BUG/MEDIUM: ssl: cipher order for prefer-client-ciphers and < TLS 1.3

BUG/MEDIUM: ssl: cipher order for prefer-client-ciphers and < TLS 1.3

In ticket #2988, the "prefer-client-ciphers" feature does not work
correctly anymore with RSA+ECDSA configuration on the same bind.
Indeed, since we removed the RSA+ECDSA SSL_CTX to use a RSA SSL_CTX + an
ECDSA SSL_CTX separatly which is chosen by haproxy. The
SSL_OP_CIPHER_SERVER_PREFERENCE OpenSSL flag is set on both SSL_CTX,
however it was never used to chose between RSA and ECDSA.

In order to fix this, the order of the first usable RSA and ECDSA cipher
presented by the client is saved in has_rsa_sig and has_ecdsa_sig.

When BC_SSL_O_PREF_CLIE_CIPH is set, we check the position of the rsa
and ecdsa in order to chose the certificate. More parameters should be
checked to fallback from an impossible ECDSA handhshake to rsa. (curves
etc.)

This mostly fixes the issue in the case of <= TLS 1.2, but for TLS 1.3
another workaround must be done with the signature algorithms instead of
the cipher.

This must be backported in every stable branches, but this is a little
bit sensible and need a bit of testing before.