We’re using the Prosody XMPP server with the “secure_interfaces” module, which turns off requiring TLS on host interfaces considered secure (by default, the loopback addresses, 127.0.0.1 and ::1).
Is there an easy way to configure Smack to do the same thing, i.e. to change the security mode to
ifrequired if and only if the XMPP hostname resolves to the loopback address?
I could do it manually, but I don’t want my Java code to be doing DNS lookups inline, and it seems like it would be fragile to assume that only the name
"localhost" resolves to the loopback address.
This is for the Jitsi project - I’m in the process of upgrading our Smack libraries from a hacked version of Smack 4.2.4 to the official 4.4.3 release, and I ran into the change in default of the security mode.