Treat warnings as errors in zlint tests

[erikh]

Seems like the right thing to do. This involves both parsing the response and itemizing the warnings and errors as a part of the test failure in a meaningful way.

[erikh]

this is going to take some work. Here are the warnings when enabled; you can see these in latest "main" by editing line 335 or so of src/test/mod.rs to match with "fail" or "warn" instead of just "fail" as it is now.

The result is:

---- acme::handlers::order::tests::test_order_flow_single_domain stdout ----
thread 'acme::handlers::order::tests::test_order_flow_single_domain' panicked at '
        expected: result[ok]
         but was: result[error]<ZLint({"w_sub_cert_aia_does_not_contain_issuing_ca_url", "w_ian_iana_pub_suffix_empty"})>

• Issuer Alternative Names need to be propagated from the CA construction process. This will involve some API changes.
• I don't think AIA is supported at all right now.

[erikh]

Namely, I think the API changes will involve some kind of introspection or passing of arguments to the CA type constructor to pass a url + DNS name into it so it can be propagated as the issuerAltName. Right now it's just copied from the issuer settings (a feature of openssl), which is apparently incorrect best I can tell.

[erikh]

Added a ZLINT_WARN so the file doesn't have to be patched. Set it to non-empty in the environment to trigger warnings as errors with zlint.