Allow for the rustls client to be passed to the resolver

Currently the trust-dns-resolver uses a hardcoded rustls::ClientConfig
when build with the dns-over-rustls feature. this makes it impossible
to change the accepted root certificates and other properties of the
tls client.

This commit adds a new field to the NameServerConfig to optionally
pass a rustls::ClientConfig which get's used instead. The webpki-roots
store is used as the default fallback so existing implementations
should work as before.

A new type TlsClientConfig was added as a wrapper for
rustls::ClientConfig which doesn't implement the Debug, Eq & PartialEq
traits. This might become obsolete if rustls can provide the trait
implementations one day.

The custom rustls:ClientConfig can be set vía a set_tls_client_config
method which is defined on trust-dns-resolver::NameServerConfigGroup
and trust-dns-resolver::ResolverConf.

crates/resolver/src/tls/mod.rs

@@ -13,7 +13,7 @@ mod dns_over_rustls;
 
 cfg_if! {
     if #[cfg(feature = "dns-over-rustls")] {
-        pub(crate) use self::dns_over_rustls::new_tls_stream;
+        pub(crate) use self::dns_over_rustls::{new_tls_stream, CLIENT_CONFIG};
     } else if #[cfg(feature = "dns-over-native-tls")] {
         pub(crate) use self::dns_over_native_tls::new_tls_stream;
     } else if #[cfg(feature = "dns-over-openssl")] {