gnmi_server: fix nil-resp panic when CRL fetch fails

[SAY-5]

Closes #630.

Problem

TryDownload in gnmi_server/clientCertAuth.go unconditionally dereferences resp.StatusCode after http.Get(url), but http.Get returns (nil, err) on network-level failures (DNS resolution, connection refused, TLS handshake failure, timeout before response, etc.). Any of these paths panics the gNMI server with nil pointer dereference.

resp, err := http.Get(url)

if resp != nil {
    defer resp.Body.Close()
}

if err != nil || resp.StatusCode != http.StatusOK {  // resp may be nil here

Fix

Short-circuit on err != nil before touching resp, matching the standard Go pattern. Log the HTTP status on non-200 responses instead of a stale err. Behavior is otherwise unchanged on the happy path.

Test

gofmt -d clean.

[linux-foundation-easycla]

• ❌ - login: @SAY-5 / name: SAY-5 . The commit (01306f4) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).