Hi, Replies inline.
fre jan 22 23:14:13 2016 GMT+0100 skrev François L.: > Hi, > > I've same problem, > Log say : > Jan 22 23:07:30 s2sout13310a8 info outgoing s2s stream myserver.tld > ->gmail.com closed: Encrypted server-to-server communication is required > but was not offered > Jan 22 23:07:30 s2sout13310a8 info Sending error replies for 1 queued > stanzas because of failed outgoing connection to gmail.com > > In my prosody.cnf.lua, they are : > s2s_require_encryption = true This means require encryption, no exceptions. We have no plans on supporting exceptions to this but someone could write a plugin for it if they really wanted ;) > s2s_insecure_domains = { "gmail.com", "xmpp-server.l.google.com" } This adds an exception to s2s_secure_auth, not encryption requirements. Setting s2s_secure_auth = true would implicitly require encryption except for those in s2s_insecure_domains. > (i add xmpp-server.l.google.com, it's DNS entry to gtalk). Only "gmail.com" would matter here, so this doesn't help. > Prosody 0.99 I assume you mean 0.9.9 > Any idea? > > Crante > > > Le vendredi 6 juin 2014 20:47:43 UTC+2, Nicolás Reynolds a écrit : > > > > Timothée Ravier <timothee.ro...@gmail.com <javascript:>> writes: > > > > > Hi, > > > > > > I've read the XMPP TLS manifesto and I'd like to enforce it. But > > gmail.com > > > doesn't do TLS and I'd like to exclude just this one. > > > > > > I know that this is not ideal, but that's still better for me than the > > > current status: not enforcing TLS for anyone. > > > > without patching, i've tested a combination of s2s_require_encryption = > > true and s2s_insecure_domains = { "gmail.com" } but the second option > > seems to be ignored, is it meant to be used with s2s_require_encryption > > = false or another option? > > > > has anyone contacted google about this? (not that i think it's a cool > > corp) > > > > -- > > http://librevpn.org.ar > > > > -- > You received this message because you are subscribed to the Google Groups > "prosody-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to prosody-dev+unsubscr...@googlegroups.com. > To post to this group, send email to prosody-dev@googlegroups.com. > Visit this group at https://groups.google.com/group/prosody-dev. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "prosody-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to prosody-dev+unsubscr...@googlegroups.com. To post to this group, send email to prosody-dev@googlegroups.com. Visit this group at https://groups.google.com/group/prosody-dev. For more options, visit https://groups.google.com/d/optout.