Change gnutls certificate_file processing and interactive prompts.
Accept a saved cert at any point in the chain, except for those revoked or with invalid dates. The INSECUREALG processing was a bit goofed up. It was skipping the prompt for every chain except the host, and was only displaying an error for entry 1 (the host being 0, root being len-1). Instead prompt at any point, and display a warning as with the other errors. Add a CERTERR_OTHER type to capture other bits. Recently GnuTLS has added additional certificate_status_t types. We may want to improve the prompts in the future for those, but for now at least make sure it's recorded in certerr.
Showing with 28 additions and 49 deletions