dirmngr: Fix CRL DP error fallback to other schemes.
* dirmngr/crlcache.c (crl_cache_reload_crl): Rework the double loop. Remove the unused issuername_uri stuff.
It is quite common that LDAP servers are blocked and thuis the HTTP
access point should be used instead. This worked well for
certificates where the DP are given in this form:
crlDP: ldap://x500.bund.de/[...] http://x500.bund.de/[...] issuer: none
but it failed for this form
crlDP: ldap://x500.bund.de/[...] issuer: none crlDP: http://x500.bund.de/[...] issuer: none
because the LAST_ERR thing terminated the outer loop. This pacth
fixes this and also cleans up the code to be more robust.
Note that the common workaround of using --ignore-ldap-dp will now
only be needed if the firewall uses packet dropping instead of proper