git: Always check fetched objects for consistency

Enable object verification when fetching and receiving objects. While the latter is not new given that configuration of downstream distributions already enables it, this moves ownership of that setting into Gitaly. The former change of allowing verification for fetches covers usecases where Gitaly is fetching objects into mirrors or updates object pools and stops corrupt or malign objects from being accepted into repositories.

If mirroring a repository, then we'd now break if the remote repository has corrupt objects, and similar for object pools and their primary member. While this could be seen as a bug, git-fsck(1) nowadays also includes checks to detect malign objects which are known to allow for adverse behaviour. It is thus an important safety guard to protect against an adversary sneaking in corrupt objects into mirrors via their remote or into repository forks via the object pool. In case this is causing problems, the route to go would thus be to ignore some of the benign fsck checks like we already do for bad timezone checks.