I don't know why this works now when it didn't work before.
Perhaps we fixed something in the I/O layer recently.
/* The features of this stream are... */
cprintf("<stream:features>");
/* The features of this stream are... */
cprintf("<stream:features>");
-#ifdef HAVE_OPENSSL_XXXX_COMMENTED_OUT
- /* TLS encryption (but only if it isn't already active) */
+ /*
+ * TLS encryption (but only if it isn't already active)
+ *
+ * NOTE: if TLS doesn't handshake properly for whatever reason,
+ * comment out these three lines to disable it at the server.
+ */
if (!CC->redirect_ssl) {
cprintf("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'></starttls>");
}
if (!CC->redirect_ssl) {
cprintf("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'></starttls>");
}
if (!CC->logged_in) {
/* If we're not logged in yet, offer SASL as our feature set */
if (!CC->logged_in) {
/* If we're not logged in yet, offer SASL as our feature set */