xmpp-client doesn't warn you if cert has been changed

[mrphs]

Not sure if this is a feature or a bug, but xmpp-client apparently don't warn you if TLS cert of the jabber server has been changed.

I haven't looked at the code to see if it caches the cert or even the sha256 FP or not, if it does, it might be a good idea to warn user when it changes. And if it doesn't... maybe we should discuss that.

[0x747972]

Hey, there's an configuration option, called "ServerCertificateSHA256", you can pin the cert with. If the SHA256 fingerprint doesn't match, xmpp-client will refuse to connect. But yes, maybe there should be a warning if the certificate changes...

[agl]

The ServerCertificateSHA256 option exists and can be used to identify a specific certificate if you wish. (Although it was originally intended for servers that use a self-signed cert.)

As for warning every time the certificate changes: certificates do change. They expire every so often if nothing else. I'm not sure what action users are supposed to take in response to such a warning and thus I expect the answer will be "ignore it" in the vast majority of cases.