* OF-1444: Ensure that mvn packaged log4j.xml file does not have the variables expanded

* OF-1444: Don't set the default option

* Fixed ofGojaraSessions missing after install

* Bump patch version

* update gojara changelog

fixes commit c44f29 from PR #931

Oracle and IBM JREs appear to provide 'java' properly, whilst not java-headless

OF-1438: Add method to replace an entry in the identity store.

OF-1373: Wait until file modifications are complete.

OF-546: Exclude MINA bundles

The logic here was wrong, but trying to handle SCRAM when we
could read the password, or there was native support. However,
the existing SCRAM code doesn't perform any fallback - instead
that's left to the AuthProviders themselves to implement.

So the new logic just assumes that an AuthProvider which can
provide that fallback will advertise it. If we later make this
support generic, it can go into the AuthFactory level.

This commit prevents file changes from being applied while the file is still being modified.

* OF-1437 Try to stop sessions having their routes removed

This patch adds a lot of debug logging, plus stops the
console NPE'ing when you try to view a detached session.

It also detaches a session before trying to reattach it, to
avoid it being unrouted when the connection is closed.

* OF-1437 Address comments from Guus

* Don't use toString() in debug logging statements.
* Debug log previd and h values.

This prevents errors (caused by the extensionHandlers to still be in 'running' state) when
restarting the HttpBindManager.

By default, the MINA artifacts pull in 'bundle' instead of 'jar' dependencies. This confuses Intellij,
and likely, other tooling. This commit excludes the 'bundle' dependencies, instead relying on the
fact that all excluded dependency-dependencies are present (as first-level dependencies of the project
itself).

This commit should not introduce any functional changes, but should facilitate developers.

OF-1431 Add null safety on packet.getType()

replace old community links with discourse equiv

* Denote Openfire 4.2.0-beta

* Bump maven openfire version to 4.2.0-beta

via mvn versions:set -DnewVersion=4.2.0-beta -DartifactId=*  -DgroupId=*

and had to manually edit
 * src/plugins/jingleNodes/pom.xml
 * src/plugins/kraken/pom.xml
 * src/plugins/pom.xml
 * src/plugins/rayo/pom.xml
 * src/plugins/sip/pom.xml

* update changelog and date

* bump beta release date

Cut/paste error in removeClientRoute() caused old sessions to be
kept around.

In order to help debug this, I also added some detailing to
session-details.jsp which turned out not to be needed. But it
might prove useful/interesting.

* OF-1417 CVE-2017-15911 Fix XSS issues in host setup

* OF-1329 Prevent session fixation attack

* OF-1403 Escape group name in MUC admin

* OF-1393 Make randomString more random

* OF-1400 Escape servername field

* OF-1401 Validate SMS host and escape error message

According to XEP-0198 'h' attribute should be set to the sequence number
of the last handled stanza sent over the former stream from the client to the server

Test was looking trying to assure that English names for time units are the same as foreignin. That was causing problems while I was building Openfire and units were named in Polish (e.g. second - sekunda). (#925)

remove CRLF from *.{html,css,sql,xml,js,properties,jspf,java,jsp}

command form this time was
git ls-files  '*.jsp' | while read f; do tail -n1 $f | read -r _ || echo >> $f; done

the command line form was
find . -name '*.jsp' ! -type d -exec bash -c 'expand -i -t 4 "$0" > /tmp/e && mv /tmp/e "$0"' {} \;

all done via the magic of dos2unix

* OF-1309 Route based on DomainPairs

* Fixes found during test

* Fixes found during test II

* Fixes in plugins (Kraken)

* Update minServerVersion/version for Kraken

* Support for Roster Versioning (without send the modifications via roster pushes)

* Roster versioning comparison clearing

* Implementation Note: This empty IQ-result is different from an empty <query/> element, thus disambiguating this usage from an empty roster.

* Avoid cache miss while updating roster

When the roster is updated via group renaming, group user adding or removing, the roster pushes only happen if there is a cache hit. If there is a cache miss (what can happen if the cache is full or if the admin cleaned up the cache) the user is not properly notified about the roster update. Thus only update rosters in memory can lead to this undesired behavior.

This commit avoids the use of the cache directly (where there can be a cache miss or a cache hit). It is using the method getRoster(username) that instantiante a new Roster in the case of a cache miss.

* Clarify the code

* OF-210: Base roster version on its hashCode.

This commit removes all fields from the Roster class that do not relate to its state
(replacing them with method variables - which seems harmless, as they're all final
singletons). This allows for an easy override of Object#hashCode() and equals().
These, in turn, are used to calculate the roster version from.

* Simplified loop

* Prevent potential NPEs.

* Log exceptions for exceptions that cannot happen.

If they cannot happen, we should scream murder if they do...

* OF-210: Roster versioning enabled by default.

Simply repeated dwd's commit 73b59106 on Ubuntu Trusty (20170717~14.04.1)

When creating a new MUC room, using an invalid name (invalid JID) should not cause an ugly
stacktrace to be displayed.