aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_s2s_auth_dane_in.lua
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/mod_s2s_auth_dane_in.lua')
-rw-r--r--plugins/mod_s2s_auth_dane_in.lua15
1 files changed, 11 insertions, 4 deletions
diff --git a/plugins/mod_s2s_auth_dane_in.lua b/plugins/mod_s2s_auth_dane_in.lua
index 26df0de9..9167e8a9 100644
--- a/plugins/mod_s2s_auth_dane_in.lua
+++ b/plugins/mod_s2s_auth_dane_in.lua
@@ -24,6 +24,11 @@ local function ensure_secure(r)
return r;
end
+local function ensure_nonempty(r)
+ assert(r[1], "empty");
+ return r;
+end
+
local function flatten(a)
local seen = {};
local ret = {};
@@ -90,10 +95,12 @@ module:hook("s2s-check-certificate", function(event)
return promise.all(tlsas):next(flatten);
end
- local ret = async.wait_for(promise.all({
- resolver:lookup_promise("_xmpps-server._tcp." .. dns_domain, "SRV"):next(ensure_secure):next(fetch_tlsa);
- resolver:lookup_promise("_xmpp-server._tcp." .. dns_domain, "SRV"):next(ensure_secure):next(fetch_tlsa);
- }):next(flatten));
+ local ret = async.wait_for(resolver:lookup_promise("_xmpp-server." .. dns_domain, "TLSA"):next(ensure_secure):next(ensure_nonempty):catch(function()
+ return promise.all({
+ resolver:lookup_promise("_xmpps-server._tcp." .. dns_domain, "SRV"):next(ensure_secure):next(fetch_tlsa);
+ resolver:lookup_promise("_xmpp-server._tcp." .. dns_domain, "SRV"):next(ensure_secure):next(fetch_tlsa);
+ }):next(flatten);
+ end));
if not ret then
return
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-04 06:51:02 +0000