mod_pubsub: Normalize 'publisher' JID All the XEP-0060 examples have the publisher attribute set to a bare JID, but the text does allow it to be the full JID. Since mod_pubsub is more likely used for open nodes that anyone can subscribe to it makes sense to not leak the full JIDs. This is also disabled by defaults. In mod_pep on the other hand it might make sense to have the full JID since that data is more likely to be broadcast to contacts which are already somewhat trusted.

scansion tests: Enable 'expose_publisher' since we test for it

mod_pubsub: Respect 'expose publisher' setting in item retrieval

mod_pubsub: Fix inclusion of publisher (fixes #1399)

Merge 0.11->trunk

MUC: Fix logic for access to affiliation lists Fixes https://prosody.im/security/advisory_20210722/ Backs out 4d7b925652d9

MUC: Skip adding to history when it's set to zero Optimizes away all the processing on every message in case the end-result is zero history.

net.resolvers.service: Only do DANE with secure SRV records If this seems backwards, that' because it is but the API isn't really designed to easily pass along details from each resolution step onto the next.

core.certmanager: Support 'use_dane' setting to enable DANE support Removes the need to enable DANE with two separate settings. Previously you had to also set `ssl = { dane = true }` to activate DANE support in LuaSec and OpenSSL.

Revert 926d53af9a7a: Restore DANE support Previous commit adds a workaround, so this doesn't mutate global state anymore, only per-connection 'extra' state as originally intended.