Sslyze

- Significant refactoring to simplify and enhance SSLyze's Python API. It is now fully documented and should be considered stable; see http://nabla-c0d3.github.io/sslyze/documentation/.
- Renamed `--certinfo_basic` command to `--certinfo` for consistency with other plugins.
- The `--certinfo` command will now use any trust store that successfully validated the server's certificate chain to run further checks against the server's chain (such as the chain order, or the presence of a SHA1-signed certificate), instead of only trying with the Mozilla trust store.
- The `--certinfo` command will now properly validate OCSP Stapling even if it is not trusted by any trust store.
- Various bug fixes.
- Significant internal changes including:
- A revamped plugin system that is a lot simpler to maintain and extend.
- Simplified interface for building custom output generators within the CLI tool.
- Progress toward Python3 compatibility.
- With a clean, fully documented Python API, SSLyze is now ready for a 1.0.0 release!

- The cipher suite tests (such as `--tlsv1_2`) will only return a preferred cipher suite if the server has a cipher suite preference (as opposed to following the client's preference).
- Bug fixes for `--https_tunnel` and `-starttls=postgres`.
- Refactored how the CLI tool generates its output to make it extendable.

- Bug fixes for `--http_headers`, `--tlsv1_2` and `--json_out`.
- Updated version of OpenSSL.
- The command line tool was moved from `./sslyze_cli.py` to `./sslyze/__main__.py` and can be called using `python -m sslyze`.
- When sending HTTP requests, SSLyze's `User-Agent` header now contains `SSLyze` for easier identification.

- `--certinfo_basic` will now return the server's "verified" certificate chain, if the server's certificate is trusted; the chain contains every certificate from the server's leaf certificate up to a root certificate included in the Mozilla store.
- Renamed `--hsts` to `--http_headers`; the command will now return HTTP Public Key Pinning information including the server's HPKP header value and the HPKP pins for each certificate in the server's verified certificate chain.
- Bug fixes for IPv6 support, exotic certificates, SHA-1 deprecation check and scanning through an HTTP proxy.

- Added the Android Open Source Project's trust store when using `--certinfo`.
- Bug fixes for IPv6 support, `--nb_retries`, `--nb_timeout` and UTF-8 and internationalized names in certificates.
- `--hsts` no longer raises an exception when the server sends back a redirection to HTTP.

- Various bugs fixes.