Introduce NUT "authconf" file support [#3329, #3411]

[jimklimov]

Starting with a PoC from AI, slightly modified (20%?) in review, following the spec requested in the GitHub issue #3329, as a stepping stone for further work. Also address parts of issue #3411.

Let CI loose on this iteration that passes locally...

TODO:

• Stacking of config files as proposed in Feature request: more NUT clients should be SSL-capable with proper certificate trust and all, and should have a common way to configure that #3329
• Revise what data points we do want populated in upscli_authconf_t => added CERTHOST to the originally posted mix
• libupsclient API (upscli_init variant?) to use upscli_authconf_t struct instances directly. Refactor older methods as wrappers to this one?
  • Consider a method that parses our collection from upscli_get_authconf_list() to upscli_add_host_cert() and set up the one most applicable set of client identity data for that [user@host:port] combo => to be considered in NUT authconf: detect best client identity data for a connection #3493
• Add config-file permissions check for sensitive data, like in other cases (upsd.users etc.)
• Add a conf/... sample and docs/man/... page for nutauth.conf concept

UPDATE: During work on this, it was found that NSS CERTHOST support was actually broken, and only worked for certificates whose nicknames matched the host name, not the "My nut server" nickname as the example claimed for years. Fixed now.

UPDATE: During work on this, it was found that it may be troublesome for a single client to connect to multiple NUT data servers which would require different CA trust stores and/or client self-identification by certificates. To be investigated under #3494, not in scope here.

[github-actions]

A ZIP file with standard source tarball and another tarball with pre-built docs for commit 33afb88 is temporarily available: NUT-tarballs-PR-3435.zip.

[AppVeyorBot]

✅ Build nut 2.8.5.4693-master completed (commit 049a4d4c36 by @jimklimov)

• artifacts
• A 7-zip archive with built NUT for Windows debug binaries is temporarily available: NUT-for-Windows-x86_64-SNAPSHOT-2.8.5.4693-master.7z

[AppVeyorBot]

✅ Build nut 2.8.5.4693-master completed (commit 049a4d4c36 by @jimklimov)

[AppVeyorBot]

✅ Build nut 2.8.5.4694-master completed (commit c8f40b4384 by @jimklimov)

• artifacts
• A 7-zip archive with built NUT for Windows debug binaries is temporarily available: NUT-for-Windows-x86_64-SNAPSHOT-2.8.5.4694-master.7z

[AppVeyorBot]

✅ Build nut 2.8.5.4696-master completed (commit 25660e3752 by @jimklimov)

• artifacts
• A 7-zip archive with built NUT for Windows debug binaries is temporarily available: NUT-for-Windows-x86_64-SNAPSHOT-2.8.5.4696-master.7z

[AppVeyorBot]

✅ Build nut 2.8.5.4696-master completed (commit 25660e3752 by @jimklimov)

[AppVeyorBot]

✅ Build nut 2.8.5.4697-master completed (commit 9be8443368 by @jimklimov)

• artifacts
• A 7-zip archive with built NUT for Windows debug binaries is temporarily available: NUT-for-Windows-x86_64-SNAPSHOT-2.8.5.4697-master.7z

[AppVeyorBot]

❌ Build nut 2.8.5.4698-master failed (commit be4347c9c5 by @jimklimov)

• artifacts (if any)

[AppVeyorBot]

❌ Build nut 2.8.5.4698-master failed (commit be4347c9c5 by @jimklimov)

[AppVeyorBot]

❌ Build nut 2.8.5.4699-master failed (commit 1d80027d90 by @jimklimov)

• artifacts (if any)

[AppVeyorBot]

✅ Build nut 2.8.5.4700-master completed (commit 8a8a16fc63 by @jimklimov)

• artifacts
• A 7-zip archive with built NUT for Windows debug binaries is temporarily available: NUT-for-Windows-x86_64-SNAPSHOT-2.8.5.4700-master.7z

[AppVeyorBot]

✅ Build nut 2.8.5.4700-master completed (commit 8a8a16fc63 by @jimklimov)

[AppVeyorBot]

✅ Build nut 2.8.5.4701-master completed (commit 40e1ff94b4 by @jimklimov)

• artifacts
• A 7-zip archive with built NUT for Windows debug binaries is temporarily available: NUT-for-Windows-x86_64-SNAPSHOT-2.8.5.4701-master.7z

[AppVeyorBot]

❌ Build nut 2.8.5.4702-master failed (commit 34ad7de24e by @jimklimov)

• artifacts (if any)

[AppVeyorBot]

❌ Build nut 2.8.5.4702-master failed (commit 34ad7de24e by @jimklimov)

[AppVeyorBot]

❌ Build nut 2.8.5.4839-master failed (commit 7e0076e743 by @jimklimov)

• artifacts (if any)

[AppVeyorBot]

❌ Build nut 2.8.5.4839-master failed (commit 7e0076e743 by @jimklimov)

[jimklimov]

At this point the PR should be roughly feature-complete for the C library and in-tree clients, including nut-scanner and dummy-ups.

Testing would be most welcome, there are probably edge cases (especially for clients that handle numerous connections, even if they do not try to put on different hats for different servers per #3494) not yet encountered.

Other language bindings to follow in a separate PR, probably - still cooking.

[AppVeyorBot]

❌ Build nut 2.8.5.4860-master failed (commit c8a394b442 by @jimklimov)

• artifacts (if any)

[AppVeyorBot]

❌ Build nut 2.8.5.4860-master failed (commit c8a394b442 by @jimklimov)

[AppVeyorBot]

❌ Build nut 2.8.5.4861-master failed (commit cfd77aac1e by @jimklimov)

• artifacts (if any)

[AppVeyorBot]

❌ Build nut 2.8.5.4862-master failed (commit 7b4951cfbd by @jimklimov)

• artifacts (if any)

[AppVeyorBot]

❌ Build nut 2.8.5.4864-master failed (commit 7b4951cfbd by @jimklimov)

• artifacts (if any)

[AppVeyorBot]

❌ Build nut 2.8.5.4864-master failed (commit 7b4951cfbd by @jimklimov)