upstream(core): Add default TLS to iota-tool with optional --no-tls flag

[jkrvivian]

Description of change

• Upstream range: [v1.49.2, v1.50.1)
• Port commit:
  • MystenLabs/sui@e204edf
• Description:

Adds an optional --no-tls flag to four iota-tool subcommands (locked-object, fetch-object, fetch-transaction, fetch-checkpoint) and threads a use_tls parameter through make_clients / get_transaction_block / check_locked_object, so callers can opt out of TLS when connecting to the validator interface.

Note: this fork already enabled TLS by default in make_clients (no upstream TODO: Enable TLS block).

Links to any relevant issues

Part of #11322

How the change has been tested

• Basic tests (linting, compilation, formatting, unit/integration tests)
• Patch-specific tests (correctness, functionality coverage)
• I have added tests that prove my fix is effective or that my feature works
• I have checked that new and existing unit tests pass locally with my changes

Release Notes

• Protocol:
• Nodes (Validators and Full nodes): iota-tool now connects to the validator interface over TLS by default; pass --no-tls to fall back to plain HTTP on locked-object, fetch-object, fetch-transaction, and fetch-checkpoint.
• Indexer:
• JSON-RPC:
• GraphQL:
• CLI:
• Rust SDK:
• gRPC:

[semenov-vladyslav]

Suggested change

	.connect_lazy(&net_addr, use_tls.then_some(tls_config))
	.connect_lazy(&net_addr, use_tls.then(|| {
	iota_tls::create_rustls_client_config(
	iota_types::crypto::NetworkPublicKey::from_bytes(
	&committee_member.network_pubkey_bytes,
	)?,
	iota_tls::IOTA_VALIDATOR_SERVER_NAME.to_string(),
	None,
	)
	}))

Lazily create tls config only if it is needed.

[muXxer]

I would skip that one, it is reverted in 633ebf9757c43f0b8461e85b8da77c417510f701.