Enable SNI for SSL auth to fix DirectTLS connection with some XMPP se…

…rvers
movim · Oct 1, 2020 · f1ae797 · f1ae797
1 parent ff50a65
commit f1ae797
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 11 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,8 +1,9 @@
 Movim Changelog
 ================
 
-v0.19 (trunk)
+v0.18.1 (trunk)
 ---------------------------
+ * Enable SNI for SSL auth to fix DirectTLS connection with some XMPP servers
 
 v0.18
 ---------------------------

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-v0.18
+v0.18.1rc0
diff --git a/linker.php b/linker.php
@@ -46,14 +46,7 @@
 
 function handleSSLErrors($errno, $errstr)
 {
-    fwrite(
-        STDERR,
-        colorize(getenv('sid'), 'yellow').
-        " : ".colorize($errno, 'red').
-        " ".
-        colorize($errstr, 'red').
-        "\n"
-    );
+    logOut(colorize('SSL Error '.$errno.': '.$errstr, 'red'));
 }
 
 // Temporary linker killer
@@ -101,7 +94,7 @@ function enableEncryption($stream): bool
 
     $session = Session::start();
     stream_set_blocking($stream, 1);
-    stream_context_set_option($stream, 'ssl', 'SNI_enabled', false);
+    stream_context_set_option($stream, 'ssl', 'SNI_enabled', true);
     stream_context_set_option($stream, 'ssl', 'peer_name', $session->get('host'));
     stream_context_set_option($stream, 'ssl', 'allow_self_signed', false);
 
@@ -182,6 +175,8 @@ function shutdown()
     global $loop;
     global $wsSocket;
 
+    logOut(colorize('Shutdown', 'blue'));
+
     $wsSocket->close();
     $loop->stop();
 }