Option to pass in-memory CA certificate for server verification with websocket client

[ungive]

Verifying the websocket server's certificate requires a filename:

    // m_conn is a hv::WebSocketClient
    hssl_ctx_opt_t param{};
    param.endpoint = HSSL_CLIENT;
    param.verify_peer = 1;
    param.ca_file = "W:\\path\\to\\cert.pem";
    int tls_result = m_conn.withTLS(&param);

There does not seem to be an option to pass an in-memory certificate: https://github.com/ithewei/libhv/blob/8c67e056f63c6cb4f9476d5904bef5ef9f350f12/ssl/hssl.h#L39C1-L46C41

typedef struct {
    const char* crt_file;
    const char* key_file;
    const char* ca_file;
    const char* ca_path;
    short       verify_peer;
    short       endpoint; // HSSL_SERVER / HSSL_CLIENT
} hssl_ctx_opt_t, hssl_ctx_init_param_t;

The problem with passing a file name is that a client application that ships with a certificate (e.g. as an embedded QT resource file) would have to save the certificate on disk before it can be used with libhv/openssl. This allows a user of the application to tamper with the certificate which would render server verification useless.

My suggestion is to add more fields to hssl_ctx_opt_t to allow using an in-memory certificate (byte buffer).

Similar issue: https://stackoverflow.com/questions/5052563