/* The features of this stream are... */
cprintf("<stream:features>");
+#ifdef HAVE_OPENSSL_XXXX_COMMENTED_OUT
+ /* TLS encryption (but only if it isn't already active) */
+ if (!CC->redirect_ssl) {
+ cprintf("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'></starttls>");
+ }
+#endif
+
if (!CC->logged_in) {
/* If we're not logged in yet, offer SASL as our feature set */
xmpp_output_auth_mechs();
--XMPP->html_tag_level;
}
+ else if (!strcasecmp(el, "starttls")) {
+#ifdef HAVE_OPENSSL
+ cprintf("<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
+ CtdlModuleStartCryptoMsgs(NULL, NULL, NULL);
+ if (!CC->redirect_ssl) CC->kill_me = 1;
+#else
+ cprintf("<failure xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
+ CC->kill_me = 1;
+#endif
+ }
+
XMPP->chardata_len = 0;
if (XMPP->chardata_alloc > 0) {
XMPP->chardata[0] = 0;
CtdlRegisterSessionHook(xmpp_cleanup_function, EVT_STOP);
CtdlRegisterSessionHook(xmpp_login_hook, EVT_LOGIN);
CtdlRegisterSessionHook(xmpp_logout_hook, EVT_LOGOUT);
-
+ CtdlRegisterSessionHook(xmpp_login_hook, EVT_UNSTEALTH);
+ CtdlRegisterSessionHook(xmpp_logout_hook, EVT_STEALTH);
#else
lprintf(CTDL_INFO, "This server is missing the Expat XML parser. Jabber service will be disabled.\n");
#endif
projects / citadel.git / blobdiff