OF-2919: Prevent exception after S2S TLS fails

When TLS fails in a server-to-server connection, this frequently is followed up with another exception, mentioning that a `^W` character couldn't be parsed as valid XMPP. This End-of-Transmission character is likely sent by the peer, as the end of the (failed) TLS handshake. Openfire should let the TLS handler process that character. This prevents the XMPP handler from having to process it.
igniterealtime · Nov 27, 2024 · 9b4ce6f · 9b4ce6f
1 parent efce2cc
commit 9b4ce6f
Showing 1 changed file with 0 additions and 2 deletions.
diff --git a/xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java b/xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java
@@ -17,7 +17,6 @@
 package org.jivesoftware.openfire.nio;
 
 import io.netty.channel.ChannelHandlerContext;
-import io.netty.handler.ssl.SslHandler;
 import io.netty.handler.ssl.SslHandshakeCompletionEvent;
 import org.dom4j.*;
 import org.jivesoftware.openfire.Connection;
@@ -153,7 +152,6 @@ public void userEventTriggered(ChannelHandlerContext ctx, Object evt) throws Exc
             } else {
                 // SSL Handshake has failed
                 Log.debug("TLS negotiation with '{}' was unsuccessful", domainPair.getRemote(), event.cause());
-                ctx.pipeline().remove(SslHandler.class);
 
                 if (isCertificateException(event) && configRequiresStrictCertificateValidation()) {
                     String condition = "caused by an issue with its TLS certificate";