add ssl patches to nginx-1.25 image for coroutines to work in lua client hello and cert ssl blocks

[grounded042]

What this PR does / why we need it:

In #11037 the base image was changed from registry.k8s.io/ingress-nginx/nginx to registry.k8s.io/ingress-nginx/nginx-1.25. This removed many patches to nginx which were previously included from the https://github.com/kubernetes/ingress-nginx/tree/main/images/nginx/rootfs/patches directory. One patch in specific is needed so coroutines can work in ssl_certificate_by_lua* directives: nginx-1.21.4-ssl_cert_cb_yield.patch.

In addition to this patch, there exists two patches to nginx in openresty which enables coroutines to work in ssl_client_hello_by_lua* directives: nginx-1.21.4-ssl_sess_cb_yield.patch and nginx-1.21.4-ssl_client_hello_cb_yield.patch. The former is needed in order to apply the later, but what's patched in the former would only help us if ingress-nginx built against OpenSSL 1.1.1 and applied the OpenResty patch from https://openresty.org/en/openssl-patches.html

This PR adds these missing patches to the nginx-1.25 base image.

Types of changes

• [X] Bug fix (non-breaking change which fixes an issue)
• [ ] New feature (non-breaking change which adds functionality)
• [ ] CVE Report (Scanner found CVE and adding report)
• [ ] Breaking change (fix or feature that would cause existing functionality to change)
• [ ] Documentation only

Which issue/s this PR fixes

How Has This Been Tested?

I tested this locally via a simple nginx configuration. Before adding in the needed patches the ssl_client_hello_by_lua_block and ssl_certificate_by_lua_block would cause errors during SSL_connect (eg. OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to localhost:443). After the patches were added no errors would occur.

error_log stderr info;

events {}
http {
	access_log stdout;

	# use docker embedded DNS
	resolver 127.0.0.11;

	server {
		listen 80;
		listen 443 ssl;

		ssl_certificate     /certs/rsa.crt;
		ssl_certificate_key /certs/rsa.key;

		ssl_client_hello_by_lua_block {
			ngx.log(ngx.INFO, "running: ssl_client_hello_by_lua_block")
			
			local http = require("resty.http")
			local httpc = http.new()
			httpc:set_timeout(1000)

			local res, err = httpc:request_uri("http://sidecar:8945", {
			  method = "GET",
			})
			if not res then
			  ngx.log(ngx.ERR, "client hello sidecar request failed: ", err)
			  return
			end
			
			ngx.log(ngx.INFO, "client hello sidecar request worked. got status code: ", res.status)
		}

		ssl_certificate_by_lua_block {
			ngx.log(ngx.INFO, "running: ssl_certificate_by_lua_block")
			
			local http = require("resty.http")
			local httpc = http.new()
			httpc:set_timeout(1000)

			local res, err = httpc:request_uri("http://sidecar:8945", {
			  method = "GET",
			})
			if not res then
			  ngx.log(ngx.ERR, "cert sidecar request failed: ", err)
			  return
			end
			
			ngx.log(ngx.INFO, "cert sidecar request worked. got status code: ", res.status)
		}

		location / {
			return 200 'hello, world';
		}
	}
}

Checklist:

• [ ] My change requires a change to the documentation.
• [ ] I have updated the documentation accordingly.
• [X] I've read the CONTRIBUTION guide
• [ ] I have added unit and/or e2e tests to cover my changes.
• [X] All new and existing tests passed.