OF-397 Do not deliver offline messages to clients with negative priority

OF-818 Message routing to bare JID can route to negative priority resour...

Fix 'RFC 6121 8.5.1. No Such User' for IQ stanzas

OF-805 [MUC] OF does not return all affiliated users when requesting mul...

Remove dispensable logic in the IQOwnerHandler, which deals with MUC aff...

Fixes to javadocs to allow rpmbuild to work

MUC affiliations are managed in the #admin namespace, not in the #owner namespace.
This is already a minor contribution to OF-178 (Updating MUC to latest version).

When requesting:
<iq type="get" to="6ace0fd2f59f13c2484336dd06b4462a@bizmanager.msz006" id="getRoomMemberList">
<query xmlns="http://jabber.org/protocol/muc#admin">
<item affiliation="member"/>
<item affiliation="owner"/>
<item affiliation="admin"/>
</query>
</iq>

Openfire does only return admins (the last requested affiliation).
This fix rectifies this.

This commit fixes the regression, that was introduced with the addition of Message Carbons.
Message Carbons are delivered to all non-negative sessions.
If there's no Message Carbons-enabled session, it will be delivered to the highest priority session only.

As per RFC 6121 8.5.2.1.1. Message and XEP-0160

IQ stanzas, which were routed to a non-existent user were falsely replied to with an IQ-result (e.g. ping).
This fix checks for the existence of the user and returns an error, in case the user does not exist.

OF-405 - TLS certificate validation and authentication issues

OF-819 IQs of type error get falsely routed to IQ.createResult() which r...

OF-819 IQs of type error get falsely routed to IQ.createResult() which results in an Exception and connection termination

This can happen, if the session is in wrong status (e.g. if the user has not yet authenticated) and the client responds with an error IQ.
Only reply to an IQ if it is type get or set.

Update Junit to 4.11

Update Slf4J to version 1.7.7

Update Junit to 4.11 and add hamcrest - because the method assertThat is working with hamcrest matchers

Extract more properties related to connections

Some small javadoc fixes to remove warnings during build

 - Always check validity of EE Cert
 - Change variable name (and flip sense).

OF-709: Replace servlet.jar (2.5) with servlet-api.jar (3.1)

Codecleanup

and add some comments.

OF-810 RFC 6121 Routing Compliance Fix

OF-709: Update Jetty from 7.4 to 9.1.5

What this patch actually does is place existing certificates into a CertStore,
including those from its (untrusted) keystore, the trust store, and any from
the chain supplied by the peer, and then rebuild a chain back to a known trust
anchor (from the trust store).

This strategy will cope with unknown ICAs in chains, abbreviated chains, and so
on, and replaces attempts to specifically handle self-signed certificates.

That last said, there is an explicit shortcut to handle self-signed certificates
which are supplied as end-entity certificates. These are simply checked against
the trust store without any attempt to build a path.

I don't think we should be maintaining our own set if at all possible, this
patch was created by creating a new keystore and inserting every certificate
from an Ubuntu system's Mozilla ca-certificates set:

rm -f ./src/security/truststore
for x in /usr/share/ca-certificates/mozilla/*.crt; do
	y=`basename -s .crt $x`
	keytool -import -storepass changeit -keystore ./src/security/truststore -alias $y -file $x -noprompt
done

Fix OF-799: Select correct input radio on click into the text field.