If we get a GNUTLS_E_DECRYPTION_FAILED during the handshake, assume
the peer is just dumb, and return G_TLS_ERROR_NOT_TLS so, eg, libsoup
can fall back to SSLv3.
https://bugzilla.gnome.org/show_bug.cgi?id=662104
if (g_error_matches (gnutls->priv->error, G_IO_ERROR, G_IO_ERROR_FAILED) ||
status == GNUTLS_E_UNEXPECTED_PACKET_LENGTH ||
status == GNUTLS_E_FATAL_ALERT_RECEIVED ||
+ status == GNUTLS_E_DECRYPTION_FAILED ||
status == GNUTLS_E_UNSUPPORTED_VERSION_PACKET)
{
g_clear_error (&gnutls->priv->error);