Cerbero extract fixes and some general cleanup

commit 9599320f:

cerbero: Convert files to unix line-endings
Just for consistency.

commit 842fa021:

cerbero: Rename corrupted tarball instead of overwriting
Sometimes the corrupted tarball is actually a partial download, and
the user is on a slow connection. Maybe they don't want the partial
download thrown away completely and want to intervene manually.

We do the same thing for tarballs that fail checksum verification.

commit 369d8f16:

cerbero: Always require a filename to verify()
This is simpler to understand and harder to mess up with.

commit 74a21a80:

cerbero: Don't redownload on *all* unpack failures
Sometimes zipfile.extractall returns `PermissionError`, such as when
the code that writes out permissions on extracted files gets
interrupted and some file being extracted gets written out with the
default permissions which do not include +w, so re-running the extract
can fail while trying to write to that same file.

This is obviously not a problem with the downloaded zip file. However,
that exception is a subclass of `IOError` so we think the zip file is
corrupted and download it again. The handling was similarly broken for
extracting tarballs with `tar` and the tarfile module too.

Now we try to be more specific about which errors are due to the file
being (possibly) corrupted.

commit 224464da:

cerbero: Move from deprecated check_call to check_output
Needed a new `fail` kwarg to check_output for cases where we want the
output of the command regardless of returncode.

Also fix a few minor bugs around newline handling and quoting along
the way.

commit f9f9c627:

cerbero: Don't fetch on failed extract in offline mode
Also fix a typo.