Add network-specific config for cert validation

Added the following two network-specific configuration options that can
be changed via controlpanel or webadmin:

* TrustAllCerts: Will trust ALL certificates when enabled, effectively
  disabling TLS certificate validation.
  Default value: false
* TrustPKI: Whether or not to trust PKI-valid certificates. Setting this
  to false will make znc trust only trusted certificates added by the
  user.
  Default value: true

With default values, behavior is exactly the same as before.

This is based on the work of Roelf Wichertjes. See YourBNC/znc@5c747598.

See znc/znc#866.

modules/data/webadmin/tmpl/add_edit_network.tmpl

@@ -73,6 +73,18 @@
 						<label for="doconnect_checkbox"><? FORMAT "Connect to IRC &amp; automatically re-connect" ?></label></div>
 				</div>
 
+				<div class="subsection">
+					<div class="inputlabel"><? FORMAT "Trust all certs:" ?></div>
+					<div class="checkbox"><input type="checkbox" name="trustallcerts" id="trustallcerts_checkbox"<? IF TrustAllCerts ?> checked="checked"<? ENDIF ?> />
+						<label for="trustallcerts_checkbox"><? FORMAT "Disable certificate validation (takes precedence over TrustPKI). INSECURE!" ?></label></div>
+				</div>
+
+				<div class="subsection">
+					<div class="inputlabel"><? FORMAT "Trust the PKI:" ?></div>
+					<div class="checkbox"><input type="checkbox" name="trustpki" id="trustpki_checkbox"<? IF TrustPKI ?> checked="checked"<? ENDIF ?> />
+						<label for="trustpki_checkbox"><? FORMAT "Setting this to false will trust only certificates you added fingerprints for." ?></label></div>
+				</div>
+
 				<div class="subsection half" id="servers_plain">
 					<div class="inputlabel"><? FORMAT "Servers of this IRC network:" ?></div>
 					<div><textarea name="servers" cols="70" rows="5" id="servers_text"><? LOOP ServerLoop ?><? VAR Server ?>