libpq ssl -> clear fallback looses error messages

I noticed while working on general fixes for the certificate handling
that if we have a connection being attempted with sslmode=prefer (which
happens to be our default), we will loose error messages.

Basically, if we fail the SSL connection, we will throw away the error
message and try a cleartext connection. Now, if the server is configured
to require SSL (using hostssl), you will get an error message that says
"there is no pg_hba, etc, SSL off". Which is totally misleading, because
I *tried* to connect with SSL, but failed.

If I set sslmode=require, the error message is properly reported.

AFAIK we don't actually have a way to pass back an intermediate result
here, but we really need to report this error *somehow*.

It may even be to the point that if we connect and get a client side SSL
error, we should just report it and abort, and only retry if the error
is actually a server error saying there is no pg_hba for SSL here?

(or I'm missing something obvious :-P)

//Magnus