sessionmanager: Removed reference to global 'sessions'

Added globals bare_sessions and full_sessions, which map bare and full JIDs to sessions.

Removed unused global 'session'

mod_tls: Add <required/> to stream feature when TLS is required

mod_legacyauth: Hide stream feature when secure auth is enabled, and session isn't secure

mod_saslauth: Don't offer bind/session when they aren't authenticated yet :) [thanks albert, again...]

mod_saslauth, mod_legacyauth: Deny logins to unsecure sessions when require_encryption config option is true

xmppclient_listener: A connection is also secure when it uses legacy SSL

net.server: A connection is not secure if we delay the TLS handshake

sessionmanager, mod_tls: Mark a session as secure when TLS is active