6 if stream.authenticated then return; end |
6 if stream.authenticated then return; end |
7 if features_stanza:get_child("starttls", xmlns_tls) and stream.conn.starttls then |
7 if features_stanza:get_child("starttls", xmlns_tls) and stream.conn.starttls then |
8 stream:debug("Negotiating TLS..."); |
8 stream:debug("Negotiating TLS..."); |
9 stream:send(st.stanza("starttls", { xmlns = xmlns_tls })); |
9 stream:send(st.stanza("starttls", { xmlns = xmlns_tls })); |
10 return true; |
10 return true; |
11 elseif not stream.conn.starttls then |
11 elseif not stream.conn.starttls and not self.secure then |
12 stream:warn("SSL libary (LuaSec) not loaded, so TLS not available"); |
12 stream:warn("SSL libary (LuaSec) not loaded, so TLS not available"); |
13 else |
13 elseif not self.secure then |
14 stream:debug("Server doesn't offer TLS :("); |
14 stream:debug("Server doesn't offer TLS :("); |
15 end |
15 end |
16 end |
16 end |
17 local function handle_tls(tls_status) |
17 local function handle_tls(tls_status) |
18 if tls_status.name == "proceed" then |
18 if tls_status.name == "proceed" then |
20 stream.conn:starttls({mode="client", protocol="sslv23", options="no_sslv2"}, true); |
20 stream.conn:starttls({mode="client", protocol="sslv23", options="no_sslv2"}, true); |
21 end |
21 end |
22 end |
22 end |
23 local function handle_status(new_status) |
23 local function handle_status(new_status) |
24 if new_status == "ssl-handshake-complete" then |
24 if new_status == "ssl-handshake-complete" then |
|
25 self.secure = true; |
25 stream:debug("Re-opening stream..."); |
26 stream:debug("Re-opening stream..."); |
26 stream:reopen(); |
27 stream:reopen(); |
27 end |
28 end |
28 end |
29 end |
29 stream:hook("stream-features", handle_features, 400); |
30 stream:hook("stream-features", handle_features, 400); |