xmpp: allow s2s without tls

3 files changed, 10 insertions, 11 deletions

diff --git a/juick-ws/src/main/java/com/juick/ws/s2s/Connection.java b/juick-ws/src/main/java/com/juick/ws/s2s/Connection.java
index 77c12d1d..b187aa3e 100644
--- a/juick-ws/src/main/java/com/juick/ws/s2s/Connection.java
+++ b/juick-ws/src/main/java/com/juick/ws/s2s/Connection.java
@@ -61,15 +61,14 @@ public class Connection {
         KeyStore ks = KeyStore.getInstance("JKS");
         try (InputStream ksIs = new FileInputStream(xmpp.keystore)) {
             ks.load(ksIs, xmpp.keystorePassword.toCharArray());
+            KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
+                    .getDefaultAlgorithm());
+            kmf.init(ks, xmpp.keystorePassword.toCharArray());
+            sc = SSLContext.getInstance("TLSv1.2");
+            sc.init(kmf.getKeyManagers(), trustAllCerts, new SecureRandom());
+        } catch (Exception e) {
+            logger.warning("tls unavailable");
         }
-
-        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
-                .getDefaultAlgorithm());
-        kmf.init(ks, xmpp.keystorePassword.toCharArray());
-        sc = SSLContext.getInstance("TLSv1.2");
-
-        sc.init(kmf.getKeyManagers(), trustAllCerts, new SecureRandom());
-
     }
 
     public void logParser() {
diff --git a/juick-ws/src/main/java/com/juick/ws/s2s/ConnectionIn.java b/juick-ws/src/main/java/com/juick/ws/s2s/ConnectionIn.java
index d1d69dd0..5ac21fb6 100644
--- a/juick-ws/src/main/java/com/juick/ws/s2s/ConnectionIn.java
+++ b/juick-ws/src/main/java/com/juick/ws/s2s/ConnectionIn.java
@@ -133,7 +133,7 @@ public class ConnectionIn extends Connection implements Runnable {
                         LOGGER.info("STREAM " + streamID + ": " + xml);
                         xmpp.getRouter().send(xml);
                     }
-                } else if (!isSecured() && tag.equals("starttls")) {
+                } else if (sc != null && !isSecured() && tag.equals("starttls")) {
                     LOGGER.info("STREAM " + streamID + " SECURING");
                     sendStanza("<proceed xmlns=\"" + NS_TLS + "\" />");
                     try {
@@ -182,7 +182,7 @@ public class ConnectionIn extends Connection implements Runnable {
                 xmpp.HOSTNAME + "' id='" + streamID + "' version='1.0'>";
         if (xmppversionnew) {
             openStream += "<stream:features>";
-            if (!isSecured() && !xmpp.brokenSSLhosts.contains(from)) {
+            if (sc != null && !isSecured() && !xmpp.brokenSSLhosts.contains(from)) {
                 openStream += "<starttls xmlns=\"" + NS_TLS + "\"><optional/></starttls>";
             }
             openStream += "</stream:features>";
diff --git a/juick-ws/src/main/java/com/juick/ws/s2s/ConnectionOut.java b/juick-ws/src/main/java/com/juick/ws/s2s/ConnectionOut.java
index 1de16329..6a0fe33b 100644
--- a/juick-ws/src/main/java/com/juick/ws/s2s/ConnectionOut.java
+++ b/juick-ws/src/main/java/com/juick/ws/s2s/ConnectionOut.java
@@ -116,7 +116,7 @@ public class ConnectionOut extends Connection implements Runnable {
                     XmlUtils.skip(parser);
                 } else if (tag.equals("features") && parser.getNamespace().equals(NS_STREAM)) {
                     StreamFeatures features = StreamFeatures.parse(parser);
-                    if (!isSecured() && features.STARTTLS >= 0 && !xmpp.brokenSSLhosts.contains(to)) {
+                    if (sc != null && !isSecured() && features.STARTTLS >= 0 && !xmpp.brokenSSLhosts.contains(to)) {
                         logger.info("STREAM TO " + to + " " + streamID + " SECURING");
                         sendStanza("<starttls xmlns=\"" + NS_TLS + "\" />");
                     } else {