mod_tls: Attempt STARTTLS even if not advertised as per RFC 7590

2 files changed, 7 insertions, 2 deletions

diff --git a/doc/doap.xml b/doc/doap.xml
index 3581a3e6..b91f2dbe 100644
--- a/doc/doap.xml
+++ b/doc/doap.xml
@@ -54,6 +54,7 @@
     <implements rdf:resource="https://www.rfc-editor.org/info/rfc6455"/>
     <implements rdf:resource="https://www.rfc-editor.org/info/rfc7301"/>
     <implements rdf:resource="https://www.rfc-editor.org/info/rfc7395"/>
+    <implements rdf:resource="https://www.rfc-editor.org/info/rfc7390"/>
     <implements rdf:resource="https://datatracker.ietf.org/doc/draft-cridland-xmpp-session/">
       <!-- since=0.6.0 note=Added in hg:0bbbc9042361 -->
     </implements>
diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua
index 151add6f..6b3045a3 100644
--- a/plugins/mod_tls.lua
+++ b/plugins/mod_tls.lua
@@ -150,8 +150,12 @@ end);
 -- For s2sout connections, start TLS if we can
 module:hook_tag("http://etherx.jabber.org/streams", "features", function (session, stanza)
 	module:log("debug", "Received features element");
-	if can_do_tls(session) and stanza:get_child("starttls", xmlns_starttls) then
-		module:log("debug", "%s is offering TLS, taking up the offer...", session.to_host);
+	if can_do_tls(session) then
+		if stanza:get_child("starttls", xmlns_starttls) then
+			module:log("debug", "%s is offering TLS, taking up the offer...", session.to_host);
+		else
+			module:log("debug", "%s is *not* offering TLS, trying anyways!", session.to_host);
+		end
 		session.sends2s(starttls_initiate);
 		return true;
 	end