Add support for SASL EXTERNAL

[progval]

Closes GH-246.

Tested on Ergo.Chat.

This might be a little confusing, as it requires a method configured in the user section of the config, and the certificate configured in the server section. (Though it works with only the latter on some servers, but this is called CertFP, not SASL EXTERNAL.)

I was not able to do otherwise without refactoring all the configuration handling.

Additionally, the reason for adding this new server->certificate field is that this is a TLS cert, not an ECDSA cert like the existing user->certificate field. (btw, ECDSA authentication is deprecated by IRCv3 (including the original author))

[ljrk0]

I can successfully login with this code, however the GUI "login method" dropdown doesn't seem to be updated yet. Also, I cannot join channels, but this may be due to the non-standard setup of the specific internal server.

[progval]

however the GUI "login method" dropdown doesn't seem to be updated yet.

Indeed, I forgot. Done.

Also, I cannot join channels

Yeah, doesn't seem related

[ljrk0]

Great work, thanks for digging into this!

[SilverRainZ]

The client_cert name is coufusing, how about rename the login_cert to ecdsa_cert and this to another better name? such as sasl_external_cert?

[progval]

I agree, but I wanted to keep the names here consistent with the name already in use in the config for ecdsa. Should I also change login.certificate to something like login.ecdsa_certificate?

[SilverRainZ]

Yes, we can add a new confval like login.ecdsa_certificate, but keep it compatible with the old login.certificate confval.

[SilverRainZ]

I thinks this is why we have to configure cert in server section? Keep status quo is fine. We can expose a SIRC_EVNET in future.