Add libpq connection parameter "scram_channel_binding"

This parameter can be used to enforce the channel binding type used
during a SCRAM authentication.  This can be useful to check code paths
where an invalid channel binding type is used by a client and will be
even more useful to allow testing other channel binding types when they
are added.

The default value is tls-unique, which is what RFC 5802 specifies.
Clients can optionally specify an empty value, which has as effect to
not use channel binding and use SCRAM-SHA-256 as chosen SASL mechanism.

More tests for SCRAM and channel binding are added to the SSL test
suite.

Author: Author: Michael Paquier <michael.paquier@gmail.com>

doc/src/sgml/libpq.sgml

@@ -1222,6 +1222,30 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname
       </listitem>
      </varlistentry>
 
+     <varlistentry id="libpq-scram-channel-binding" xreflabel="scram_channel_binding">
+      <term><literal>scram_channel_binding</literal></term>
+      <listitem>
+       <para>
+        Specifies the channel binding type to use with SCRAM authentication.
+        The list of channel binding types supported by server are listed in
+        <xref linkend="sasl-authentication"/>.  An empty value specifies that
+        the client will not use channel binding.  The default value is
+        <literal>tls-unique</literal>.
+       </para>
+
+       <para>
+        Channel binding is only supported on SSL connections.  If the
+        connection is not using SSL, then this setting is ignored.
+       </para>
+
+       <para>
+        This parameter is mainly intended for protocol testing.  In normal
+        use, there should not be a need to choose a channel binding type other
+        than the default one.
+       </para>
+      </listitem>
+     </varlistentry>
+
      <varlistentry id="libpq-connect-sslmode" xreflabel="sslmode">
       <term><literal>sslmode</literal></term>
       <listitem>