Add configurable and extendable ssl options

[sammyolo]

Add SSL Options support

This PR adds support for configuring SSL options in pog, starting with Server Name Indication (SNI) support.
As mentioned: #51

Changes

• Added new SslOptions type to handle SSL-specific configurations
• Implemented SNI support with an sni_enabled flag (default: True)
• Added ssl_options function to configure SSL options
• Updated documentation with SSL options usage and examples
• Refactored SSL handling in the Erlang FFI to support configurable options

Example

import pog

pub fn connect() {
  pog.default_config()
  |> pog.ssl(pog.SslVerified)
  |> pog.ssl_options(pog.SslOptions(sni_enabled: True))
  |> pog.connect
}

The changes improve SSL connection handling by making it more configurable and secure by default, particularly for scenarios involving virtual hosting or multi-domain SSL certificates.

Note to maintainer(s):
Please let me know if this makes sense to you or you'd like to see it differently. I thought this could be an extendable way of adding options.
It is also possible to give people the option to chose the host instead of a bool, however I've yet to find a reason why you'd ever want to use a different host for sni than the host you are connecting to.
I'm very much a beginner of gleam or functional languages in general.
I have 0 experience with erlang. So keep this in mind if you have comments.
Ran all tests succesfully with gleam test. However there are currently no tests for anything Ssl related.

[lpil]

Thank you! I've left a note below about the configuration design.

[lpil]

I think having this be not-part of the Ssl type makes it possible to have invalid configuration. That is, you can disable SSL and enable SNI, but as I understand it that is not actually possible.

[sammyolo]

True! Right now it would just ignore it. I could add a runtime validation on it? Or would you like me to try out some types magic to get this covered?

Edit: Nvm, I see you want it to be part of the Ssl type.
This would be a breaking change though (i think), is that a problem?

[sammyolo]

Thank you! I've left a note below about the configuration design.

Made the changes accordingly, hope this looks more to your liking.

The thing im a little wary of in this implementation is that it forces people to understand what sni is and make the choice or have to dive into what it is in order to know wether to put this on true or false.

I'd personally prefer it more if it is taken care of in best practice unless specified otherwise. If you have any idea how to make that happen, let me know.

Another option would be something like this:

pub opaque type Ssl {
  SslVerified(sni_enabled: Bool)
  SslUnverified(sni_enabled: Bool)
  SslDisabled
}

/// ...

pub fn ssl(config: Config, ssl: Ssl) -> Config {
  Config(..config, ssl:)
}

pub fn ssl_verified(sni_enabled: Option(Bool)) -> Ssl {
    case sni_enabled {
        option.None -> SslVerified(sni_enabled: True)
        option.Some(se) -> SslVerified(sni_enabled: se)
    }
}


pub fn ssl_unverified(sni_enabled: Option(Bool)) -> Ssl {
    case sni_enabled {
        option.None -> SslUnverified(sni_enabled: True)
        option.Some(se) -> SslUnverified(sni_enabled: se)
    }
}

pub fn ssl_disabled() -> Ssl {
    SslDisabled
}

In this case you would be able to use

|> pog.ssl(pog.ssl_unverified())

Without manually setting any ssl options, wdyt?

[lpil]

Lovely!! Thank you!

[lpil]

Oops sorry, I was too hasty. Few tiny notes inline

[lpil]

Can you add a note saying it's recommended to set this to true please

[lpil]

Does it default to true? How is that?

[sammyolo]

I think that was my original plan but realised default are not that simple in Gleam, I'll remove it, good catch

[lpil]

Document the sni_enabled property and recommend to set this to true please 🙏

[lpil]

Document the sni_enabled property and recommend to set this to true please 🙏