A follow up:
I could not find any way to get libstrophe to do this, so I hacked it. My solution was to remove the conn_open_stream() statement from the XMPP_STATE_CONNECTING code in event.c. I then replaced it with the following lines:
conn->tls = tls_new(conn->ctx, conn->sock);
if (!tls_start(conn->tls))
{
xmpp_debug(conn->ctx, "xmpp", "Couldn't start TLS! error %d", tls_error(conn->tls));
tls_free(conn->tls);
conn->tls = NULL;
conn->tls_failed = 1;
/* failed tls spoils the connection, so disconnect */
xmpp_disconnect(conn);
}
else
{
conn->secured = 1;
conn_prepare_reset(conn, auth_handle_open);
conn_open_stream(conn);
}
This is the code I found was used for the STARTTLS extension.
Surprisingly, this actually worked and I am now connected to Google's CCS server via libstrophe.
Can anyone think of a more elegant/portable way to solve this problem?
Thank you for any advice.