}
else if (dane_required)
{
- /* Hmm - what lookup, precisely? */
/*XXX a shame we only find this after making tcp & smtp connection */
+ /* move the test earlier? */
log_write(0, LOG_MAIN, "DANE error: previous lookup not DNSSEC");
return FAIL;
}
if (dane)
{
if (!DANESSL_library_init())
- return tls_error(US"library init", host, US"DANE library error");
+ return tls_error(US"library init", host, NULL);
if (DANESSL_CTX_init(client_ctx) <= 0)
- return tls_error(US"context init", host, US"DANE library error");
+ return tls_error(US"context init", host, NULL);
}
else
uschar * hostnames[2] = { host->name, NULL };
if (DANESSL_init(client_ssl, NULL, hostnames) != 1)
- return tls_error(US"hostnames load", host, US"DANE library error");
+ return tls_error(US"hostnames load", host, NULL);
for (rr = dns_next_rr(&tlsa_dnsa, &dnss, RESET_ANSWERS);
rr;
mdname, p, rr->size - (p - rr->data)))
{
default:
- case 0: /* action not taken; log error */
- return FAIL;
+ case 0: /* action not taken */
+ return tls_error(US"tlsa load", host, NULL);
case 1: break;
}
}