Fix client SslStream certificate chain CRL validation. The logic was inverse and CRLs were never checked.

Add a missing dispose in managed client.

Source/MQTTnet.Extensions.ManagedClient/ManagedMqttClient.cs

@@ -252,6 +252,7 @@ namespace MQTTnet.Extensions.ManagedClient
                 _maintainConnectionTask = null;
             }
 
+            _messageQueueLock.Dispose();
             _mqttClient.Dispose();
         }
 

Source/MQTTnet/Implementations/MqttTcpChannel.cs

@@ -86,7 +86,7 @@ namespace MQTTnet.Implementations
                 var sslStream = new SslStream(networkStream, false, InternalUserCertificateValidationCallback);
                 _stream = sslStream;
 
-                await sslStream.AuthenticateAsClientAsync(_options.Server, LoadCertificates(), _options.TlsOptions.SslProtocol, _options.TlsOptions.IgnoreCertificateRevocationErrors).ConfigureAwait(false);                
+                await sslStream.AuthenticateAsClientAsync(_options.Server, LoadCertificates(), _options.TlsOptions.SslProtocol, !_options.TlsOptions.IgnoreCertificateRevocationErrors).ConfigureAwait(false);                
             }
             else
             {