uwaru/go-xmpp
1
0
Fork 0
forked from jshiffer/go-xmpp
Code Pull Requests Activity

An invalid certificate is a permanent error if we do not skip cert check

Browse Source
This commit is contained in:
Mickael Remond
2019-07-31 11:43:54 +02:00
parent 4e185f4bb6
commit e531370dc9
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
session.go
+4 -1
View File
@@ -37,6 +37,10 @@ func NewSession(conn net.Conn, o Config) (net.Conn, *Session, error) {
var tlsConn net.Conn
tlsConn = s.startTlsIfSupported(conn, o.parsedJid.Domain, o)
if s.err != nil {
return nil, nil, NewConnError(s.err, true)
}
if !s.TlsEnabled && !o.Insecure {
err := fmt.Errorf("failed to negotiate TLS session : %s", s.err)
return nil, nil, NewConnError(err, true)
@@ -131,7 +135,6 @@ func (s *Session) startTlsIfSupported(conn net.Conn, domain string, o Config) ne
}
if !o.TLSConfig.InsecureSkipVerify {
// We check that cert matches hostname
s.err = tlsConn.VerifyHostname(domain)
}