- retval = verify_tlsa_record(resolver, "_%d._tcp.%s" % (port, host), connection.getpeercert(binary_form=True))
+ if args.use6:
+ afamilies = [AF_INET6]
+ elif args.use4:
+ afamilies = [AF_INET6]
+ else:
+ afamilies = [AF_INET, AF_INET6]
+
+ retval = 0
+ for afamily in afamilies:
+ try:
+ connection = init_connection(sslcontext, args, afamily)
+ except ConnectionRefusedError:
+ logging.error("Connection refused")
+ return 2
+
+ nretval = verify_certificate(connection.getpeercert(), args)
+ retval = max(retval, nretval)
+ nretval = verify_tlsa_record(resolver, "_%d._tcp.%s" % (port, host),
+ connection.getpeercert(binary_form=True))
+ retval = max(retval, nretval)
+
+ close_connection(connection)