The ssl context may be used for connect_with_ssl.

When tls_own_key is not configured the configured ssl_ctx is used, by
default this is the default client ssl_ctx, just as before.

Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>

When a valid hostname is not available it's better to fail early with
a useful error message rather than letting the connection go on and
letting OpenSSL fail with an undecipherable message.

Note that the "hostname" parameters are strings and don't have to be
hostnames, they can be IPs as well when using cohttp. Ideally these
should be a union type of domain names and ip addresses for better
clarity, but this would be a breaking change.

Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>

This is not exposed currently to the user, so there is no change in
functionality.

This allows clients to turn on and off hostname and ip verification in
the remote cert independently in the unusual case where it's needed by
changing the default in the library.

Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>

The only options allowed are whether the hostname or the IP are used to
validate the remote host's certificate

Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>

Now the SNIs is only sent when there's a domain name, as this is the
only type of server names allowed by the RFC

Additionally IP verification for the peer certificate can be enabled if
needed

Signed-off-by: Pau Ruiz Safont <pau.ruizsafont@cloud.com>

Signed-off-by: Pau Ruiz Safont <pau.ruizsafont@cloud.com>