mod_s2s: Fix traceback due to type confusion (Thanks Menel)

The code assumed a 2-d sparse array but it could also be a string.
author: Kim Alvefur <zash@zash.se> 2024-08-26 19:21:03 +0200
committer: Kim Alvefur <zash@zash.se> 2024-08-26 19:21:03 +0200
commit: 8362c4824ed6469ca89c187a1df654d10777d270 (patch)
tree: dfe223b09224e040f77b3718bfec611d81b8cee5 /plugins
parent: df1e43d1ad0963e416cc7423e58b4e8015f72b13 (diff)
download: prosody-8362c4824ed6469ca89c187a1df654d10777d270.tar.gz
prosody-8362c4824ed6469ca89c187a1df654d10777d270.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/plugins/mod_s2s.lua b/plugins/mod_s2s.lua
index 660b5828..04fd5bc3 100644
--- a/plugins/mod_s2s.lua
+++ b/plugins/mod_s2s.lua
@@ -986,7 +986,7 @@ end
 -- Complete the sentence "Your certificate " with what's wrong
 local function friendly_cert_error(session) --> string
 	if session.cert_chain_status == "invalid" then
-		if session.cert_chain_errors then
+		if type(session.cert_chain_errors) == "table" then
 			local cert_errors = set.new(session.cert_chain_errors[1]);
 			if cert_errors:contains("certificate has expired") then
 				return "has expired";
@@ -1006,6 +1006,7 @@ local function friendly_cert_error(session) --> string
 				return "does not match any DANE TLSA records";
 			end
 		end
+		-- TODO cert_chain_errors can be a string, handle that
 		return "is not trusted"; -- for some other reason
 	elseif session.cert_identity_status == "invalid" then
 		return "is not valid for this name";
author	Kim Alvefur <zash@zash.se>	2024-08-26 19:21:03 +0200
committer	Kim Alvefur <zash@zash.se>	2024-08-26 19:21:03 +0200
commit	8362c4824ed6469ca89c187a1df654d10777d270 (patch)
tree	dfe223b09224e040f77b3718bfec611d81b8cee5 /plugins
parent	df1e43d1ad0963e416cc7423e58b4e8015f72b13 (diff)
download	prosody-8362c4824ed6469ca89c187a1df654d10777d270.tar.gz prosody-8362c4824ed6469ca89c187a1df654d10777d270.zip