Add support for OpenSSL3+ URIs (via serf)

[minfrin]

• Adds the config option ssl-client-cert-uri to specify the URI of a certificate store.

• OpenSSL URIs point at files, or pkcs11 smartcards, or TPMs, or native platform certificate stores.

• Maintains existing ssl-client-cert-file as fallback.

• Depends on Support OpenSSL3 providers / cert store URLs serf#8

• Example configuration:

[apachegroup]
ssl-trust-default-ca = yes
ssl-client-cert-uri = /home/minfrin/.my-cert.p12
ssl-client-cert-password = supersecret

• Smartcard example:

[apachegroup]
ssl-trust-default-ca = yes
ssl-client-cert-uri = pkcs11:token=Venus%20%28Smartcard%20PIN%29;
ssl-client-cert-password-prompt = yes

[dsahlberg-apache-org]

Please note that the build failures are somewhat expected since the code depends on features from apache/serf#8. Let's work with Serf to get it merged, it is on my todolist for the weekend to review.

Anyway, we need to protect the code above with #ifdefs if Subversion isn't built with a compatible Serf.

[minfrin]

Please note that the build failures are somewhat expected since the code depends on features from apache/serf#8. Let's work with Serf to get it merged, it is on my todolist for the weekend to review.

Anyway, we need to protect the code above with #ifdefs if Subversion isn't built with a compatible Serf.

I think I figured out the magic autoconf and magic cmake to detect the symbol, the builds are both good. The failed builds are all what appear to be unrelated test failures.

[minfrin]

apache/serf#8 has landed in serf, this patch should work against trunk.