feat(socket) exposes TLS protocol encryption version

[jeremymv2]

Allows changing the TLS encryption version.

The underlying luasec library allows for setting the encryption protocol to 'any' [1]. When set as such, the client negotiates the highest encryption protocol available. This any protocol version setting is widely in use in the luasec repository [2].

In my testing, when any is set, it resulted in TLSv1.2 being utilized for the conneciton. While I expected TLSv1.3 to be utilized, after some research, I discovered that JDK 8 has had TLSv1.3 support backported to it but TLSv1.3 is not enabled by default and requires extra configuration when starting the JVM [3]. Thus in practice TLSv1.3 probably wouldn't be enabled very often for Cassandra until a later version of JDK is supported.

Partially implements #106

[1] - https://github.com/brunoos/luasec/blob/711a98b7605ad87b521ba607024947113bc1f527/CHANGELOG#L101 [2] - https://github.com/brunoos/luasec/search?q=protocol+%3D+%22any%22 [3] - https://www.oracle.com/java/technologies/javase/8u261-relnotes.html#JDK-8145252

Signed-off-by: Jeremy J. Miller jeremy.miller@konghq.com

[jeremymv2]

Hold on review please. I'm going to implement this slightly differently.

[jeremymv2]

Pushed up changes. Ready for review now.

[thibaultcha]

@jeremymv2 Thank you! I manually merged the patch in d742d5c with one functional change: renaming the Host and Cluster options from encryption_protocol to ssl_protocol. Also noting here that https://github.com/thibaultcha/lua-resty-socket should receive this patch as well, although I do not recall if Kong itself indirectly depends on it or not. I'll try to push a v1.5.1 lua-cassandra in the next couple days. Thanks again!