Work around a python bug (both present in 2.7.15 and 3.6.6) which prevents
changing the ssl context on a listening socket.
Reported: https://bugs.python.org/issue34747

The code could actually not loop. Still check that deadline is not reached
when entering, as code often uses "now" as initial deadline.
Also, clarify dosctring.

Do not wait forever so test does not block.
Always clear event after it occurred.
Also, ensure itsUntilEvent behaviour is to raise so server actually stops
in _stopServer.

So the instance is readily reusable and less likely to be misused.

Spawned thread is not returned.

Except it is not present on caucase root object.
This reverts commit b26eeb38.

It is not in python3.

To ease debugging.

The intent was getting a nice error message if file was not readable, but
it causes a resource warning in python3 (file object being garbage-
collected while open - wasn't that the beauty of automatic garbage
collection to begin with ? It makes sense for writeable files as not
closing may cause race conditions, but for read-only it's just annoying).

Concatenate potential homonymous headers following specification.

Escape all quoted strings.
Add referrer.
Add user-agent.

Include both caucase name and its current version number.
Add versioneer for version number introspection, producing egg version and
caucase.__version__.

More realistic than checking server certificate.

Reference value is pre-timeshift, so it will immediately differ but for the
wrong reason.

sqlite does not allow controlling creation mode, so create the file
ourselves so it gets created when missing.

Rather than starting to listen on http before https.
This makes tests more reliable, as they will no actually wait for caucased
to be fully ready, in turn making shutdown more reliable.

It is not expiration which is disabled, but pruning from database.

For consistency with other places in caucase.

No certificate is needed to be an anonymous client, only up-to-date CA and
CRL are needed to validate service certificate.

Also, document why CA certificate expiration is not tracked explicitly.

Contains a few handy commands to run before sending patches.

Otherwise, this port will fail https handshake if clients connects too
early.

netloc is the public access point to a caucase instance.
bind is the private access point to a caucase instance, which may be
different (ex: NAT). Allow overriding netloc address with --bind.
As a consequence, add support for multiple binds: a netloc may resolve to
multiple addresses (ex: one IPv4, one global IPv6 and one Unique Local
Address).
As a further consequence, systematically disable automatic IPv4 binding
when binding to an IPv6 address.
Also, allow overriding netloc port with --base-port. The same port pair
will be used on all bound hosts.
Share SSL context between multiple https sockets.
To increase binding visibility, print bindings, and print when exiting.

pyca/cryptography 21st release is out and caucase already requires
is_signature_valid.
Also, literal IPv6 CRL distribution points do not fail anymore - add test.
No more known 1.0 blockers ! Weee !