The correct incantations to enable certification common name / subject
alternative name verification, per our code, are `subjects_all`,
`subjects_in`, and `subjects_out` in a Sofia profile's
`tls-verify-policy`.  What we've had in our examples and documentation
for years are `all_subjects`, `in_subjects`, and `out_subjects`.

The result of this is that we've almost certainly confused people into
using the incorrect forms.  Those poor people will believe that they
are verifying the CN/SAN of the received host certificate against the
list in `tls-verify-in-subjects` when in fact they are not.

One clear issue in this case was that the incorrect forms failed to
have any effect without providing any warning or error.  This issue
could not have persisted if we had made more noise about incorrect
input.

Given how long this has been broken, it's tempting to alias the
incorrect forms to the correct ones.  However this would certainly
break many existing installations that have, because of this error,
never actually tested their setup with CN/SAN validation enabled.

In this commit, we fix the examples and documentation, and add an
error-level log output when unknown values are passed to
`tls-verify-policy`.

Thanks-to: Andrew Patrikalakis <anrp+freeswitch@anrp.net>

FS-7720 improve play_and_detect_speech to set current_application_response channel variable as follows:

    "USAGE ERROR": bad application arguments
    "GRAMMAR ERROR": speech recognizer failed to load grammar
    "ASR INIT ERROR": speech recognizer failed to allocate a session
    "ERROR": any other errors

  This is useful for determining that play_and_detect_speech failed because the recognizer is out of licenses
  giving the developer a chance to fall back to traditional DTMF menu navigation.

Conflicts:
	src/switch_core_io.c
	src/switch_ivr_async.c

FS-7622 make sure to close the connections on destroy. Currently the connection is malloc'd from the module pool, so there is nothing to destroy.

Updated SKINNY on-hook action to hang up all calls on a device, except those in a short list of call states (or perform a blind transfer).
Added a hook after completing the hangup operation to start ringing if there is an inbound call active on the device.
Signed-off-by: Nathan Neulinger <nneul@neulinger.org>

FS-7607 #resolve #comment Update URLs to reflect https protocol on freeswitch.org websites and update additional URLs to avoid 301 redirects.

   Two new params added to autoload_configs/rayo.conf.xml
     offer-algorithm
       all: offer to all clients (default and old behavior)
       first: offer to first client, fails over to next client in list
       random: offer to random client, fails over to next random client

     offer-timeout-ms
       0: disable
       > 0 and < 120000: time to wait for reply from offer.  On timeout, next client is offered call.
                         If no other clients available, call is rejected.  5000 is default.

FS-7593 --resolve  add locking keyed on device name around any database updates adding/removing the device

little more tolerant of big timing errors between the symbols at the far end,
and as they are received by us.

FS-7582 #resolve #comment port from 1.6 its probably better to start working on 1.6 for any webrtc or dtls stuff