This commit adds an upper-limit to the amount of stanzas that can be queued in an outgoing
session promise. Any data that won't fit in the queue is rejected immediately. Note that
this can lead to a situation where later stanzas are rejected before stanzas that or sent
earlier (but got in the queue).

This fixes some encoding issues, preventing LDAP users that have an '@' character in their username from becoming admin.

* OF-1311: Allow lists to be stored in a property.

* OF-1312: Allow SASL mechanisms to be configured in the admin console.

A new property (ldap.encodeMultibyteCharacters) is introduced that controls if multibyte characters in LDAP search queries are escaped.

Escaping of these characters started with the fix for OF-830, which appears to have caused OF-1305. Although I can't say that escaping of characters is wrong (per RFC 4515), it does cause real-world problems.

This fix defaults to not encoding again (reverting back to the behavior pre OF-830, without affecting other changes made in OF-830).

This reverts commit ffe14c90 and hopefully resolves OF-1263 and OF-1269

This reverts commit 508e39e2 and hopefully resolves OF-1263 and OF-1269

* OF-1278 Recurse more sensibly in SCRAM code

Previously, we called setPassword if (and only if) there was a plaintext password present AND the configuration was for SCRAM hashed passwords only.

However, we would then retest to see if there was a salt present, and then recurse, if there was a plaintext password present.

This meant that if there were pre-existing users (with only plaintext or encrypted passwords) but with no SCRAM information, and the userInfo.salt was unset, recursion would continue indefinitely.

* OF-1278 Recurse more sensibly in SCRAM code

This patch further proofs against infinite recursion, and is more aggressive about SCRAMming pre-existing users.

Recursion is now prevented from being more than one deep, as designed.

Adding elements and attributes to the new element doesn't work, since reparenting the old elements generates an exception. This exception wasn't logged.

* Exception logged
* id attribute copied, if present.
* Elements copied deeply/properly.

Test stanza:

```
<message xmlns="jabber:client" to="blah@conference.cridland.im" type="groupchat" id="5260">
<body>This is a message with a label.</body>
<custom xmlns='tmp:custom'/>
<custom-attr xmlns='tmp:custom2' attr='value'/>
<custom-child xmlns='tmp:custom3'>
<child>element</child>
</custom-child>
<custom-text xmlns='tmp:custom4'>Text here</custom-text>
</message>
```

Version and build date are already in the changelog. Other than that Readme is static. Fixed a few links and removed cheerful thanking. When user looks at it online, he hasn't yet downloaded anything. When he has installed it already, thanking for downloading seems out of place.

Treat null array the same as empty array

alphabetical sort, case sensitivity of path names depends on platform

When evicting cache entries for group members, the members of other
groups that are affected should also be evicted.

Denote Openfire 4.1.1 Release

Exception handling is used to determine if the default admin console username/password
applies. This exception handling should be more specific than depend on any Exception.
Instead, authentication-related exceptions should be used.

This fix applies to the Client Control plugin.