From 955aad87ef1f4b999d2983c75def14e87983ff62 Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Sun, 6 Jan 2013 23:36:17 +0000 Subject: Require StartTLS from all Jabber servers by default, like most clients do these days. --- doc/user-guide/commands.xml | 6 +++--- protocols/jabber/jabber.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/user-guide/commands.xml b/doc/user-guide/commands.xml index c5c9689a..a21153ef 100644 --- a/doc/user-guide/commands.xml +++ b/doc/user-guide/commands.xml @@ -1517,15 +1517,15 @@ - try + true - Newer Jabber servers allow clients to convert a plain-text session to a TLS/SSL-encrypted session. Normally (with this setting set to try) BitlBee will do this, if possible. + By default (with this setting enabled), BitlBee will require Jabber servers to offer encryption via StartTLS and refuse to connect if they don't. - If you want to force BitlBee to use TLS sessions only (and to give up if that doesn't seem to be possible) you can set this setting to true. Set it to false if you want the session to remain plain-text. + If you set this to "try", BitlBee will use StartTLS only if it's offered. With the setting disabled, StartTLS support will be ignored and avoided entirely. diff --git a/protocols/jabber/jabber.c b/protocols/jabber/jabber.c index b8d6f234..86daaa6a 100644 --- a/protocols/jabber/jabber.c +++ b/protocols/jabber/jabber.c @@ -84,7 +84,7 @@ static void jabber_init( account_t *acc ) s = set_add( &acc->set, "ssl", "false", set_eval_bool, acc ); s->flags |= ACC_SET_OFFLINE_ONLY; - s = set_add( &acc->set, "tls", "try", set_eval_tls, acc ); + s = set_add( &acc->set, "tls", "true", set_eval_tls, acc ); s->flags |= ACC_SET_OFFLINE_ONLY; s = set_add( &acc->set, "tls_verify", "true", set_eval_bool, acc ); -- cgit v1.2.3