patch by tevans, applied to master, backported to 3.10 by tevans

Original issue (OF-857) has been addressed by providing an alternate
packet deliverer (to offline storage). This additional logic was an
ill-advised "belt-and-suspenders" attempt to prevent the recursion which
was occurring before the backup deliverer was implemented.

Detect offline messages that fail to parse; write to error log before
discarding as undeliverable. This will unblock the offline message queue
for future (valid) messages addressed to the affected user.

This patch fixes a problem introduced by an earlier patch whereby a
change to the Packet namespace inadvertently cascaded to child XML
elements.

Append XMPP client namespace to outbound BOSH packets only when needed.

Problems are inevatible when a resource is opened, passed around
and closed by a different method. This can improved upon easily.

Applying patch proposed by Luki de Silva.

https://github.com/igniterealtime/Openfire/pull/279

Ldapconnectionfixes

Added readtimeout and connect time out to getcontext

Reverting some changes made with PR #239. by enabling the custom socket factory.  Added the use of Comparator per http://docs.oracle.com/javase/8/docs/technotes/guides/jndi/jndi-ldap.html#pooling
  for connection pooling

Reverting some changes made with PR #239. by enabling the custom socket factory.  Added the use of Comparator per http://docs.oracle.com/javase/8/docs/technotes/guides/jndi/jndi-ldap.html#pooling
  for connection pooling

Improves GroupAwareMap and GroupAwareList implementations by caching
group names (in lieu of group instances) that are referenced in the
corresponding collection. This enables rapid group retrieval from
primary cache where applicable.

Fixes caching issue which prevented users from joining MUC rooms in
certain cases.

OF-918: BOSH should use UTF-8 character set.

Address XSS issues in admin console and monitoring plugin

A number of stored XSS issues were found by Dean Hardcastle during testing of
the monitoring plugin's admin console. These include cases where chatroom
nicknames and message text are not adequately escaped.

Denote Openfire 3.10.2 Release

See http://docs.oracle.com/javase/8/docs/technotes/guides/jndi/jndi-ldap.html#pooling

LDAP Connection Pooling is disabled when using a custom ssl socket. The custom
socket was used to accept unsigned/untrusted/expired ssl certs. I removed the
use of the custom socket, and also added the required system property to enable
connection pooling when using SSL, which was missing.

Rollback of this commit for OF-421:
https://github.com/igniterealtime/Openfire/commit/89c06a88d75e15d36ce7f6ace88bbf5c71fb08df

The inputClosed method was added during troubleshooting for MINA 2.0.9
and can be removed now that we have downgraded to 2.0.7.

Openfire 3.10.1 Release

Prevent sessions in admin console from showing UnknownHostException

OF-889: Added try-catch blocks to the various JSP pages where Session.getHostName or Session.getHostAddress is called to prevent the Sessions tab from showing UnknownHostExceptions when there are bad client sessions laying around

Address current problems in 3.10

Where the session is part-closed, these can throw NPE due to getRemoteAddress()
returning null. This sledge-hammers the problem away.

Addressing DIRMINA-1012

Do not synchronize on isClosed()

There is a deadlock while reading the state variable if close() is running.

This switches the state to be volatile instead - it's only written to inside
the lengthy close() lock, so this should be reasonable.