Hi,
Replies inline.
fre jan 22 23:14:13 2016 GMT+0100 skrev François L.:
> Hi,
>
> I've same problem,
> Log say :
> Jan 22 23:07:30 s2sout13310a8 info outgoing s2s stream myserver.tld
> ->gmail.com closed: Encrypted server-to-server communication is required
> but was not offered
> Jan 22 23:07:30 s2sout13310a8 info Sending error replies for 1 queued
> stanzas because of failed outgoing connection to gmail.com
>
> In my prosody.cnf.lua, they are :
> s2s_require_encryption = true
This means require encryption, no exceptions. We have no plans on supporting
exceptions to this but someone could write a plugin for it if they really
wanted ;)
> s2s_insecure_domains = { "gmail.com", "xmpp-server.l.google.com" }
This adds an exception to s2s_secure_auth, not encryption requirements.
Setting s2s_secure_auth = true would implicitly require encryption except for
those in s2s_insecure_domains.
> (i add xmpp-server.l.google.com, it's DNS entry to gtalk).
Only "gmail.com" would matter here, so this doesn't help.
> Prosody 0.99
I assume you mean 0.9.9
> Any idea?
>
> Crante
>
>
> Le vendredi 6 juin 2014 20:47:43 UTC+2, Nicolás Reynolds a écrit :
> >
> > Timothée Ravier <timothee.ro...@gmail.com <javascript:>> writes:
> >
> > > Hi,
> > >
> > > I've read the XMPP TLS manifesto and I'd like to enforce it. But
> > gmail.com
> > > doesn't do TLS and I'd like to exclude just this one.
> > >
> > > I know that this is not ideal, but that's still better for me than the
> > > current status: not enforcing TLS for anyone.
> >
> > without patching, i've tested a combination of s2s_require_encryption =
> > true and s2s_insecure_domains = { "gmail.com" } but the second option
> > seems to be ignored, is it meant to be used with s2s_require_encryption
> > = false or another option?
> >
> > has anyone contacted google about this? (not that i think it's a cool
> > corp)
> >
> > --
> > http://librevpn.org.ar
> >
>
> --
> You received this message because you are subscribed to the Google Groups
> "prosody-dev" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to prosody-dev+unsubscr...@googlegroups.com.
> To post to this group, send email to prosody-dev@googlegroups.com.
> Visit this group at https://groups.google.com/group/prosody-dev.
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"prosody-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to prosody-dev+unsubscr...@googlegroups.com.
To post to this group, send email to prosody-dev@googlegroups.com.
Visit this group at https://groups.google.com/group/prosody-dev.
For more options, visit https://groups.google.com/d/optout.
