call_legacy_cert_cb1 doesn't work when no certificates are returned by legacy_cert_cb1

This bug was introduced in 9829ef9a (I think) and appears in version 3.6.3.

When the legacy callback returns no certificates (st2.ncerts == 0, st2.cert == NULL), alloc_and_load_x509_certs returns NULL on line 397 in lib/cert-cred.c. This makes the function return GNUTLS_E_MEMORY_ERROR, which is then transformed to GNUTLS_E_USER_ERROR by call_cert_get_callback.

glib-networking 2.56 seems to always provide a callback for client connections, so this should break quite a lot.

Sorry if I'm slow to respond, my email client doesn't provide a client certificate, and I can't check my email.