mod_s2s: Add COMPAT cahin verification code for older LuaSec versions

1 files changed, 11 insertions, 2 deletions

diff --git a/plugins/mod_s2s/mod_s2s.lua b/plugins/mod_s2s/mod_s2s.lua
index 639f464b..1547345d 100644
--- a/plugins/mod_s2s/mod_s2s.lua
+++ b/plugins/mod_s2s/mod_s2s.lua
@@ -15,6 +15,7 @@ local core_process_stanza = prosody.core_process_stanza;
 local tostring, type = tostring, type;
 local t_insert = table.insert;
 local xpcall, traceback = xpcall, debug.traceback;
+local NULL = {};
 
 local add_task = require "util.timer".add_task;
 local st = require "util.stanza";
@@ -226,11 +227,19 @@ local function check_cert_status(session)
 	end
 
 	if cert then
-		local chain_valid, errors = conn:getpeerverification()
+		local chain_valid, errors;
+		if conn.getpeerverification then
+			chain_valid, errors = conn:getpeerverification();
+		elseif conn.getpeerchainvalid then -- COMPAT mw/luasec-hg
+			chain_valid, errors = conn:getpeerchainvalid();
+			errors = (not chain_valid) and { { errors } } or nil;
+		else
+			chain_valid, errors = false, { { "Chain verification not supported by this version of LuaSec" } };
+		end
 		-- Is there any interest in printing out all/the number of errors here?
 		if not chain_valid then
 			(session.log or log)("debug", "certificate chain validation result: invalid");
-			for depth, t in ipairs(errors) do
+			for depth, t in ipairs(errors or NULL) do
 				(session.log or log)("debug", "certificate error(s) at depth %d: %s", depth-1, table.concat(t, ", "))
 			end
 			session.cert_chain_status = "invalid";