Add TLS support via Rustls

[togglebyte]

Add a feature flag to enable TLS, and two additional feature flags for native and bundled certs.

The ergonomics are open for discussion.

[dnaka91]

I'll take this and build a basic implementation. Then we can decide on the details of the API later. Can you assign me to this?

Here's a short outline of what I plan to implement as a first step:

• Server side:
  • Does need a way to pass certificate and private key.
  • Need extra API to allow users to pass their own rustls::ServerConfig, to be able to adjust every little detail if wanted.
  • I don't think we need to provide wrappers around rustls::ServerConfig, just allow to pass it in, together with the cert + key. And use the default config if only passing cert + key.
• Client side:
  • Need a way to allow for about 3 scenarios:
    • Server has a valid certificate (like Let's Encrypt) and user wants to use the bundled Mozilla root certs.
    • Valid cert again, but user wants to use the OS certificate store for root certs.
    • Certificate is self-signed or in any way not valid (like not signed by the default root certs), so the user wants to pass their own root cert or disable validation.
    • And any combination of the above 3.
  • Use feature flags to optionally enable the bundled or native certs, as you already mentioned.
• Probably the whole TLS feature should be optional and made available through a feature flag, as it pulls in quite many dependencies.

[dnaka91]

@togglebyte this is on the main branch already for a while (added in #13) so I think we can close this.