irkerd: Initial SSL/TLS implementation

This is pretty basic, just using as much of Python's ssl module as the
host Python implementation supports.  I also added error-level logging
of IRCServerConnectionError instances, to get helpful messages like:

  Invalid SSL/TLS certificate:
  hostname 'localhost' doesn't match 'irc.example.net'

and:

  Couldn't connect to socket: _ssl.c:334: No root certificates
  specified for verification of other-side certificates.

Important milestones in the standard library's ssl module:

* Python 2.5 [1,2]: No ssl module at all
* Python 2.6 [1,2]: ssl module added
* Python 3.2 [3,4]: ssl.SSLContext class added, with
  SSLContext.set_default_verify_paths [4].  ssl.match_hostname is also
  added [5], which can be used with the existing getpeercert [6] to
  ensure the server certificate belongs to the target host.

So for full verification, we need Python 3.2.  We can scrape by with
2.6 and later, by manually supplying a ca_certs path and ignoring
hostname mismatches.  That's more succeptible to man-in-the-middle
attacks, but still better than sending server, nick, and channel
passwords in plaintext.

[1]: http://docs.python.org/2/library/ssl.html
[2]: http://docs.python.org/2/whatsnew/2.6.html#improved-ssl-support
[3]: http://docs.python.org/3/whatsnew/3.2.html#ssl
[4]: http://docs.python.org/3/library/ssl.html#ssl.SSLContext.set_default_verify_paths
[5]: http://docs.python.org/3/library/ssl.html#ssl.match_hostname
[6]: http://docs.python.org/2/library/ssl.html#ssl.SSLSocket.getpeercert