Hard Infrastucture tasks

Implement OpenID Connect

Our current auth system on master is outdated and cumbersome. Something like OpenID Connect (not the broken OpenID 1.0, of course) would make a lot of sense for us.

Easy Infrastructure tasks

posttohost() Rewrite

The current posttohost() function used in various places to post stuff back to master does not support SSL. Rewrite this using internal streams and once done fix the master config to not accept anything over non-SSL.

Password handling on master is pathetic

Barring a quick OpenID Connect implementation as per above, clean up password handling on master to not use crypt/md5.