Be more strict about minimum DH prime size for TLS connections.

Be more strict about minimum DH prime size for TLS connections.

Since GnuTLS 3.1.7, this minimum size is dictated by the
priority string, and current (GnuTLS 3.3.0) "safe-enough"
value is 1008 bits. We set this minimum size explicitly
for older GnuTLS versions.

Users who are affected by this (their servers use DH prime
smaller than 1008 bits can override this by using priority
string starting with the keyword "LEGACY". This keyword
only works with GnuTLS 3.3.0 or newer, however.