Implement SSL_CTX_set_cert_cb

[AndrewBarba]

This is a first pass at reviving #311 in order to fix #310

Credit to @TechnikEmpire, I did my best to address the comments in the original PR from @Lukasa

If the approach looks okay I'll move to testing

[AndrewBarba]

@Lukasa Thanks so much for the comments earlier. I've since changed quite a bit now that I have a better understanding of whats going on. I was able to create a test that at least ensures the handshake is completing successfully, where as before I was never signaling to the connection that our async lookup was complete. Im sure there's still a lot more testing and error handling we can do but I wanted to pause here and wait for more feedback.

I also want to call out that I'm concerned about this API returning a new NIOSSLContext given how expensive it is to create one. The main purpose of this API would be to serve many dynamic certificates, and at scale if we're constantly creating new contexts could this be a big problem? I'm wondering if a better API is return a new TLSConfiguration struct, and then apply the relevant parts of the configuration instead of swapping the entire context.

[AndrewBarba]

@Lukasa I'm having problems getting CI to pass, it's failing to compile with a fatalError but no details reported. Everything builds and tests pass locally

[Lukasa]

So you can use the docker-compose files in the repo to generate a simulacrum of the CI (for now, until we cut over to GHA). The steps are:

docker-compose -f docker/docker-compose.yaml -f docker/docker-compose.2204.510.yaml build
docker-compose -f docker/docker-compose.yaml -f docker/docker-compose.2204.510.yaml run test

That latter command reveals the issue:

/swift-nio-ssl/Tests/NIOSSLTests/TLSConfigurationTest.swift:824:98: error: 'file' is deprecated: Use 'NIOSSLPrivateKeySource.privateKey(NIOSSLPrivateKey)' to set private key
        var config = TLSConfiguration.makeServerConfiguration(certificateChain: [], privateKey: .file("fake.file"))
                                                                                                 ^
/swift-nio-ssl/Tests/NIOSSLTests/TLSConfigurationTest.swift:824:98: error: 'file' is deprecated: Use 'NIOSSLPrivateKeySource.privateKey(NIOSSLPrivateKey)' to set private key
        var config = TLSConfiguration.makeServerConfiguration(certificateChain: [], privateKey: .file("fake.file"))

[AndrewBarba]

Thanks @Lukasa I think this is ready for another review.

[Lukasa]

Great, really nice job here @AndrewBarba! Thanks for persevering with the reviews, I think it left this patch in a great state. We're good to go.