Optional verification of hostnames in TLS certificates

Summary

This PR adds a "verify_hostname" modparam to TLS domains in tls_mgm, which turns on OpenSSL verification of hostnames when connecting to TLS servers. The option is off by default, which leaves the default behaviour unchanged.

Details

Without verifying hostnames, it is almost completely pointless to verify TLS certificates at all*, because anyone can get a valid TLS certificate very easily (e.g. from LetsEncrypt). The point of verifying the hostname is so that you know you're speaking to the correct peer.

Prior to this PR, OpenSIPS did not support verification of hostnames in TLS certificates.

(* unless you are running a custom CA, in which case you can of course make sure that your CA only issues certificates to people you trust)

Solution

The main complication with this was how to let tls_openssl know what hostname it is trying to connect to. Mostly IP addresses were passed around inside OpenSIPS with union sockaddr_unions. I have turned this into struct sockaddr_union_struct, with an extra char hostname[256] field. This means when OpenSIPS is passing IP addresses around, they keep the hostname attached to them.

Compatibility

The main downside is that there is an increase in memory usage of 256 bytes per instance of struct sockaddr_union_struct.

I did not check that all of the modules compile, so it is likely that some modules that I'm not using do not compile any more, so this PR is probably not ready to merge straight away. Where a piece of code tries to access a field of union sockaddr_union, that needs to change to go through the struct (e.g. foo.sin => foo.u.sin). Nothing else needs to change.

If this PR is likely to be accepted, I am happy to go through all the modules and fix them.

Closing issues

Closes #3064.