core (xmpp): server certificate validation: XMPP server certificate is now checked, and connection is refused (by default) if it's not valid. Certificate check can be disabled in the new parameter "Configuration/check_certificate". If certificate checking is disabled, a warning note is sent on every new connection. Twisted and Wokkel are temporarly monkey patched in sat.core.tls_patches module, until modifications are merged upstream.

--- a/sat/core/exceptions.py	Fri Nov 09 16:17:45 2018 +0100
+++ b/sat/core/exceptions.py	Sat Nov 10 10:16:35 2018 +0100
@@ -121,3 +121,8 @@
 # Something which need to be done is not available yet
 class NotReady(Exception):
     pass
+
+
+class InvalidCertificate(Exception):
+    """A TLS certificate is not valid"""
+    pass