Mercurial > prosody-modules
comparison mod_s2s_auth_dane/mod_s2s_auth_dane.lua @ 1359:74769c0c79f8
mod_s2s_auth_dane: Verify that the SRV is secure
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 19 Mar 2014 14:33:10 +0100 |
| parents | 497e1df4b7ee |
| children | 920ac9a8480b |
comparison
equal
deleted
inserted
replaced
| 1358:497e1df4b7ee | 1359:74769c0c79f8 |
|---|---|
| 79 end, ("_%d._tcp.%s."):format(record.srv.port, record.srv.target), "TLSA"); | 79 end, ("_%d._tcp.%s."):format(record.srv.port, record.srv.target), "TLSA"); |
| 80 end | 80 end |
| 81 end, "_xmpp-server._tcp."..name..".", "SRV"); | 81 end, "_xmpp-server._tcp."..name..".", "SRV"); |
| 82 return true; | 82 return true; |
| 83 elseif host_session.direction == "outgoing" then | 83 elseif host_session.direction == "outgoing" then |
| 84 if not host_session.srv_hosts then return end | 84 local srv_hosts = host_session.srv_hosts; |
| 85 local srv_choice = host_session.srv_hosts[host_session.srv_choice]; | 85 if not ( srv_hosts and srv_hosts.answer and srv_hosts.answer.secure ) then return end |
| 86 local srv_choice = srv_hosts[host_session.srv_choice]; | |
| 86 host_session.dane = dns_lookup(function(answer) | 87 host_session.dane = dns_lookup(function(answer) |
| 87 if answer and (answer.secure and #answer > 0) or answer.bogus then | 88 if answer and (answer.secure and #answer > 0) or answer.bogus then |
| 88 srv_choice.dane = answer; | 89 srv_choice.dane = answer; |
| 89 else | 90 else |
| 90 srv_choice.dane = false; | 91 srv_choice.dane = false; |