Function gnutls_certificate_verify_peers is deprecated so we should
rather use gnutls_certificate_verify_peers2. This is a fix applied
by upstream.
Upstream bug report: http://dev.mutt.org/trac/ticket/3516

diff -up mutt-1.5.21/mutt_ssl_gnutls.c.verpeers mutt-1.5.21/mutt_ssl_gnutls.c
--- mutt-1.5.21/mutt_ssl_gnutls.c.verpeers	2013-03-04 15:19:56.144838094 +0100
+++ mutt-1.5.21/mutt_ssl_gnutls.c	2013-03-04 15:19:56.378838087 +0100
@@ -946,22 +946,23 @@ static int tls_check_one_certificate (co
 /* sanity-checking wrapper for gnutls_certificate_verify_peers */
 static gnutls_certificate_status tls_verify_peers (gnutls_session tlsstate)
 {
-  gnutls_certificate_status certstat;
+  int verify_ret;
+  unsigned int status;
 
-  certstat = gnutls_certificate_verify_peers (tlsstate);
-  if (!certstat)
-    return certstat;
+  verify_ret = gnutls_certificate_verify_peers2 (tlsstate, &status);
+  if (!verify_ret)
+    return status;
 
-  if (certstat == GNUTLS_E_NO_CERTIFICATE_FOUND)
+  if (status == GNUTLS_E_NO_CERTIFICATE_FOUND)
   {
     mutt_error (_("Unable to get certificate from peer"));
     mutt_sleep (2);
     return 0;
   }
-  if (certstat < 0)
+  if (verify_ret < 0)
   {
     mutt_error (_("Certificate verification error (%s)"),
-                gnutls_strerror (certstat));
+                gnutls_strerror (status));
     mutt_sleep (2);
     return 0;
   }
@@ -974,7 +975,7 @@ static gnutls_certificate_status tls_ver
     return 0;
   }
 
-  return certstat;
+  return status;
 }
 
 static int tls_check_certificate (CONNECTION* conn)