Improve extended gic option support

Improve extended gic option support

The current extended gic option facility violates strict aliasing, is
not nestable (gic_opt_to_opte cannot be used on an extended options
structure casted back to krb5_get_init_creds_options), and requires
callers to use error-prone conversion functions.

Rewrite this code to use a new structure private to gic_opt.c, which
contains a krb5_get_init_creds_opt structure as its first member.  We
can cast between the extended structure and its first element without
violating strict aliasing (C99 6.7.2.1 paragraph 13 and the aggregate
type clause of 6.5 paragraph 7).  Define internal accessor functions
for the extended option fields.  Replace all uses of krb5_gic_opt_ext
in callers with krb5_get_init_creds_opt and the new accessors.  Bring
krb5_get_init_creds_opt_set_pa back into gic_opt.c (reverting
faa810c5b59fa33d9f7db837c5bb88df5436bb30) so that all of the code
which accesses the extended options structure can be in one file.

ticket: 6034