diff options
| author | Rubén Calvo <rubencm@gmail.com> | 2017-03-30 08:33:04 +0200 |
|---|---|---|
| committer | Rubén Calvo <rubencm@gmail.com> | 2017-03-30 10:04:50 +0200 |
| commit | 32f3ddca7061c7584508dd09e4b1226b8aae1aca (patch) | |
| tree | ea7eda21f8344e080e13e29994bf075018be6ee8 /phpBB/includes/functions_jabber.php | |
| parent | 827ded82b8110fd2c587d9d7c84731ee7215b166 (diff) | |
| download | forums-32f3ddca7061c7584508dd09e4b1226b8aae1aca.tar forums-32f3ddca7061c7584508dd09e4b1226b8aae1aca.tar.gz forums-32f3ddca7061c7584508dd09e4b1226b8aae1aca.tar.bz2 forums-32f3ddca7061c7584508dd09e4b1226b8aae1aca.tar.xz forums-32f3ddca7061c7584508dd09e4b1226b8aae1aca.zip | |
[ticket/15150] Add Jabber SSL context configuration options
PHPBB3-15150
Diffstat (limited to 'phpBB/includes/functions_jabber.php')
| -rw-r--r-- | phpBB/includes/functions_jabber.php | 33 |
1 files changed, 28 insertions, 5 deletions
diff --git a/phpBB/includes/functions_jabber.php b/phpBB/includes/functions_jabber.php index bd2e9e93ac..a4fbc90d57 100644 --- a/phpBB/includes/functions_jabber.php +++ b/phpBB/includes/functions_jabber.php @@ -41,6 +41,9 @@ class jabber var $username; var $password; var $use_ssl; + var $verify_peer; + var $verify_peer_name; + var $allow_self_signed; var $resource = 'functions_jabber.phpbb.php'; var $enable_logging; @@ -50,7 +53,7 @@ class jabber /** */ - function jabber($server, $port, $username, $password, $use_ssl = false) + function jabber($server, $port, $username, $password, $use_ssl = false, $verify_peer = true, $verify_peer_name = true, $allow_self_signed = false) { $this->connect_server = ($server) ? $server : 'localhost'; $this->port = ($port) ? $port : 5222; @@ -71,6 +74,9 @@ class jabber $this->password = $password; $this->use_ssl = ($use_ssl && self::can_use_ssl()) ? true : false; + $this->verify_peer = $verify_peer; + $this->verify_peer_name = $verify_peer_name; + $this->allow_self_signed = $allow_self_signed; // Change port if we use SSL if ($this->port == 5222 && $this->use_ssl) @@ -139,7 +145,7 @@ class jabber $this->session['ssl'] = $this->use_ssl; - if ($this->open_socket($this->connect_server, $this->port, $this->use_ssl)) + if ($this->open_socket($this->connect_server, $this->port, $this->use_ssl, $this->verify_peer, $this->verify_peer_name, $this->allow_self_signed)) { $this->send("<?xml version='1.0' encoding='UTF-8' ?" . ">\n"); $this->send("<stream:stream to='{$this->server}' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>\n"); @@ -227,10 +233,13 @@ class jabber * @param string $server host to connect to * @param int $port port number * @param bool $use_ssl use ssl or not + * @param bool $verify_peer verify ssl certificate + * @param bool $verify_peer_name verify peer name + * @param bool $allow_self_signed allow self-signed ssl certificates * @access public * @return bool */ - function open_socket($server, $port, $use_ssl = false) + function open_socket($server, $port, $use_ssl = false, $verify_peer = true, $verify_peer_name = true, $allow_self_signed = false) { if (@function_exists('dns_get_record')) { @@ -241,9 +250,23 @@ class jabber } } - $server = $use_ssl ? 'ssl://' . $server : $server; + $options = array(); - if ($this->connection = @fsockopen($server, $port, $errorno, $errorstr, $this->timeout)) + if ($use_ssl) + { + $remote_socket = 'ssl://' . $server . ':' . $port; + + // Set ssl context options, see http://php.net/manual/en/context.ssl.php + $options['ssl'] = array('verify_peer' => $verify_peer, 'verify_peer_name' => $verify_peer_name, 'allow_self_signed' => $allow_self_signed); + } + else + { + $remote_socket = $server . ':' . $port; + } + + $socket_context = stream_context_create($options); + + if ($this->connection = stream_socket_client($remote_socket, $errorno, $errorstr, $this->timeout, STREAM_CLIENT_CONNECT, $socket_context)) { socket_set_blocking($this->connection, 0); socket_set_timeout($this->connection, 60); |