fix(mobile): Remote video playback and asset download on Android with mTLS

[rovo89]

Description

This PR adds support for remote video playback and asset download on Android for servers which have a self-signed certificate or require a client certificate (mTLS). Some discussions about this topic can be found in #15230.

The underlying problem is that these parts of the app don't use Dart's HTTPS client, but the native one, which obviously doesn't care about the HttpOverride. This (Android-only) implementation does a similar thing though by setting the default SSL context for the native sockets.

iOS will need a similar plugin, but I have neither a device nor any knowledge to implement and test that.

How Has This Been Tested?

I've configured my nginx reverse proxy to require mTLS and it's working fine with that. Further tests to be done for self-signed certificates and "normal" setups.

Checklist:

• I have performed a self-review of my own code
• I have made corresponding changes to the documentation if applicable
• I have no unrelated changes in the PR.
• I have confirmed that any new dependencies are strictly necessary.
• I have written tests for new code (if applicable)
• I have followed naming conventions/patterns in the surrounding code
• All code in src/services uses repositories implementations for database calls, filesystem operations, etc.
• All code in src/repositories/ is pretty basic/simple and does not have any immich specific logic (that belongs in src/services)

[github-actions]

Label error. Requires exactly 1 of: changelog:.*. Found: 📱mobile. A maintainer will add the required label.

[rovo89]

I have added code to accept self-signed certificates (if enabled), including the check to do that only for the Immich server host. Haven't tested it against a server with self-signed certificate yet, but verified that the callbacks are executed and go into the right branch.