I was trying out TLSRequired policy and it did not work for me. During
connection "stream:features" was processed twice. Second time around
(presumingly after TLS is established) there is a failure because at
that point m_streamFeatures don't include startTls. (I'm connecting to
Openfire server).
This change below helped things but I'm not familiar enough with gloox
code base to be sure it's correct.
===================================================================
--- src/client.cpp (revision 4878)
+++ src/client.cpp (working copy)
@@ -105,7 +105,7 @@
{
m_streamFeatures = getStreamFeatures( stanza );
- if( m_tls == TLSRequired
+ if( m_tls == TLSRequired && !m_encryptionActive
&& ( !m_encryption || !( m_streamFeatures &
StreamFeatureStartTls ) ) )
{
logInstance().log( LogLevelError, LogAreaClassClient,