Ship TlsFilter sample as new Kestrel middleware

[Tratcher]

https://github.com/microsoft/reverse-proxy/blob/f3c5a14e005b0adf247c3ca34fe45c88c87530c2/testassets/ReverseProxy.Direct/TlsFilter.cs

Background:
This sample shows how to intercept TLS handshakes and do efficient filtering for supported protocols, hosts, ciphers, etc. However, it uses non-trivial pipelines code that's difficult for our customers to work with.

Proposal:
Ship an in-box kestrel connection middleware that sniffs the handshake and stores the TLS details as a feature on the connection context. The customer can then have a much simpler middleware after to enforce their policies.

Features:

• Configurable timeout for receiving the full ClientHello. Compare to https://github.com/dotnet/aspnetcore/blob/542da423ff3394e86fd7608fc425fadd33ba3fd9/src/Servers/Kestrel/Core/src/HttpsConnectionAdapterOptions.cs#L17
• Stores TLS details in a feature on the connection context.
• Logs and rejects invalid handshakes
• Do we want a callback that takes the TLS details and decides what to do with them? That way they don't have to write another middleware.