From 41fc44e55ff34058a7928ca1b36002cc3ad4ed7c Mon Sep 17 00:00:00 2001 From: Badlop Date: Fri, 10 Dec 2010 17:27:15 +0100 Subject: [PATCH] When TLS is required in s2s, add subelement to stream:features starttls --- src/ejabberd_s2s_in.erl | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/src/ejabberd_s2s_in.erl b/src/ejabberd_s2s_in.erl index 04e497d67..e2200c72b 100644 --- a/src/ejabberd_s2s_in.erl +++ b/src/ejabberd_s2s_in.erl @@ -62,6 +62,7 @@ shaper, tls = false, tls_enabled = false, + tls_required = false, tls_options = [], server, authenticated = false, @@ -122,12 +123,14 @@ init([{SockMod, Socket}, Opts]) -> {value, {_, S}} -> S; _ -> none end, - StartTLS = case ejabberd_config:get_local_option(s2s_use_starttls) of - undefined -> - false; - UseStartTLS -> - UseStartTLS - end, + {StartTLS, TLSRequired} = case ejabberd_config:get_local_option(s2s_use_starttls) of + UseTls when (UseTls==undefined) or (UseTls==false) -> + {false, false}; + UseTls when (UseTls==true) or (UseTls==optional) -> + {true, false}; + required -> + {true, true} + end, TLSOpts = case ejabberd_config:get_local_option(s2s_certfile) of undefined -> []; @@ -142,6 +145,7 @@ init([{SockMod, Socket}, Opts]) -> shaper = Shaper, tls = StartTLS, tls_enabled = false, + tls_required = TLSRequired, tls_options = TLSOpts, timer = Timer}}. @@ -186,8 +190,8 @@ wait_for_stream({xmlstreamstart, Opening}, StateData) -> StartTLS = if StateData#state.tls_enabled -> []; - true -> - [exmpp_server_tls:feature()] + (not StateData#state.tls_enabled) -> + [exmpp_server_tls:feature(StateData#state.tls_required)] end, Features = SASL ++ StartTLS ++ ejabberd_hooks:run_fold( c2s_stream_features,