sslutil: check for ui.insecureconnections in sslkwargs
The end result of this function is the same. We now have a more
explicit return branch.
We still keep the old code looking at web.cacerts=! a few lines
below because we're still setting web.cacerts=! and need to react
to the variable. This will be removed in an upcoming patch.
ui: add an instance flag to hold --insecure bit
Currently, when --insecure is used we set web.cacerts=! and
socket validation takes this value into account. web.cacerts=!
is not documented AFAICT and is purely an internal implementation
detail.
Let's be more explicit about what is going on by introducing a
dedicated variable outside of the config values to track that
--insecure is used.