Add RFC 5929 channel binding support for SSPI client

[Chrizpy]

This PR relates to: alexbrainman/sspi#18
This PR should also not be merged before above PR is merged since it is strictly dependant on those changes.

In newer microsoft active directory versions, channel binding token is on by default, causing clients to fail to authorize.
These changes gives an option to enable the security context to be updated with a channel binding token.

I have tested manually against active directory servers that have this feature on and off, and after these changes along with above PR, I was able to connect and authorize as usual.

It is hard to write tests for things like this that talks to the operating system, but any pointers to how I can improve my tests would be appreciated, otherwise I hope this us up to the standard of the lib in general.

[cpuschma]

I'm currently on vacation and don't have quick access to an Active Directory to test this. I will once I'm back or find the time to set up an AD quickly myself. I would appreciate it if others would review the changes and provide feedback 😄

[Chrizpy]

Alex merged in alexbrainman/sspi#18 now, so I have updated the go.mod accordingly.

For anyone wanting to play around with this, microsoft has a support page where they describe what registry entry and values that configurates the active directory server to use channel binding tokens.

Before the changes in this PR and the one in the sspi package, I had to set this value to 0 to get my ldap requests to work again.

[cpuschma]

LGTM.
Thank you for your PR ❤️

[Neustradamus]

@Chrizpy: Good job, thanks for your work!

Can you look to add "tls-server-end-point" in golang/go directly?

Can you look to add "tls-exporter" too?

• RFC 9266: Channel Bindings for TLS 1.3: tls-exporter support #392
• proposal: crypto/tls: implement RFC 9266: Channel Bindings for TLS 1.3: tls-exporter support golang/go#54103

Thanks in advance.

Linked to:

• Channel Binding: State of Play scram-sasl/info#1
• SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) + SCRAM-SHA3-512(-PLUS) supports #391
• RFC 9266: Channel Bindings for TLS 1.3: tls-exporter support #392
• Add RFC 5929 channel binding support for SSPI client #565
• https://github.com/search?q=repo%3Ago-ldap%2Fldap+tls-server-end-point&type=code
• Add channel binding support to SSPI context updates alexbrainman/sspi#18

In more:

• https://github.com/golang-auth/go-channelbinding
• golang/go@fce6388
• proposal: crypto/tls: implement RFC 9266: Channel Bindings for TLS 1.3: tls-exporter support golang/go#54103
• proposal: crypto/tls: implement RFC 5929: Channel Bindings for TLS: tls-server-end-point support golang/go#65047
• Add support for accessing tls-unique channel binding value. google/conscrypt#388
• RFC 9266: Channel Bindings for TLS 1.3: tls-exporter support google/conscrypt#1078
• RFC 5929: Channel Bindings for TLS: tls-server-end-point support google/conscrypt#1411
• https://github.com/search?q=repo%3Axmppo%2Fgo-xmpp+tls-unique&type=code
• https://github.com/search?q=repo%3Axmppo%2Fgo-xmpp+tls-server-end-point&type=code
• https://github.com/search?q=repo%3Axmppo%2Fgo-xmpp+tls-exporter&type=code
• SCRAM: Add support for tls-server-end-point channel binding. xmppo/go-xmpp#177
• Tls-server-end-point improvements. xmppo/go-xmpp#178