mod_tls: Attempt STARTTLS even if not advertised as per RFC 7590

author: Kim Alvefur <zash@zash.se> 2021-01-29 23:17:08 +0100
committer: Kim Alvefur <zash@zash.se> 2021-01-29 23:17:08 +0100
commit: 2b988f0786477ff5d7104a6ceedc4783453d8496 (patch)
tree: cc46cd81363301f354e42f0ee36c8a3637983b08 /plugins
parent: 89944af9a4f997bec210c8190b1f1903169d9b0d (diff)
download: prosody-2b988f0786477ff5d7104a6ceedc4783453d8496.tar.gz
prosody-2b988f0786477ff5d7104a6ceedc4783453d8496.zip
1 files changed, 6 insertions, 2 deletions
diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua
index 151add6f..6b3045a3 100644
--- a/plugins/mod_tls.lua
+++ b/plugins/mod_tls.lua
@@ -150,8 +150,12 @@ end);
 -- For s2sout connections, start TLS if we can
 module:hook_tag("http://etherx.jabber.org/streams", "features", function (session, stanza)
 	module:log("debug", "Received features element");
-	if can_do_tls(session) and stanza:get_child("starttls", xmlns_starttls) then
-		module:log("debug", "%s is offering TLS, taking up the offer...", session.to_host);
+	if can_do_tls(session) then
+		if stanza:get_child("starttls", xmlns_starttls) then
+			module:log("debug", "%s is offering TLS, taking up the offer...", session.to_host);
+		else
+			module:log("debug", "%s is *not* offering TLS, trying anyways!", session.to_host);
+		end
 		session.sends2s(starttls_initiate);
 		return true;
 	end
author	Kim Alvefur <zash@zash.se>	2021-01-29 23:17:08 +0100
committer	Kim Alvefur <zash@zash.se>	2021-01-29 23:17:08 +0100
commit	2b988f0786477ff5d7104a6ceedc4783453d8496 (patch)
tree	cc46cd81363301f354e42f0ee36c8a3637983b08 /plugins
parent	89944af9a4f997bec210c8190b1f1903169d9b0d (diff)
download	prosody-2b988f0786477ff5d7104a6ceedc4783453d8496.tar.gz prosody-2b988f0786477ff5d7104a6ceedc4783453d8496.zip