Commit e9516467 authored by Gaston Dombiak's avatar Gaston Dombiak Committed by gato

Do not offer starttls to clients using the old SSL method. JM-749

git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@4229 b35dd754-fafc-0310-a699-88a17e54d16e
parent ac0bec9a
......@@ -233,7 +233,13 @@ public class ClientSession extends Session {
connection.setXMPPVersion(majorVersion, minorVersion);
// Indicate the TLS policy to use for this connection
connection.setTlsPolicy(tlsPolicy);
if (!connection.isSecure()) {
// Set default TLS policy
connection.setTlsPolicy(tlsPolicy);
} else {
// Set default TLS policy
connection.setTlsPolicy(Connection.TLSPolicy.disabled);
}
// Indicate the compression policy to use for this connection
connection.setCompressionPolicy(compressionPolicy);
......@@ -286,9 +292,9 @@ public class ClientSession extends Session {
sb = new StringBuilder(490);
sb.append("<stream:features>");
if (tlsPolicy != Connection.TLSPolicy.disabled) {
if (connection.getTlsPolicy() != Connection.TLSPolicy.disabled) {
sb.append("<starttls xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\">");
if (tlsPolicy == Connection.TLSPolicy.required) {
if (connection.getTlsPolicy() == Connection.TLSPolicy.required) {
sb.append("<required/>");
}
sb.append("</starttls>");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment