[uAMQP] https proxy support (proxy + tlsio) in C module

[yunhaoling]

This is spawned from the issue: #16304 to better track the working progress.

tasks:

• add https proxy support in the azure c shared utility: tlsio support for http proxy io azure-c-shared-utility#512
  • minimum prototype implementation
  • design
  • unit test
  • E2E test
• adapt the support into the cython layer
• adapt the support into the python layer

proxy tool:

• proxy.py only supports proxy server certificate, it doesn't support client authentication
• would need nginx/squid proxy server for mutual authentication

progress made (tested with proxy.py):

• allowing to tlsio to use http proxy io as the underlying io
• allowing to set http proxy io trustedCertificate/x509certificate/x509privateKey)
• http proxy io could establish the tunnel to the host (HTTP CONNECT returns response code 200) with proxy server trustedCertificates (no x509certificate and x509privateKey)

[yunhaoling]

have a workable PR out: Azure/azure-uamqp-python#232

api shape would be

# proxy host name
proxy_hostname = "<host_name>"
# proxy port
proxy_port = 443
# proxy server certificate, a single file path
proxy_verify = r"<server_cert.pem>"
# client side certificate and private key, a tuple of both files’ paths
proxy_cert = (r"<client_cert.pem", r"<client_private_key.pem>")


HTTP_PROXY = {
    'proxy_hostname': proxy_hostname,
    'proxy_port': proxy_port,
    "proxy_verify": proxy_verify,
    "proxy_cert": proxy_cert
}

producer_client = EventHubProducerClient.from_connection_string(
    conn_str=CONNECTION_STR,
    eventhub_name=EVENTHUB_NAME,
    http_proxy=HTTP_PROXY
)

consumer_client = EventHubConsumerClient.from_connection_string(
    conn_str=CONNECTION_STR,
    consumer_group='$Default',
    eventhub_name=EVENTHUB_NAME,
    http_proxy=HTTP_PROXY,
    logging_enable=True
)

---

to set up a proxy with e2e encryption between client and the proxy server, check the commit here:
yunhaoling/proxy.py@7c7b561
(I use the open source project proxy.py and change some code to enable client side validation)

[yunhaoling]

prototype is available here: https://github.com/yunhaoling/uamqp-tls-proxy-prototype

[yunhaoling]

API in requests:

https://docs.python-requests.org/en/latest/user/advanced/#ssl-cert-verification
https://docs.python-requests.org/en/latest/user/advanced/#client-side-certificates

source code: https://github.com/psf/requests/blob/master/requests/api.py#L16-L47
certificates related api shape:

'''
    :param verify: (optional) Either a boolean, in which case it controls whether we verify
            the server's TLS certificate, or a string, in which case it must be a path
            to a CA bundle to use. Defaults to ``True``.
    :param cert: (optional) if String, path to ssl client cert file (.pem). If Tuple, ('cert', 'key') pair.
'''
requests.get('https://kennethreitz.org', verify='/path/to/certfile', cert=('/path/client.cert', '/path/client.key'))

[yunhaoling]

uamqp PR out for c module update: Azure/azure-uamqp-python#232