The provider didn't register all of the supported SASL mechanisms. For good measure,
the version number of the provider was increased as well.

Although it evaluates as a boolean, the POLICY_NOANONYMOUS property value must
be a String value (as defined by javax.security.sasl.Sasl#POLICY_NOANONYMOUS)

The method signature defines that the 'props' argument is allowed to be null. Our
implementation should not throw a nullpointerexception.

Should use hypens instead of underscore.

A bit of rework of the SASL implementation. Pushed implementations to Java
Provider where this was not done before. When SASL fails, it is useful to be
able to add some context to the failure. To do this,
javax.security.sasl.SaslException is subclassed.

Some user providers might not provide a creation date for each user. There's no
reason that the Admin Console should not be able to cope with that.

OF-1087: Default namespace handling in BOSH.

In dom4j, the default namespace of an element cannot be set by adding
a namespace that has an empty-string prefix. Although the string
representation of the element will be correct, that namespace is not
being recognized as the default namespace of the element (instead, it
is a namespace like any other prefixed namespace, to be used in child
elements).

The original code depends on a whitespace to be present within the limits
of the element. This is not safe (eg: <message><foo/></message> fails).
Instead, the closing characters ( > or /> ) of the first element should
be used, as that's guaranteed to be present.

A change introduced in Openfire 3.10.3 (OF-938) changed how the BOSH
implementation would add default namespace definitions where applicable.
This new implementation depends on a space from being present in the
outer stanza. The 'fin' element that's transmitted here is wrapped in
a message stanza without any attributes ( <message><fin ... ) which
caused the namespace to be injected in the fin element (where the first
space was).

This commit adds a 'to' attribute to the wrapping message stanza, to
allow for users to work around the problem without having to update
Openfire itself.

The BOSH implementation will be adjusted to account for this in another
commit.

Cannot join room in a cluster after an availability update.

NullPointerException in RoutingTableImpl.

Allows dynamic setting of disco info handler and disco items handler …

OF-954: Cleanup MUC rooms for defunct node

OF-462 PEP should process IQ-gets that have no 'to' attribute.

Fix unicode read on input

When a room occupant sends an availability update to a host in an
Openfire cluster, other users cannot join the room from other hosts in
the cluster. The availability update causes the other hosts to lose an
occupant's role and affiliation. New occupants encounter an NPE when
joining and are prevented from joining the room. Specifically, the NPE
occurs when Openfire attempts to send initial presences for current
occupants.

Remote hosts in the cluster lose the occupant's association because the
local room simply broadcasts the presence packet for the occupant's
availability update. Because it is from the client, this packet does not
have the occupant's role or affiliation. The remote hosts treat the
presence packet as the occupant's presence without modification.

This fix changes the order in which Openfire handles an availability
update. First, it updates its local view of an occupant's presence. This
populates the correct association. Then, it broadcasts the updated
presence to remote hosts in the cluster.

In the current read scheme for Openfire, it is possible that due
to variable width encoding that we sometimes only create a
string with a partial character.

This breaks the message text and causes encoding issues when read.

This change modifies the way the characters are
read to use an bytearrayoutputstream and
only do the string conversion once.

Since we only do the string creation once after the full
buffer is read, we no longer have encoding
issues with broken unicode characters.

In #routeToComponent, it is first checked if the component is being hosted in the local JVM. If it was not found, then all nodes in the ComponentsCache are checked to find if the component is hosted by one of those. In this process, the local routing table is again searched for the component, because it may have been added after the previous check. However, after this search, there is no null check done for the searched route. This results in an NPE when the component was not found locally and the #process(packet) method is called on the object. 

This also prevents the code from searching other nodes that may have been in the nodes set. Added a null check to prevent this scenario.

This way, plugins can swap in and out the handler.

XEP-0016 error messages should set correct from attribute (the sender).

See XEP-0016, example 50.

Patch submitted by community member lukzie.

OF-1063: Prevent TimerThread from exiting

Do not allow TimerThread to exit when the server becomes heavily loaded,
preferring instead to use the caller's thread to execute a scheduled
task when needed. This may result in a temporary slowdown, but is better
than a hard failure which requires a restart of the server.

OF-1057: Upgrade Jetty to 9.2.14

This commit moves jetty 9.2.9 to 9.2.14, which currently is the
latest release of it 9.2 branch.

OF-1056: Redirect commons logging over slf4j properly.

OF-1045: Fix NPE in cluster info page

Instead of using our proprietary commons logging wrapper for slf4j, use
the one provided by slf4j. Not only does is reduce code, it also does a
better job logging things (using the correct log category).

The jcl-over-slf4j.jar is a drop-in replacement for commons-logging.jar
(for version 1.1.1 commons-logging - our copy was probably older).

OF-1054 IllegalStateException when destroying MUC room prevents unava…

OF-1051: Prevent ConcurrentModificationException

Improve certificate signatures with SHA-2 functions

Conflicts:
	src/java/org/jivesoftware/openfire/keystore/IdentityStore.java

Aberenguel certificate issues