I added support for both legacy SSL (port 5223) and the EXTERNAL authentication mechanism (as described in XEP-0178) for both starttls and legacy SSL.
I tested this against my Openfire server.
Added support for legacy SSL
Support for legacy SSL added so we can test SASL external with on
Added SASL EXTERNAL for legacy SSL
Added SASL EXTERNAL support for starttls
SRV not loaded?
Credentials also added when connecting via SRV
Looks good, thank you.
I'm considering to convert all tabs to whitespace...
Thanks for pulling this in.
You might want to consider updating the readme so it is clear that the EXTERNAL client authentication is also supported. I forgot to add this myself :-/
I'll set my editor to use spaces instead of tabs for future changes...
This gist has a sample on how to use legacy SSL / startTLS with SASL EXTERNAL: