Improve error handling

This reverts commit f1e05f8f.

The previous situation was confusing with various contradicting
(staments of) defaults, mixed with old style and new style
configuration.

Simplify by deciding that having backtraces is so
useful that it is the defaut, both old and new style configurations.
(It was already default on in the config template,
which seems 'canonical'.)

Previously, would show inappropriate precision, like "0.0598134 hours ago"
or "1490532.4129 hours from now" depending on the expiration date.

Follow the suggestions of [draft-knodel-terminology-00](https://tools.ietf.org/id/draft-knodel-terminology-00.html)
and other language frameworks and replace the notion of master/slave
with a more neutral primary/secondary.

Convert to our wrapper class for assertions

Check whether http://macedir.org/entity-category is set in the EntityAttributes
before using it as argument in in_array(). This prevents a "TypeError:
in_array() expects parameter 2 to be array, null given" error.

This situation happens when we do have EntityAttributes in the metadata but
none of type "http://macedir.org/entity-category". An example is an IdP
supporting https://refeds.org/category/research-and-scholarship, which would
have "http://macedir.org/entity-category-support" but not per se also
"http://macedir.org/entity-category".

We can remove several tags, login:processing and admin:metaconv_selectfile, and
replace several others with their English text.

An issue in the code prevented the SameSite session cookie option from being set the first time we were reaching SSP when using PHP versions older than 7.3.

This fixes #1320

* fixed warning when Warning: session_create_id(): Failed to create new ID in /var/ssosp/lib/SimpleSAML/SessionHandlerPHP.php

* Use session_create_id() unconditionally

In master, we require PHP 7.2, which is guaranteed to provide `session_create_id()`. Therefore, we don't need the if clause any longer. Add also a warning when `session_create_id()` fails, and fall back gracefully to our old way to create session IDs.

Co-authored-by: Jaime Pérez Crespo <jaime.perez@uninett.no>

If the file system containing the PHP code is case-insensitive, a
request containing an uppercase file extension will return the
contents of the PHP file to the browser instead of executing it.

E.g. a request for this URL will return the source code:

  https:/sp.example.org/simplesaml/module.php/core/frontpage_welcome.PHP

Fix that by converting the path to lowercase before checking the file
extension.

See the following page for details:

  https://github.com/simplesamlphp/simplesamlphp/security/advisories/GHSA-24m3-w8g9-jwpq

Issue #1272 - SSP refuses to use temp dir if it doesn't own it, even though it can write to it (#1314)

* Issue #1272 - SSP refuses to use temp dir if it doesn't own it, even though it can write to it
This has been addressed using the is_writable function instead of checking for UID, which only works in a Linux environment

Co-authored-by: Aaron St. Clair <astclair@ecrs.com>

The callable must be called from the sendContent() method, rather than send(). Otherwise, sendHeaders() is never called.

This was available for the memcache extension, but when we moved to memcached it went away since the API is different and required changes. The issue with persitence in memcached is that persistent connections require a common identifier, which shouldn't be fixed. Therefore, we need to change a bit the way the memcache servers are configured in config.php as well.