5
0
mirror of https://github.com/cwinfo/matterbridge.git synced 2024-11-25 08:41:36 +00:00

Verify TLS against JID domain, not the host. (xmpp) (#834)

Partially fixes #820.

A full fix requires patching https://github.com/matterbridge/go-xmpp to use DNS SRV records.
This commit is contained in:
Nick 2019-06-13 19:10:43 -04:00 committed by Wim
parent 6e8f535e8b
commit 7a3bb0e55c

View File

@ -100,7 +100,7 @@ func (b *Bxmpp) Send(msg config.Message) (string, error) {
func (b *Bxmpp) createXMPP() error { func (b *Bxmpp) createXMPP() error {
tc := &tls.Config{ tc := &tls.Config{
ServerName: strings.Split(b.GetString("Server"), ":")[0], ServerName: strings.Split(b.GetString("Jid"), "@")[1],
InsecureSkipVerify: b.GetBool("SkipTLSVerify"), // nolint: gosec InsecureSkipVerify: b.GetBool("SkipTLSVerify"), // nolint: gosec
} }
options := xmpp.Options{ options := xmpp.Options{