This repository has been archived by the owner on Feb 19, 2020. It is now read-only.
SSL hostname matching JID and alternate connection method #506
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I happen to be trying to connect to a server that uses a user's email address in the JID instead of that server's domain. Using the xmpp.connect(('alternatedomain.com', 5222)) method of connecting the SSL verify still tries to verify against the domain in the JID.
I realize this might not be the standard way of connecting to XMPP, but considering that it's possible that a subdomain might use a separate cert that's not a wildcard if a subdomain is required for the connection.. Consider:
jid = '[email protected]'
pass = 'somepass'
xmpp = sleekxmpp.ClientXMPP(jid, password)
xmpp.connect(('sub.domain.com', 5222))
In this case I feel the SSL verify should work if the cert matches either domain.com, sub.domain.com, or *.domain.com
or at least the ability to override the expected name, and even the stream to= field in xml with either a custom value or the connect() domain name when not an IP address.
Thanks for any attention to this, and thank you @kelvinkwong for fixes/patches concerning SSL it's helped me in my project.
The text was updated successfully, but these errors were encountered: