Update to the TLS Pool

Many new improvements, including to the POSIX / Windows separation.

bugfixes

Fixed bugs in the OS-separation code

Fixed a problem with testdata from 0.9.0

This is the same as 0.9.0, except that this corrects the testdata directory and, as a result, successfully builds the Docker Demo.

Closing in on a release

Bug fixes:

• 50dea1a issue #91. man pages for the Asynchronous API
• 4e12313 issue #92, error code standardisation
• 77cc246 issue #53, TLSPOOL_CFGFILE naming inconsistency
• ba7826c issue #51. Tool names are now scoped to avoid clashes
• 9669523 issue #84. PRNG now receives binary context values.
• 98762a8 issue #93, tlspool_async_open() does pioc_ping()

Enhancements:

• 876cdfb issue #100, part 2/2, name checking
• f8a2c37 issue #100, part 1/2, name checking
• 7b5afe0 issue #69, channel binding support
• 6118248 issue #69, initial design of commands
• 5a0699a issue #99, state diagram for applications
• b3310d8 issue #104, infra for STARTTLS_DRIVER selection
• b40a4d6 issue #102, libev for runterminal
• bf6b007 issue #44, show version number
• 864d65d issue #85, prepare for Quantum Computing, part 2/2, phase 1
• 14c9a66 issue #85, prepare for Quantum Computing, part 1/2, phase 1
• e9f83a8 Add a -V flag, which prints the TLSPool version string.

Still to come before a Major Release:

• issue #29 (valex predicates completion)
• issue #95 (library export definitions)
• issue #16 (Windows port changes)

Note that the release will be a 2.0, initiating semantic versioning; the API uses V2 and we don't want naming confusion. Also, we've had stable code for a long time, but lacking features have made us shy about calling it 1.0. Notably, valexp predicates need to be resolved as the last of these points.

Tester re-release

See 0.20-beta8 release notes.

Tester facilitation (extra certificate in testdata)

Added an 8th private key to the testdata, for a server certificate "playground.arpa2.lab"

Corrections in Python wrappers

Management of file descriptors was leaking. The cryptfd was closed
by the tlspool_starttls() call or TLS Pool but also by Python, for
instance when garbage collecting the cryptfd. This allowed closing
the same socket twice or, more accurately put, closing of the same
file descriptor number. An intermediate process might have opened
another stream with the same number, and seen it closed. Yet an
other process might have opened it once again and receive spurious
information from the stashed file descriptor in, say, the syslog()
API or Python sockets.

Improved installers: Python and include files

We did not install Python support, nor include files. Now we do.

Update to RSA bits

We used to have 2000 bit RSA keys, just to tickle software with not-so-standard sizes and see how it fared. But the habit of doubling RSA sizes (which is a bit steep, considering that it is closing in on exponential in bit sizes anyway) has overtaken us, in the form of a requirement in GnuTLS to have these funny ever-doubling sizes. Alas, TLS Pool follows that now.

Made experimental SRP support an explicit choice

SRP support was experimental, referring to files relative to programs.
It has now been removed from the defaults, but a build-time flag still allows supporting it as before.