Improve ldapsearch/ldapmodify --proxyAs handling

Updated the ldapsearch and ldapmodify command-line tools to provide
better validation for the value of the --proxyAs argument.  The
tools will now reject attempts to use the argument with a value that
doesn't start with either "dn:" or "u:", and they will also reject
attempts to use a value that starts with "dn:" but is not followed
by a valid LDAP DN.

Improve parallel-update reject log thread safety

Fixed an issue in which parallel-update did not properly handle
multiple concurrent attempts to write to the reject file, which
could cause its contents to be unparseable or otherwise incorrect.

Update the OID registry

Updated the OID registry to include the OID for a new administrative
alert type in the Ping Identity Directory Server.

Update documentation for filter creation

Updated the documentation so that it uses new newer, shorter method
names in cases where it demonstrates creating a filter from its
components.

Fix an issue with mutually dependent arguments

Fixed a bug in the argument parser's support for mutually dependent
arguments.  In a mutually dependent argument set, if any one of the
arguments is provided, then all of the other arguments in the set
must also be provided, but there was a problem with support for sets
containing three or more elements.  In such cases, the argument
parser would only enforce that at least two arguments from the set
were present.

Update the LDAP SDK release notes

Cleaned up the release notes for the upcoming 6.0.6 release.

Fix more VPN-related test issues on Windows

Fixed a couple of additional unit test failures that occur on
Windows as a result of a quirk with the Ping Identity VPN.

Use base64url when generating log tokens

Updated the log field syntax logic used to generate tokens so that
it uses the base64url variant rather than standard base64, and
therefore uses '-' and '_' instead of '+' and '/'.  This is at least
better when tokenizing value components for DNs, where the plus sign
needs to be escaped because it may otherwise indicate the start of
the next RDN component.

Fix typos in the OID registry

Fixed typos in the OID registry related to the replace certificate
extended operations.  The word "Request" was misspelled as
"Rqeuest", but because the implementation was changed to use the same
OID for both the request and the response (originally the response
was a generic extended result that didn't have an OID or value), the
intended type of "Extended Request" has been replaced with
"Extended Operation".

Provide a more correct fix for the previous commit

Provided a more correct fix for the previous commit altering the way
we look for alternative issuers in a cross-signed chain.