Support using the system version of brotli (#66462)
This is mainly motivated by the March 2022 release of .NET 5. .NET 5 was
found to be vulnerable to CVE-2020-8927, which was caused by the older
version of brotli built into .NET. .NET was vulernable even in
environments where a system-wide version of brotli was present and had
already received fixes for this CVE. We could have avoided a Remote Code
Execution vulnerability in such environments by using the system's
version of brotli.
This is similar to the existing support for disabling distro-agnostic
OpenSSL (except no OpenSSL is embedded) and using the system libunwind
(a copy of libunwind is embedded this repo).
One small twist is the presence of entrypoint verification. In a
system-brotli build, the verification fails, because the built library,
libSystem.IO.Compression.Native.so, doesn't include the symbols for
Brotli. Those symbols are instead used from the system brotli libraries.