Mercurial > prosody-modules

comparison mod_s2s_auth_dane/mod_s2s_auth_dane.lua @ 1350:cda335db2cbb

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_s2s_auth_dane: Bogus replies should have no RRdata
author Kim Alvefur <zash@zash.se>
date Fri, 14 Mar 2014 14:30:33 +0100
parents 350e903b14ff
children a052740bbf48
comparison
equal deleted inserted replaced
1349:350e903b14ff 1350:cda335db2cbb
25 local base64 = require"util.encodings".base64; 25 local base64 = require"util.encodings".base64;
26 local idna_to_ascii = require "util.encodings".idna.to_ascii; 26 local idna_to_ascii = require "util.encodings".idna.to_ascii;
27 27
28 local s2sout = module:depends"s2s".route_to_new_session.s2sout; 28 local s2sout = module:depends"s2s".route_to_new_session.s2sout;
29 29
30 local bogus = {};
31
32 local pat = "%-%-%-%-%-BEGIN ([A-Z ]+)%-%-%-%-%-\r?\n".. 30 local pat = "%-%-%-%-%-BEGIN ([A-Z ]+)%-%-%-%-%-\r?\n"..
33 "([0-9A-Za-z=+/\r\n]*)\r?\n%-%-%-%-%-END %1%-%-%-%-%-"; 31 "([0-9A-Za-z=+/\r\n]*)\r?\n%-%-%-%-%-END %1%-%-%-%-%-";
34 local function pem2der(pem) 32 local function pem2der(pem)
35 local typ, data = pem:match(pat); 33 local typ, data = pem:match(pat);
36 if typ and data then 34 if typ and data then
46 local function dane_lookup(host_session, name, cb, a,b,c) 44 local function dane_lookup(host_session, name, cb, a,b,c)
47 if host_session.dane ~= nil then return false; end 45 if host_session.dane ~= nil then return false; end
48 local ascii_host = name and idna_to_ascii(name); 46 local ascii_host = name and idna_to_ascii(name);
49 if not ascii_host then return false; end 47 if not ascii_host then return false; end
50 host_session.dane = dns_lookup(function(answer) 48 host_session.dane = dns_lookup(function(answer)
51 if answer and (answer.secure and #answer > 0) then 49 if answer and (answer.secure and #answer > 0) or answer.bogus then
52 host_session.dane = answer; 50 host_session.dane = answer;
53 elseif answer.bogus then
54 host_session.dane = bogus;
55 else 51 else
56 host_session.dane = false; 52 host_session.dane = false;
57 end 53 end
58 if cb then return cb(a,b,c); end 54 if cb then return cb(a,b,c); end
59 end, ("_xmpp-server.%s."):format(ascii_host), "TLSA"); 55 end, ("_xmpp-server.%s."):format(ascii_host), "TLSA");