OutgoingClient: Use ServerAddress also for LegacySSL connections

Do not use normal xmpp-client SRV records for connecting with direct TLS.
qxmpp-project · Jul 24, 2024 · 78ce8f3 · 78ce8f3
1 parent 0e6cd57
commit 78ce8f3
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 10 deletions.
diff --git a/src/base/QXmppConstants_p.h b/src/base/QXmppConstants_p.h
@@ -21,7 +21,7 @@
 namespace QXmpp::Private {
 
 constexpr int XMPP_DEFAULT_PORT = 5222;
-
+constexpr int XMPPS_DEFAULT_PORT = 5223;
 }
 
 // QXmpp

diff --git a/src/client/QXmppOutgoingClient.cpp b/src/client/QXmppOutgoingClient.cpp
@@ -87,15 +87,14 @@ void QXmppOutgoingClientPrivate::connectToHost(const ServerAddress &address)
  q->socket()->setPeerVerifyName(config.domain());
 
  // connect to host
- const QXmppConfiguration::StreamSecurityMode localSecurity = q->configuration().streamSecurityMode();
- if (localSecurity == QXmppConfiguration::LegacySSL) {
- if (!q->socket()->supportsSsl()) {
- q->warning(u"Not connecting as legacy SSL was requested, but SSL support is not available"_s);
- return;
- }
- q->socket()->connectToHostEncrypted(address.host, address.port);
- } else {
+ switch (address.type) {
+ case ServerAddress::Tcp:
  q->socket()->connectToHost(address.host, address.port);
+ break;
+ case ServerAddress::Tls:
+ Q_ASSERT(QSslSocket::supportsSsl());
+ q->socket()->connectToHostEncrypted(address.host, address.port);
+ break;
  }
 }
 
@@ -186,7 +185,27 @@ void QXmppOutgoingClient::connectToHost()
 
  // if an explicit host was provided, connect to it
  if (!d->config.host().isEmpty() && d->config.port()) {
- d->connectToHost({ ServerAddress::Tcp, d->config.host(), d->config.port16() });
+ auto connectionType = d->config.streamSecurityMode() == QXmppConfiguration::LegacySSL
+ ? ServerAddress::Tls
+ : ServerAddress::Tcp;
+ d->connectToHost({ connectionType, d->config.host(), d->config.port16() });
+ return;
+ }
+
+ // legacy SSL
+ if (d->config.streamSecurityMode() == QXmppConfiguration::LegacySSL) {
+ if (!QSslSocket::supportsSsl()) {
+ setError(u"Cannot connect using legacy SSL, SSL/TLS support is not available locally"_s
+ .arg(d->config.host()),
+ QAbstractSocket::SocketError::SslInternalError);
+ return;
+ }
+
+ d->serverAddresses = {
+ ServerAddress { ServerAddress::Tls, d->config.domain(), XMPPS_DEFAULT_PORT },
+ ServerAddress { ServerAddress::Tls, d->config.domain(), XMPP_DEFAULT_PORT },
+ };
+ d->connectToNextAddress();
  return;
  }