1
Description: require TLS-on-connect or STARTTLS
2
This patch disables unencrypted connections, which is in line with the
3
XMPP manifesto of early 2014. As a side effect, it protects against
4
SSL-stripping attacks (closes: #754839)
5
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
6
Forwarded: http://cybione.org/lists/irssi-xmpp-list/msg00714.html
8
--- a/src/core/xmpp-servers.c
9
+++ b/src/core/xmpp-servers.c
11
ssl = lm_ssl_new(NULL, lm_ssl_cb, user_data, NULL);
12
lm_connection_set_ssl(lmconn, ssl);
14
- lm_ssl_use_starttls(ssl, TRUE, FALSE);
15
+ lm_ssl_use_starttls(ssl, TRUE, TRUE);