Project

General

Profile

Task #1627

Avatar?id=6023&size=22x22

Require StartTLS for s2s

Added by Wojciech Kapcia Tigase team member over 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Target version:
Start date:
2013-11-12
Due date:
% Done:

100%

Estimated time:
Database:
Additional charges approved:
No

Description

Add option to require StartTLS for s2s connections.

Associated revisions

Revision f6696823 (diff)
Added by Andrzej Wójcik Tigase team member about 4 years ago

Added implementation for #1627 Require StartTLS for s2s

History

#1 Avatar?id=6023&size=24x24 Updated by Artur Hefczyc Tigase team member over 4 years ago

  • Assignee set to Andrzej Wójcik
  • Target version set to tigase-server-5.2.1

#2 Avatar?id=6023&size=24x24 Updated by Artur Hefczyc Tigase team member over 4 years ago

  • Project changed from Tigase Private to Tigase XMPP Server

#3 Avatar?id=6023&size=24x24 Updated by Artur Hefczyc Tigase team member about 4 years ago

  • Target version changed from tigase-server-5.2.1 to tigase-server-7.0.0

#4 Updated by Andrzej Wójcik Tigase team member about 4 years ago

  • Status changed from New to In QA
  • Assignee changed from Andrzej Wójcik to Artur Hefczyc
  • % Done changed from 0 to 100

I've changed logic which implements S2S. Now if vhost for domain is configured to require StartTLS it will also require StartTLS on S2S connection for this particular domain. Also if --hardened-mode is enable it will force usage of StartTLS on S2S connection (same as for C2S connections).

+Notice+: If StartTLS is required for S2S connection for particular domain or using hardened-mode, then we force incoming and ougoing connections to be encrypted using StartTLS.

#5 Avatar?id=6023&size=24x24 Updated by Artur Hefczyc Tigase team member about 4 years ago

  • Status changed from In QA to Closed

Looks good to me.

Also available in: Atom PDF