From da0482b2260fe4ebd195ec4217bdeb9bb0bebdd9 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Fri, 29 Jan 2021 23:23:25 +0100 Subject: mod_tls: Ignore lack of STARTTLS offer only when s2s_require_encryption set --- plugins/mod_tls.lua | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua index 6b3045a3..d6198522 100644 --- a/plugins/mod_tls.lua +++ b/plugins/mod_tls.lua @@ -153,8 +153,11 @@ module:hook_tag("http://etherx.jabber.org/streams", "features", function (sessio if can_do_tls(session) then if stanza:get_child("starttls", xmlns_starttls) then module:log("debug", "%s is offering TLS, taking up the offer...", session.to_host); - else + elseif s2s_require_encryption then module:log("debug", "%s is *not* offering TLS, trying anyways!", session.to_host); + else + module:log("debug", "%s is not offering TLS", session.to_host); + return; end session.sends2s(starttls_initiate); return true; -- cgit v1.2.3