fix: RabbitMQ channel stability and EUD handler hardening

[fwromano]

• Add per-client socketio_publish_enabled guard to prevent channel close/recovery loops when flask-socketio exchange is unavailable
• Declare flask-socketio exchange on channel open so publishes don't fail with NOT_FOUND on first message
• Guard route_cot publish path against channel race conditions
• Thread-safe RabbitMQ connection close in client disconnect
• Set ioloop thread as daemon to prevent orphan threads on shutdown
• Prevent identity hijack: validate certificate CN matches connection
• Fall back to ANON group for unknown team names instead of crashing
• Consolidate queue binding logic into _ensure_client_routing_bindings()

These fixes address production crashes observed when running multiple simultaneous ATAK/iTAK clients with RabbitMQ message routing enabled.

[brian7704]

Can you please describe the problems you were having that this PR fixes? The flask-socketio exchange not existing should have been fixed in ebd7e40 with the lines below.

self.rabbit_channel.exchange_declare(
    "flask-socketio", durable=False, exchange_type="fanout"
)

If you're still experiencing the NOT_FOUND error then we can find a way to fix it rather than just disabling socketio altogether.

Regarding preventing identity hijacking, I don't see in the PR where anything was changed that would fix that issue. Could you point it out or describe the issue you were having? eud_handler will validate client certificates when it operates in SSL mode.