aboutsummaryrefslogtreecommitdiffstats
path: root/net/resolvers
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2021-07-18 23:25:45 +0200
committerKim Alvefur <zash@zash.se>2021-07-18 23:25:45 +0200
commit07ef92dbd8e01a3ad2f20fc085a7b974ff6bfeb4 (patch)
tree82b60ed8f741c2969140accbe393f25877da09bb /net/resolvers
parent4d26d4cb157143e7a9e4a0418fff9d8841cc9928 (diff)
downloadprosody-07ef92dbd8e01a3ad2f20fc085a7b974ff6bfeb4.tar.gz
prosody-07ef92dbd8e01a3ad2f20fc085a7b974ff6bfeb4.zip
net.resolvers.service: Only do DANE with secure SRV records
If this seems backwards, that' because it is but the API isn't really designed to easily pass along details from each resolution step onto the next.
Diffstat (limited to 'net/resolvers')
-rw-r--r--net/resolvers/service.lua4
1 files changed, 4 insertions, 0 deletions
diff --git a/net/resolvers/service.lua b/net/resolvers/service.lua
index d74adf06..204c8a7f 100644
--- a/net/resolvers/service.lua
+++ b/net/resolvers/service.lua
@@ -50,6 +50,10 @@ function methods:next(cb)
answer = {};
end
if answer then
+ if self.extra and not answer.secure then
+ self.extra.use_dane = false;
+ end
+
if #answer == 0 then
if self.extra and self.extra.default_port then
table.insert(targets, { self.hostname, self.extra.default_port, self.conn_type, self.extra });