prosodyctl: Add external connectivity check based on observe.jabber.network This uses the (experimental) observe.jabber.network API to perform external connectivity checks. The idea is to complement the checks prosodyctl can already do with a (nearly) complete s2s/c2s handshake from a remote party to test the entire stack.

mod_c2s: Rename Direct TLS listener 'c2s_direct_tls' for clarity And to follow existing naming practices better than 'legacy_ssl' did.

util.prosodyctl.check: Add TODO about replacements for deprecated settings

util.prosodyctl.check: Check for server-to-server Direct TLS records

mod_s2s: Rename Direct TLS listener 's2s_direct_tls' Following the style of other options like (c2s|s2s)_require_encryption, s2s_secure_auth etc.

mod_s2s: Add a Direct TLS listener Mirroring the c2s 'direct_tls'. Naming things is hard. direct_tls_s2s_ports = { 5269+1 }

mod_s2s: Handle connections having TLS from the start This could be done with multiplexing, or a future additional port definition.

mod_s2s: Factor out procedure for newly encrypted sessions Goal is to call this if the connection is using Direct TLS, either via multiplexing or a future Direct TLS S2S port.

mod_bosh,mod_websocket: Make into global-shared modules (...again) Global modules aren't quite considered loaded onto hosts, which causes confusion in some cases. They are also reported in the log as being served on http://*:5280/foo which is also a bit confusing, and can't be clicked. Global modules also have to have their paths configured in the global section, which could be confusing and unexpected. This global+shared method should be the best of both worlds.

mod_c2s,mod_s2s: Indicate stanza size violation with condition from XEP-0205 (thanks mjk)