OF-2899: Connect manager connect fail when upgrade openfire 4.9.0. because .connect manager session(LocalConnectionMultiplexerSession) have not SASLMechanisms. we change org.jivesoftware.openfire.net.StanzaHandler.java tlsNegotiated method when getSASLMechanisms() method return null. not add to features:
(cherry picked from commit a45c4b90bcf1639e6803386a468116693716ab3a)
OF-2893: Warn administrator when a wildcard pattern is loaded (but wildcards are disabled)
(cherry picked from commit 02f95a5c627f7cb5d091bb870cd2f79d8f5eb5de)
OF-2897: Consider anonymous users when evaluating no-such-user
A user that is authenticated using the 'ANONYMOUS' SASL mechanism isn't a _registered_ user, but is a valid user of the system.
The bug fixed in this commit was likely hidden from view by the bug fixed in OF-2896.
(cherry picked from commit cd2ef4f182df6d4bbac07a3d2050b3aef719dbcb)
OF-2896: Periodic clean-up of pre-authenticated client sessions.
This ensures that clients that are connected indefinitely before authenticating are eventually closed. Note that the XMPP specification mandates SASL, requiring every connection to be authenticated (which _may_ use the ANONYMOUS mechanism).
(cherry picked from commit 49f05c1120a2570f2520ab2e3633ba5a7fe24352)
OF-2896: Fix memory leak when dealing with pre-authenticated Sessions
A collection of pre-authenticated sessions was maintained incorrectly (using a type-unsafe key that was both used as a stream-ID and a JID), which caused every session that was ever created to remain a part of that collection, until the server got restarted. This introduces a memory leak (and possibly functional issues, although those have never been reported).
This commit resolves the problem. It hides access to the collection to enforce proper maintenance. A more type-safe key is used, which should help prevent future issues like these.
The changes in the second commit affect the API. I've opted to not include backwards-compatibility (with deprecation), as I believe the per-existing API to be simply broken. Any usage of that API should be revisited, which is enforced by removing the API.
(cherry picked from commit 495bd1680076e468de4c3844a17cd6e2b19db13e)