sslutil: be less strict about which ciphers are allowed when using --insecure Python 3.10 restricted which ciphers are enabled by default, leading to no available ciphers for TLS < 1.2. When using the --insecure flag we allow old TLS, so also adjust the cipher list to give connections a chance to work. On the server side, also loosen the cipher selection in tests (when using the devel.serverexactprotocol option). Differential Revision: https://phab.mercurial-scm.org/D12489

cat >> $HGRCPATH <<EOF
[extensions]
narrow=
[experimental]
changegroup3 = True
EOF