Fatal GnuTLS errors are now silent by default

Fixes: debbugs:16253

(emacs_gnutls_handle_error): Fatal errors should be on level 1, so
that they are not messaged by default.

etc/NEWS

@@ -310,6 +310,10 @@ plain text parts, if display of HTML email is possible; customize the
 ** In sh-mode, you can now use `sh-shell' as a file-local variable to
 specify the type of shell in use (bash, csh, etc).
 
+** TLS
+---
+*** Fatal TLS errors are now silent by default.
+
 ** URL
 
 *** The URL package accepts now the protocols "ssh", "scp" and "rsync".

src/ChangeLog

@@ -7,6 +7,8 @@
 	the connection.
 	(gnutls_certificate_details): Put :signature-algorithm back again,
 	which was removed by mistake.
+	(emacs_gnutls_handle_error): Fatal errors should be on level 1, so
+	that they are not messaged by default (bug#16253).
 
 	* gnutls.c: Add Windows specs for gnutls_dh_get_prime_bits.
 

src/gnutls.c

@@ -571,7 +571,7 @@ emacs_gnutls_handle_error (gnutls_session_t session, int err)
   if (fn_gnutls_error_is_fatal (err))
     {
       ret = 0;
-      GNUTLS_LOG2 (0, max_log_level, "fatal error:", str);
+      GNUTLS_LOG2 (1, max_log_level, "fatal error:", str);
     }
   else
     {