azcore: add support for dropping to HTTP/1 and/or TLS renegotiation in the default transport policy

[jhendrixMSFT]

Some endpoints don't support HTTP/2 and/or require TLS renegotiation to be enabled. We can update the default transport policy to detect when these are required and react accordingly.

[jhendrixMSFT]

One place where this might get squirrely is callers provider a custom transporter (e.g. httptrace) which would remove this logic. In that case, clients would then be broken. We might need to export this policy so that callers can wrap it with a tracing implementation as needed.

[RickWinter]

Adding a workaround that can be used to configure a custom http client until an official fix is available, Thanks @chlowell for providing

import (
       "crypto/tls"
       "net/http"

       "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm"
       "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
)

opts := arm.ClientOptions{ClientOptions: policy.ClientOptions{
       Transport: &http.Client{
              Transport: &http.Transport{
                     TLSClientConfig: &tls.Config{
                           Renegotiation: tls.RenegotiateFreelyAsClient,
                     },
              },
       },
}}
client, err := armsubscription.NewSubscriptionsClient(cred, &opts)

[YoshicoppensE61]

There are multiple people still suffering from this in the issue mentioned above Azure/terraform-provider-azapi#184

[jhendrixMSFT]

After further investigation we've concluded that we will enable TLS renegotiation by default.

For HTTP/1.1, we will likely disable HTTP/2 upgrades for ARM clients only.

[jhendrixMSFT]

The HTTP/1.1 issue appears to be a red herring (bad URL was provided).

[jhendrixMSFT]

TLS renegotiation has been enabled in [email protected]