From 360eda6cd3551f5023c7f5c0d5100bf8b6320f69 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Sun, 18 Jul 2021 21:57:24 +0200
Subject: Revert 926d53af9a7a: Restore DANE support

Previous commit adds a workaround, so this doesn't mutate global state
anymore, only per-connection 'extra' state as originally intended.
---
 CHANGES                 | 1 +
 net/resolvers/basic.lua | 9 +++++----
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/CHANGES b/CHANGES
index 13ea4778..5a1f7d9b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -17,6 +17,7 @@ TRUNK
 -   `daemonize` option deprecated
 -   SASL DIGEST-MD5 removed
 -   Switch to libunbound for DNS queries
+-   DANE Support (low-level network layer)
 -   mod_external_services (generic XEP-0215)
 -   mod_turn_external for easy STUN+TURN XEP-0215 setup
 -   util.error for encapsulating errors
diff --git a/net/resolvers/basic.lua b/net/resolvers/basic.lua
index 3c0e69f5..34f1e1c7 100644
--- a/net/resolvers/basic.lua
+++ b/net/resolvers/basic.lua
@@ -36,14 +36,15 @@ function methods:next(cb)
 		n = n - 1;
 		if n > 0 then return; end
 		self.targets = targets;
-		--[[
-		-- TODO stash tlsa somewhere per connection
-		-- FIXME 'extra' here is not per connection
 		if self.extra and self.extra.use_dane then
 			if secure and tlsa[1] then
+				self.extra.tlsa = tlsa;
+				self.extra.dane_hostname = self.hostname;
+			else
+				self.extra.tlsa = nil;
+				self.extra.dane_hostname = nil;
 			end
 		end
-		--]]
 		self:next(cb);
 	end
 
-- 
cgit v1.2.3