From 8f5e8cdf55c8b34753e5aca117b350550b4dab88 Mon Sep 17 00:00:00 2001
From: Guus der Kinderen <guus.der.kinderen@gmail.com>
Date: Tue, 1 Aug 2023 19:41:44 +0200
Subject: [PATCH] OF-2559: Do not assume that all connections have established
 TLS

This intends to guard against null pointer exceptions.
---
 .../java/org/jivesoftware/openfire/nio/NettyConnection.java | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java b/xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java
index 5ae768eed4..3b5585400f 100644
--- a/xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java
+++ b/xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java
@@ -183,12 +183,18 @@ public Certificate[] getPeerCertificates() {
     @Override
     public Optional<String> getTLSProtocolName() {
         SslHandler sslhandler = (SslHandler) channelHandlerContext.channel().pipeline().get(SSL_HANDLER_NAME);
+        if (sslhandler == null) {
+            return Optional.empty();
+        }
         return Optional.ofNullable(sslhandler.engine().getSession().getProtocol());
     }
 
     @Override
     public Optional<String> getCipherSuiteName() {
         SslHandler sslhandler = (SslHandler) channelHandlerContext.channel().pipeline().get(SSL_HANDLER_NAME);
+        if (sslhandler == null) {
+            return Optional.empty();
+        }
         return Optional.ofNullable(sslhandler.engine().getSession().getCipherSuite());
     }