Enable support to validation of SSL Certificates while performing external connections

[evilaliv3]

Currently GlobaLeaks do not validate certificate of SSL conncetions that are performed (currently only SMTP outgoing connections are performed).

It would be important to add this capability in order to reduce possibilities for MITM attacks.

This is the missing feature in relation to: https://github.com/globaleaks/GlobaLeaks/issues/1183

[evilaliv3]

Related to this the code has been already written by me ans is integrated on Tor2web and in production, since at least one year: https://github.com/globaleaks/Tor2web/blob/62e4fd938183572b711933dd5915fce424784bc8/tor2web/utils/ssl.py#L192

[evilaliv3]

The feature described in this ticket is currently needed in related to notifications but it would be important and in place also before having implemented other features like eventual Leak directory pushing / or other resource fetching like onionoo resource, or whatever. \cc @vecna

[evilaliv3]

Closing this outdated ticket because since years the software perform full validation of certificates when performing an external connection.