From 7a3bb0e55cd7c11807d23024a66faec40d39e20a Mon Sep 17 00:00:00 2001 From: Nick Date: Thu, 13 Jun 2019 19:10:43 -0400 Subject: Verify TLS against JID domain, not the host. (xmpp) (#834) Partially fixes #820. A full fix requires patching https://github.com/matterbridge/go-xmpp to use DNS SRV records. --- bridge/xmpp/xmpp.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bridge/xmpp/xmpp.go b/bridge/xmpp/xmpp.go index 8257b7de..2376d60c 100644 --- a/bridge/xmpp/xmpp.go +++ b/bridge/xmpp/xmpp.go @@ -100,7 +100,7 @@ func (b *Bxmpp) Send(msg config.Message) (string, error) { func (b *Bxmpp) createXMPP() error { tc := &tls.Config{ - ServerName: strings.Split(b.GetString("Server"), ":")[0], + ServerName: strings.Split(b.GetString("Jid"), "@")[1], InsecureSkipVerify: b.GetBool("SkipTLSVerify"), // nolint: gosec } options := xmpp.Options{ -- cgit v1.2.3