diff options
-rw-r--r-- | CHANGES | 1 | ||||
-rw-r--r-- | net/resolvers/basic.lua | 27 |
2 files changed, 27 insertions, 1 deletions
@@ -17,6 +17,7 @@ TRUNK - `daemonize` option deprecated - SASL DIGEST-MD5 removed - Switch to libunbound for DNS queries +- DANE Support - mod_external_services (XEP-0215) - util.error for encapsulating errors - MUC: support for XEP-0421 occupant identifiers diff --git a/net/resolvers/basic.lua b/net/resolvers/basic.lua index a00fbce1..2153a641 100644 --- a/net/resolvers/basic.lua +++ b/net/resolvers/basic.lua @@ -28,12 +28,23 @@ function methods:next(cb) return; end + local secure = true; + local tlsa = {}; local targets = {}; - local n = 2; + local n = 3; local function ready() n = n - 1; if n > 0 then return; end self.targets = targets; + if self.extra and self.extra.use_dane then + if secure then + self.extra.tlsa = tlsa; + self.extra.dane_hostname = self.hostname; + else + self.extra.tlsa = nil; + self.extra.dane_hostname = nil; + end + end self:next(cb); end @@ -43,6 +54,7 @@ function methods:next(cb) if not self.extra or self.extra.use_ipv4 ~= false then dns_resolver:lookup(function (answer) if answer then + secure = secure and answer.secure; for _, record in ipairs(answer) do table.insert(targets, { self.conn_type.."4", record.a, self.port, self.extra }); end @@ -56,12 +68,25 @@ function methods:next(cb) if not self.extra or self.extra.use_ipv6 ~= false then dns_resolver:lookup(function (answer) if answer then + secure = secure and answer.secure; for _, record in ipairs(answer) do table.insert(targets, { self.conn_type.."6", record.aaaa, self.port, self.extra }); end end ready(); end, self.hostname, "AAAA", "IN"); + end + + if self.extra and self.extra.use_dane == true then + dns_resolver:lookup(function (answer) + if answer then + secure = secure and answer.secure; + for _, record in ipairs(answer) do + table.insert(tlsa, record.tlsa); + end + end + ready(); + end, ("_%d._tcp.%s"):format(self.port, self.hostname), "TLSA", "IN"); else ready(); end |