Enforce consistent minimum crypto security level across GnuTLS and OpenSSL builds
Currently, the minimum crypto security level is crypto library-dependent and very permissive (e.g. GnuTLS allows MD5-signed client certs, while OpenSSL v1.1.0 doesn't).
We should continue to provide
openconnect_set_allow_insecure_crypto as an escape hatch for users to override and allow weaker crypto. This is important for use cases like #21 (closed), #83 (closed), #103 (closed), LP #1867184, #132 (servers are old and use obsolete crypto and the user can't do anything about it).