Fix certificat domain check in case of SRV

2016-08-15 22:37:28 +02:00 · 2016-08-15 22:37:28 +02:00 · 72135514fc
parent 476e0d7ddb
commit 72135514fc
3 changed files with 12 additions and 7 deletions
--- a/src/xmpp/client.go
+++ b/src/xmpp/client.go
@ -115,7 +115,7 @@ func startTLS(stream *Stream, config *ClientConfig) error {
 		return err
 	}

-	tlsConfig := tls.Config{InsecureSkipVerify: config.InsecureSkipVerify, ServerName: stream.connDomain}
+	tlsConfig := tls.Config{InsecureSkipVerify: config.InsecureSkipVerify, ServerName: stream.config.ConnectionDomain}
 	return stream.UpgradeTLS(&tlsConfig)
 }

--- a/src/xmpp/stream.go
+++ b/src/xmpp/stream.go
@ -17,6 +17,9 @@ type StreamConfig struct {
 	// are either sent to the server or delivered to the application. It also
 	// causes incoming stanzas to be XML-parsed a second time.
 	LogStanzas bool
+
+	// The dommain connection for certificat validation.
+	ConnectionDomain string
 }

 type Stream struct {
@ -25,7 +28,6 @@ type Stream struct {
 	config            *StreamConfig
 	stanzaBuf         string
 	incomingNamespace nsMap
-	connDomain        string
 }

 // Create a XML stream connection. A Steam is used by an XMPP instance to
@ -43,7 +45,10 @@ func NewStream(addr string, config *StreamConfig) (*Stream, error) {
 		return nil, err
 	}

-	stream := &Stream{conn: conn, dec: xml.NewDecoder(conn), config: config, connDomain: strings.SplitN(addr, ":", 2)[0]}
+	stream := &Stream{conn: conn, dec: xml.NewDecoder(conn), config: config}
+	if config.ConnectionDomain == "" {
+		config.ConnectionDomain = strings.SplitN(addr, ":", 2)[0]
+	}

 	if err := stream.send([]byte("<?xml version='1.0' encoding='utf-8'?>")); err != nil {
 		return nil, err