Disable certificate compression support by default

It turnd out that it will introduce an RFC compliance issue:
https://gitlab.com/gnutls/gnutls/-/issues/1397
This disables the feature by not linking to any compression library.

Related: #2097327
Signed-off-by: Daiki Ueno <dueno@redhat.com>

gnutls.spec

@@ -48,6 +48,7 @@ Patch: gnutls-3.7.6-gmp-static.patch
 %bcond_with tpm12
 %bcond_without tpm2
 %bcond_with gost
+%bcond_with certificate_compression
 %bcond_without tests
 
 Summary: A TLS protocol implementation
@@ -284,6 +285,9 @@ export FIPS_MODULE_NAME="$OS_NAME ${OS_VERSION_ID%%.*} %name"
            --enable-libdane \
 %else
            --disable-libdane \
+%endif
+%if %{with certificate_compression}
+	   --without-zlib --without-brotli --without-zstd \
 %endif
            --disable-rpath \
            --with-default-priority-string="@SYSTEM"
@@ -388,6 +392,7 @@ make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null
 %changelog
 * Tue Aug 23 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-8
 - Bundle GMP to privatize memory functions
+- Disable certificate compression support by default
 
 * Tue Aug 23 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-7
 - Update gnutls-3.7.6-cpuid-fixes.patch