Support for IPv4 and IPv6

[alex-berger]

This PR adds support for IPv4 and IPv6 addresses in Subject Alternative Names (SAN) and CommonName (CN).

This PR is related to #120 and addresses #54 as well as many other issues from downstream projects which are waiting for webpki (respectively rustls) to add support for IP addresses. Based upon the machinery implemented by this PR we could also easily add support for Email address in a later stage.

[Darkspirit]

CommonName is deprecated and should (must) no longer be used for validation: https://groups.google.com/a/chromium.org/d/msg/security-dev/IGT2fLJrAeo/csf_1Rh1AwAJ https://bugs.chromium.org/p/chromium/issues/detail?id=308330 https://bugzilla.mozilla.org/show_bug.cgi?id=1245280 https://github.com/FiloSottile/mkcert/issues/205#issuecomment-541458468

[alex-berger]

@Darkspirit Thanks for pointing this out. This poses the following questions:

• Should we ignore the common name (CN) completely?
• Or should we only ignore it for certificates issued after a certain date?
• Does this only apply to the CN or also to SAN of type DirectoryName?

For the time being, I change my code to ingore CN by default (as you suggested), but still allow API users to opt-in to legacy behavior in case they need to process (very) old certificates.

[alex-berger]

@briansmith any chance to proceed with this PR?

[briansmith]

Note: I renamed the "master" branch to "main". Sorry for the inconvenience. This PR has had its base branch updated to "main" but you'll need to deal with the change in your local repo yourself.