Software `/` code `/` prosody

Comparison

plugins/mod_s2s.lua @ 13253:68d540df46b8

mod_s2s: Fix reporting of DANE mismatch Thought it was a case mismatch at first, fixed that, but it changed nothing because the error was in the leaf part of the errors, not the chain part.

author	Kim Alvefur <zash@zash.se>
date	Sat, 05 Aug 2023 20:41:24 +0200
parent	13213:50324f66ca2a
child	13298:b7c08f32112c

comparison

equal deleted inserted replaced

-:84c7779618b6
+:68d540df46b8
 			local cert_errors = set.new(session.cert_chain_errors[1]);
 			if cert_errors:contains("certificate has expired") then
 				return "has expired";
 			elseif cert_errors:contains("self signed certificate") then
 				return "is self-signed";
+			elseif cert_errors:contains("no matching DANE TLSA records") then
+				return "does not match any DANE TLSA records";
 			end
 			local chain_errors = set.new(session.cert_chain_errors[2]);
 			for i, e in pairs(session.cert_chain_errors) do
 				if i > 2 then chain_errors:add_list(e); end
 			end
 			if chain_errors:contains("certificate has expired") then
 				return "has an expired certificate chain";
-			elseif chain_errors:contains("No matching DANE TLSA records") then
+			elseif chain_errors:contains("no matching DANE TLSA records") then
 				return "does not match any DANE TLSA records";
 			end
 		end
 		return "is not trusted"; -- for some other reason
 	elseif session.cert_identity_status == "invalid" then

prosody

68d540df46b8

plugins/mod_s2s.lua

Software / code / prosody

Comparison

plugins/mod_s2s.lua @ 13253:68d540df46b8

Software `/` code `/` prosody