Add better certificate handling.

Certificate host names are now matched (using DNS, SRV, XMPPAddr, and
Common Name), along with expiration check.

Scheduled event to reset the stream once the server's cert expires.

Handle invalid cert trust chains gracefully now.

sleekxmpp/basexmpp.py

@@ -68,6 +68,7 @@ class BaseXMPP(XMLStream):
 
         #: The JabberID (JID) used by this connection. 
         self.boundjid = JID(jid)
+        self._expected_server_name = self.boundjid.host
 
         #: A dictionary mapping plugin names to plugins.
         self.plugin = PluginManager(self)