proxy authentication: enable negotiate as additional authentication method, resolves #257

[brassh]

issue #257

[bzeller]

Thanks for contributing but before merging this we will first need to make sure that we do not get failed requests in case that the server responds that negotiate is available but there are actually no credentials set by the user.

The curl documentation says:
If more than one bit is set, libcurl will first query the site to see what authentication methods it supports and then pick the best one you allow it to use

Picking the auth is implemented here: https://github.com/curl/curl/blob/master/lib/http.c#L374 , which means if we signal that we want to use negotiate and the server supports it as well it would always be the first choice.

I did not yet find code that would amend the list of auth methods we enable by checking if there are actually credentials available

[brassh]

I see your point. This might break existing setups which rely on password based authentication.
A solution may be to activate negotiate only in case no password is given, see updated pull request.
In this case, the user can decide whether he wants password authentication (by providing proxyuser and password, as before) or password-less authentication (by providing only proxyuser, but no password in config or .curlrc)

[brassh]

any comments?