Mention 5 bugixes and 1 change more

Curl_gss_init_sec_context got new parameter - SessionHandle.

Signed-off-by: Adam Tkac <atkac@redhat.com>

libcurl inappropriate GSSAPI delegation. Full details at
http://curl.haxx.se/docs/adv_20110623.html

When closing a connection, the speedchecker's timestamp is now deleted
so that it cannot accidentally be used by a fresh connection on the same
handle when examining the transfer speed.

Bug: https://bugzilla.redhat.com/679709

In case a client certificate is used, invalidate SSL session cache
at the end of a session.  This forces NSS to ask for a new client
certificate when connecting second time to the same host.

Bug: https://bugzilla.redhat.com/689031

When NSS-powered libcurl connected to a SSL server with
CURLOPT_SSL_VERIFYPEER equal to zero, NSS remembered that the peer
certificate was accepted by libcurl and did not ask the second time when
connecting to the same server with CURLOPT_SSL_VERIFYPEER equal to one.

This patch turns off the SSL session cache for the particular SSL socket
if peer verification is disabled.  In order to avoid any performance
impact, the peer verification is completely skipped in that case, which
makes it even faster than before.

Bug: https://bugzilla.redhat.com/678580

Flaw introduced in fc77790b and present in curl-7.21.4.
Bug: https://bugzilla.redhat.com/669702#c16

Introducing a few CURL_SOCKOPT* defines for conveniance. The new
CURL_SOCKOPT_ALREADY_CONNECTED signals to libcurl that the socket is to
be treated as already connected and thus it will skip the connect()
call.

I went through all the names mentioned as authors and in commit messages
since 7.21.3, and this list inserted now is sorted on first name.

... and update the curl.1 and curl_easy_setopt.3 man pages such that
they do not suggest to use an OpenSSL utility if curl is not built
against OpenSSL.

Bug: https://bugzilla.redhat.com/669702