prosody
c567e5e2b77a

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Changeset

11341:c567e5e2b77a

mod_tls: Ignore lack of STARTTLS offer only when s2s_require_encryption set
author Kim Alvefur <zash@zash.se>
date Fri, 29 Jan 2021 23:23:25 +0100
parents 11340:a7109eb45e30
children 11342:44f983174e6a
files plugins/mod_tls.lua
diffstat 1 files changed, 4 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/plugins/mod_tls.lua	Fri Jan 29 23:17:08 2021 +0100
+++ b/plugins/mod_tls.lua	Fri Jan 29 23:23:25 2021 +0100
@@ -153,8 +153,11 @@
 	if can_do_tls(session) then
 		if stanza:get_child("starttls", xmlns_starttls) then
 			module:log("debug", "%s is offering TLS, taking up the offer...", session.to_host);
+		elseif s2s_require_encryption then
+			module:log("debug", "%s is *not* offering TLS, trying anyways!", session.to_host);
 		else
-			module:log("debug", "%s is *not* offering TLS, trying anyways!", session.to_host);
+			module:log("debug", "%s is not offering TLS", session.to_host);
+			return;
 		end
 		session.sends2s(starttls_initiate);
 		return true;