The included collection of CA certificates has not been updated since
2021, which means it's outdated and possibly a security risk. Also it
should not be necessary, as curl is able to find the system installed CA
certs which is more likely to be up to date and safer.
When fetching the default timouts from config, the result is converted
to an int via `intval()`, the result of that again is compared strictly
to `false`. Since 0 !== false, the default values will never be used,
and 0 (no timeout) is passed to curl.
This cause requests to hang indefinitely (or until they are killed) when
receiving actions that require a lookup or fetch to another site as part
of the request processing. (E.g webfinger, or fetching objects that we
received an announce action for.) This again cause the request never to
return a useful status to the site sending the action, and could cause
them to think the Hubzilla site is dead.
This patch fixes this by comparing the fetched value from config to 0
instead of false, making the defaults work again if the config is not
set (or set to 0).
The validate_email function relied on doing an actual domain lookup (on
supported platforms) to validate the domain of the email address. This
does not work too well in testing environments where we may not want to
spam the DNS system, if it at all is available.
Apart from the the function did very little to actually verify that it
was a valid email address.
This patch tries to change that by usng a somewhat stricted regex based
validation. While this may not be perfect, it should be good enough in
the vast majority of cases. For platforms where no validation was
performed with the old version, it will at least be an improvement.
Also, it allows testing without having an external network connection.
Also clarify the doc comment, that it does not actually try to resolve
the email address, just the domain.
