aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/acp/acp_jabber.php25
-rw-r--r--phpBB/includes/functions_jabber.php33
-rw-r--r--phpBB/includes/functions_messenger.php4
3 files changed, 47 insertions, 15 deletions
diff --git a/phpBB/includes/acp/acp_jabber.php b/phpBB/includes/acp/acp_jabber.php
index a482b41e1d..3b958c0ea1 100644
--- a/phpBB/includes/acp/acp_jabber.php
+++ b/phpBB/includes/acp/acp_jabber.php
@@ -50,13 +50,16 @@ class acp_jabber
$this->tpl_name = 'acp_jabber';
$this->page_title = 'ACP_JABBER_SETTINGS';
- $jab_enable = request_var('jab_enable', (bool) $config['jab_enable']);
- $jab_host = request_var('jab_host', (string) $config['jab_host']);
- $jab_port = request_var('jab_port', (int) $config['jab_port']);
- $jab_username = request_var('jab_username', (string) $config['jab_username']);
- $jab_password = request_var('jab_password', (string) $config['jab_password']);
- $jab_package_size = request_var('jab_package_size', (int) $config['jab_package_size']);
- $jab_use_ssl = request_var('jab_use_ssl', (bool) $config['jab_use_ssl']);
+ $jab_enable = request_var('jab_enable', (bool) $config['jab_enable']);
+ $jab_host = request_var('jab_host', (string) $config['jab_host']);
+ $jab_port = request_var('jab_port', (int) $config['jab_port']);
+ $jab_username = request_var('jab_username', (string) $config['jab_username']);
+ $jab_password = request_var('jab_password', (string) $config['jab_password']);
+ $jab_package_size = request_var('jab_package_size', (int) $config['jab_package_size']);
+ $jab_use_ssl = request_var('jab_use_ssl', (bool) $config['jab_use_ssl']);
+ $jab_verify_peer = request_var('jab_verify_peer', (bool) $config['jab_verify_peer']);
+ $jab_verify_peer_name = request_var('jab_verify_peer_name', (bool) $config['jab_verify_peer_name']);
+ $jab_allow_self_signed = request_var('jab_allow_self_signed', (bool) $config['jab_allow_self_signed']);
$form_name = 'acp_jabber';
add_form_key($form_name);
@@ -76,7 +79,7 @@ class acp_jabber
// Is this feature enabled? Then try to establish a connection
if ($jab_enable)
{
- $jabber = new jabber($jab_host, $jab_port, $jab_username, $jab_password, $jab_use_ssl);
+ $jabber = new jabber($jab_host, $jab_port, $jab_username, $jab_password, $jab_use_ssl, $jab_verify_peer, $jab_verify_peer_name, $jab_allow_self_signed);
if (!$jabber->connect())
{
@@ -116,6 +119,9 @@ class acp_jabber
}
set_config('jab_package_size', $jab_package_size);
set_config('jab_use_ssl', $jab_use_ssl);
+ set_config('jab_verify_peer', $jab_verify_peer);
+ set_config('jab_verify_peer_name', $jab_verify_peer_name);
+ set_config('jab_allow_self_signed', $jab_allow_self_signed);
add_log('admin', 'LOG_' . $log);
trigger_error($message . adm_back_link($this->u_action));
@@ -131,6 +137,9 @@ class acp_jabber
'JAB_PASSWORD' => $jab_password !== '' ? '********' : '',
'JAB_PACKAGE_SIZE' => $jab_package_size,
'JAB_USE_SSL' => $jab_use_ssl,
+ 'JAB_VERIFY_PEER' => $jab_verify_peer,
+ 'JAB_VERIFY_PEER_NAME' => $jab_verify_peer_name,
+ 'JAB_ALLOW_SELF_SIGNED' => $jab_allow_self_signed,
'S_CAN_USE_SSL' => jabber::can_use_ssl(),
'S_GTALK_NOTE' => (!@function_exists('dns_get_record')) ? true : false,
));
diff --git a/phpBB/includes/functions_jabber.php b/phpBB/includes/functions_jabber.php
index bd2e9e93ac..a4fbc90d57 100644
--- a/phpBB/includes/functions_jabber.php
+++ b/phpBB/includes/functions_jabber.php
@@ -41,6 +41,9 @@ class jabber
var $username;
var $password;
var $use_ssl;
+ var $verify_peer;
+ var $verify_peer_name;
+ var $allow_self_signed;
var $resource = 'functions_jabber.phpbb.php';
var $enable_logging;
@@ -50,7 +53,7 @@ class jabber
/**
*/
- function jabber($server, $port, $username, $password, $use_ssl = false)
+ function jabber($server, $port, $username, $password, $use_ssl = false, $verify_peer = true, $verify_peer_name = true, $allow_self_signed = false)
{
$this->connect_server = ($server) ? $server : 'localhost';
$this->port = ($port) ? $port : 5222;
@@ -71,6 +74,9 @@ class jabber
$this->password = $password;
$this->use_ssl = ($use_ssl && self::can_use_ssl()) ? true : false;
+ $this->verify_peer = $verify_peer;
+ $this->verify_peer_name = $verify_peer_name;
+ $this->allow_self_signed = $allow_self_signed;
// Change port if we use SSL
if ($this->port == 5222 && $this->use_ssl)
@@ -139,7 +145,7 @@ class jabber
$this->session['ssl'] = $this->use_ssl;
- if ($this->open_socket($this->connect_server, $this->port, $this->use_ssl))
+ if ($this->open_socket($this->connect_server, $this->port, $this->use_ssl, $this->verify_peer, $this->verify_peer_name, $this->allow_self_signed))
{
$this->send("<?xml version='1.0' encoding='UTF-8' ?" . ">\n");
$this->send("<stream:stream to='{$this->server}' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>\n");
@@ -227,10 +233,13 @@ class jabber
* @param string $server host to connect to
* @param int $port port number
* @param bool $use_ssl use ssl or not
+ * @param bool $verify_peer verify ssl certificate
+ * @param bool $verify_peer_name verify peer name
+ * @param bool $allow_self_signed allow self-signed ssl certificates
* @access public
* @return bool
*/
- function open_socket($server, $port, $use_ssl = false)
+ function open_socket($server, $port, $use_ssl = false, $verify_peer = true, $verify_peer_name = true, $allow_self_signed = false)
{
if (@function_exists('dns_get_record'))
{
@@ -241,9 +250,23 @@ class jabber
}
}
- $server = $use_ssl ? 'ssl://' . $server : $server;
+ $options = array();
- if ($this->connection = @fsockopen($server, $port, $errorno, $errorstr, $this->timeout))
+ if ($use_ssl)
+ {
+ $remote_socket = 'ssl://' . $server . ':' . $port;
+
+ // Set ssl context options, see http://php.net/manual/en/context.ssl.php
+ $options['ssl'] = array('verify_peer' => $verify_peer, 'verify_peer_name' => $verify_peer_name, 'allow_self_signed' => $allow_self_signed);
+ }
+ else
+ {
+ $remote_socket = $server . ':' . $port;
+ }
+
+ $socket_context = stream_context_create($options);
+
+ if ($this->connection = stream_socket_client($remote_socket, $errorno, $errorstr, $this->timeout, STREAM_CLIENT_CONNECT, $socket_context))
{
socket_set_blocking($this->connection, 0);
socket_set_timeout($this->connection, 60);
diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php
index a6e4cb0679..799b687493 100644
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@@ -625,7 +625,7 @@ class messenger
if (!$use_queue)
{
include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
- $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl']);
+ $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']);
if (!$this->jabber->connect())
{
@@ -800,7 +800,7 @@ class queue
}
include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
- $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl']);
+ $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']);
if (!$this->jabber->connect())
{
generated by cgit v1.2.1 (git 2.21.0) at 2026-05-17 10:02:24 +0000