From 3f38ed04077089c8003ff68ad230bb0ed23d2cb2 Mon Sep 17 00:00:00 2001
From: Kousu <nick@kousu.ca>
Date: Tue, 28 May 2019 12:18:26 -0400
Subject: [PATCH] XMPP: verify TLS against JID domain, not the host.

Partially fixes #820.

A full fix requires patching https://github.com/matterbridge/go-xmpp to use DNS SRV records.
---
 bridge/xmpp/xmpp.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bridge/xmpp/xmpp.go b/bridge/xmpp/xmpp.go
index 8257b7de..2376d60c 100644
--- a/bridge/xmpp/xmpp.go
+++ b/bridge/xmpp/xmpp.go
@@ -100,7 +100,7 @@ func (b *Bxmpp) Send(msg config.Message) (string, error) {
 
 func (b *Bxmpp) createXMPP() error {
 	tc := &tls.Config{
-		ServerName:         strings.Split(b.GetString("Server"), ":")[0],
+		ServerName:         strings.Split(b.GetString("Jid"), "@")[1],
 		InsecureSkipVerify: b.GetBool("SkipTLSVerify"), // nolint: gosec
 	}
 	options := xmpp.Options{