Make sure that the callbacks do also get a 'valid' value of zero when
the certificate we're looking at is in valid and assert that within the
test.

Each packet line in the Git protocol is prefixed by a four-byte
length of how much data will follow, which we parse in
`git_pkt_parse_line`. The transmitted length can either be equal
to zero in case of a flush packet or has to be at least of length
four, as it also includes the encoded length itself. Not
checking this may result in a buffer overflow as we directly pass
the length to functions which accept a `size_t` length as
parameter.

Fix the issue by verifying that non-flush packets have at least a
length of `PKT_LEN_SIZE`.

The Git protocol does not specify what should happen in the case
of an empty packet line (that is a packet line "0004"). We
currently indicate success, but do not return a packet in the
case where we hit an empty line. The smart protocol was not
prepared to handle such packets in all cases, though, resulting
in a `NULL` pointer dereference.

Fix the issue by returning an error instead. As such kind of
packets is not even specified by upstream, this is the right
thing to do.

We must make sure that we're getting a certificate error from the
library so we know that we're testing the right thing.

None of our crypto backends actually reject RC4 as a cipher so don't
test for it and instead keep it as something we'd like to do.