH option that allows the calling program to
set the optional AUTH parameter in the MAIL FROM command.

When this option is specified and an authentication mechanism is used
to communicate with the mail server then the AUTH parameter will be
included in the MAIL FROM command. This is particularly useful when the
calling program is acting as a relay in a trusted environment and
performing server to server communication, as it allows the relaying
server to specify the address of the mailbox that was used to
authenticate and send the original email.

I accidentally left the lowest bits 01 before

and updated the end year in the generic copyright string

Allow an appliction to set libcurl specific SSL options. The first and
only options supported right now is CURLSSLOPT_ALLOW_BEAST.

It will make libcurl to disable any work-arounds the underlying SSL
library may have to address a known security flaw in the SSL3 and TLS1.0
protocol versions.

This is a reaction to us unconditionally removing that behavior after
this security advisory:

http://curl.haxx.se/docs/adv_20120124B.html

... it did however cause a lot of programs to fail because of old
servers not liking this work-around. Now programs can opt to decrease
the security in order to interoperate with old servers better.

This adds three new options to control the behavior of TCP keepalives:

- CURLOPT_TCP_KEEPALIVE: enable/disable probes
- CURLOPT_TCP_KEEPIDLE: idle time before sending first probe
- CURLOPT_TCP_KEEPINTVL: delay between successive probes

While not all operating systems support the TCP_KEEPIDLE and
TCP_KEEPINTVL knobs, the library will still allow these options to be
set by clients, silently ignoring the values.

In commit c834213a we re-used some obsolete error codes, and here are
two defines that makes sure existing source codes that happen to use any
of these deprecated ones will still compile.

As usual, define CURL_NO_OLDIES to avoid getting these "precaution
defines".

1- Two new error codes are introduced.

CURLE_FTP_ACCEPT_FAILED to be set whenever ACCEPTing fails because of
FTP server connected.

CURLE_FTP_ACCEPT_TIMEOUT to be set whenever ACCEPTing timeouts.

Neither of these errors are considered fatal and control connection
remains OK because it could just be a firewall blocking server to
connect to the client.

2- One new setopt option was introduced.

CURLOPT_ACCEPTTIMEOUT_MS

It sets the maximum amount of time FTP client is going to wait for a
server to connect. Internal default accept timeout is 60 seconds.

When working with the Android Standalone Toolchain the compiler defines
this macro:

  /path/to/arm-linux-androideabi-gcc -E -dM - < /dev/null \
  | grep -i android
  #define __ANDROID__ 1

We really need to check both ANDROID and __ANDROID__ since I've observed
that:

* if you use Android.mk file(s) and the 'ndk-build' script (aka vanilla
way), ANDROID is predefined (see -DANDROID extra C flag),

* if you use the Android Standalone Toolchain, then __ANDROID__ is
predefined as stated by the compiler

There might be situations where a user would want to unset this option.
Avoid forcing him/her to cast the NULL argument to (char *) in order to
get past the compile time typecheck.

Don't even declare the struct members for disabled features

Introducing the CURLSHE_NOT_BUILT_IN return code for the share interface
when trying to set a sharing option that has been disabled (or not
enabled) in the library.

Allow (*curl_write_callback) write callbacks to return
CURL_WRITEFUNC_OUT_OF_MEMORY to properly indicate libcurl of OOM conditions
inside the callback itself.

Functions renamed:

Curl_output_ntlm_sso -> Curl_output_ntlm_wb
sso_ntlm_close -> wb_ntlm_close
sso_ntlm_response -> wb_ntlm_response
sso_ntlm_initiate -> wb_ntlm_initiate

Preprocessor symbols renamed:

CURLAUTH_NTLM_SSO -> CURLAUTH_NTLM_WB
CURL_VERSION_NTLM_SSO -> CURL_VERSION_NTLM_WB

This is to aid easier machine parsing and to make sure nobody who reads
these header lines can miss the info.

Allow compilation of libcurl and curl using BSD-style lwIP on Win32.

In order to compile libcurl and curl with this support it is necessary
to edit files lib/config-win32.h and src/config-win32.h and uncomment
a line to make definition of preprocessor symbol USE_LWIPSOCK visible.

Afterwards you can compile as usual.

In order to use compiled library with BSD-style lwIP TCP/IP stack in
your program it is mandatory that you include lwIP header file <lwip/opt.h>
before including <curl/curl.h> or <curl/multi.h>

Compilation has been verified with lwIP 1.4.0 and contrib-1.4.0 from:

http://download.savannah.gnu.org/releases/lwip/lwip-1.4.0.zip
http://download.savannah.gnu.org/releases/lwip/contrib-1.4.0.zip

Have fun!

Suggested by Richard Silverman.

Curl_gss_init_sec_context got new parameter - SessionHandle.

Signed-off-by: Adam Tkac <atkac@redhat.com>

With the use of the 'ntlm_auth' tool from the Samba project