pex: add support for figuring out the external data port via STUN servers

pex: add support for figuring out the external data port via STUN servers

When establishing a direct connection on the auth/PEX port via DHT, both sides
need to know the externally mapped data port number in order to establish a
wireguard connection.
If there is an existing data connection, the port can be queried via PEX
over the tunnel. If that is not available, an external public server is needed
in order to poke a hole in the NAT. The easiest way to do this is to use
STUN, since there are a lot of public servers available.

The servers can be configured via the network data, based on the assumption,
that an auth exchange with network data update can be done directly

Signed-off-by: Felix Fietkau <nbd@nbd.name>