Software `/` code `/` prosody

--- a/doc/doap.xml	Thu Jan 11 07:53:06 2024 +0100
+++ b/doc/doap.xml	Thu Jan 11 07:54:11 2024 +0100
@@ -67,6 +67,7 @@
     <implements rdf:resource="https://datatracker.ietf.org/doc/draft-cridland-xmpp-session/">
       <!-- since=0.6.0 note=Added in hg:0bbbc9042361 -->
     </implements>
+    <implements rdf:resource="https://datatracker.ietf.org/doc/draft-ietf-dance-client-auth"/>
     <implements rdf:resource="http://www.unicode.org/reports/tr39/"/>
     <implements>
       <xmpp:SupportedXep>
--- a/plugins/mod_s2s_auth_dane_in.lua	Thu Jan 11 07:53:06 2024 +0100
+++ b/plugins/mod_s2s_auth_dane_in.lua	Thu Jan 11 07:54:11 2024 +0100
@@ -24,6 +24,11 @@
 	return r;
 end

+local function ensure_nonempty(r)
+	assert(r[1], "empty");
+	return r;
+end
+
 local function flatten(a)
 	local seen = {};
 	local ret = {};
@@ -90,10 +95,12 @@
 		return promise.all(tlsas):next(flatten);
 	end

-	local ret = async.wait_for(promise.all({
-		resolver:lookup_promise("_xmpps-server._tcp." .. dns_domain, "SRV"):next(ensure_secure):next(fetch_tlsa);
-		resolver:lookup_promise("_xmpp-server._tcp." .. dns_domain, "SRV"):next(ensure_secure):next(fetch_tlsa);
-	}):next(flatten));
+	local ret = async.wait_for(resolver:lookup_promise("_xmpp-server." .. dns_domain, "TLSA"):next(ensure_secure):next(ensure_nonempty):catch(function()
+		return promise.all({
+			resolver:lookup_promise("_xmpps-server._tcp." .. dns_domain, "SRV"):next(ensure_secure):next(fetch_tlsa);
+			resolver:lookup_promise("_xmpp-server._tcp." .. dns_domain, "SRV"):next(ensure_secure):next(fetch_tlsa);
+		}):next(flatten);
+	end));

 	if not ret then
 		return