Mercurial > prosody-modules
comparison mod_s2s_auth_dane/mod_s2s_auth_dane.lua @ 1410:f4e497a53c6e
mod_s2s_auth_dane: Change how TLSA support is detected
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 07 May 2014 17:08:47 +0200 |
| parents | 151aa00559d1 |
| children | 8626abe100e2 |
comparison
equal
deleted
inserted
replaced
| 1409:151aa00559d1 | 1410:f4e497a53c6e |
|---|---|
| 26 local idna_to_unicode = require"util.encodings".idna.to_unicode; | 26 local idna_to_unicode = require"util.encodings".idna.to_unicode; |
| 27 local nameprep = require"util.encodings".stringprep.nameprep; | 27 local nameprep = require"util.encodings".stringprep.nameprep; |
| 28 local cert_verify_identity = require "util.x509".verify_identity; | 28 local cert_verify_identity = require "util.x509".verify_identity; |
| 29 local pem2der = require"util.x509".pem2der; | 29 local pem2der = require"util.x509".pem2der; |
| 30 | 30 |
| 31 if not dns_lookup.types or not dns_lookup.types.TLSA then | 31 do |
| 32 module:log("error", "No TLSA support available, DANE will not be supported"); | 32 local net_dns = require"net.dns"; |
| 33 return | 33 if not net_dns.types or not net_dns.types[52] then |
| 34 module:log("error", "No TLSA support available, DANE will not be supported"); | |
| 35 return | |
| 36 end | |
| 34 end | 37 end |
| 35 | 38 |
| 36 local use_map = { ["DANE-EE"] = 3; ["DANE-TA"] = 2; ["PKIX-EE"] = 1; ["PKIX-CA"] = 0 } | 39 local use_map = { ["DANE-EE"] = 3; ["DANE-TA"] = 2; ["PKIX-EE"] = 1; ["PKIX-CA"] = 0 } |
| 37 | 40 |
| 38 local implemented_uses = set.new { "DANE-EE", "PKIX-EE" }; | 41 local implemented_uses = set.new { "DANE-EE", "PKIX-EE" }; |