Mercurial > prosody-modules
diff mod_s2s_auth_dane/mod_s2s_auth_dane.lua @ 1431:33a796b2cb91
mod_s2s_auth_dane: Cache logger to save some table lookups and improve readability
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Wed, 11 Jun 2014 12:50:57 +0200 |
parents | 8791fa8a18c8 |
children | 1caf971a2f0f |
line wrap: on
line diff
--- a/mod_s2s_auth_dane/mod_s2s_auth_dane.lua Thu Jun 05 17:13:38 2014 -0400 +++ b/mod_s2s_auth_dane/mod_s2s_auth_dane.lua Wed Jun 11 12:50:57 2014 +0200 @@ -176,6 +176,7 @@ module:hook("s2s-check-certificate", function(event) local session, cert = event.session, event.cert; + local log = session.log or module._log; local dane = session.dane; if type(dane) == "table" then local use, tlsa, match_found, supported_found, chain, leafcert, cacert, is_match; @@ -193,7 +194,7 @@ supported_found = true; end if is_match then - (session.log or module._log)("info", "DANE validation successful"); + log("info", "DANE validation successful"); session.cert_identity_status = "valid"; if use == 3 then -- DANE-EE, chain status equals DNSSEC chain status session.cert_chain_status = "valid"; @@ -218,7 +219,7 @@ break; end if is_match then - (session.log or module._log)("info", "DANE validation successful"); + log("info", "DANE validation successful"); if use == 2 then -- DANE-TA session.cert_identity_status = "valid"; session.cert_chain_status = "valid"; @@ -234,7 +235,7 @@ end if supported_found and not match_found or dane.bogus then -- No TLSA matched or response was bogus - (session.log or module._log)("warn", "DANE validation failed"); + log("warn", "DANE validation failed"); session.cert_identity_status = "invalid"; session.cert_chain_status = "invalid"; end @@ -244,10 +245,10 @@ local srv_hosts, srv_choice, srv_target = session.srv_hosts, session.srv_choice; for i = srv_choice or 1, srv_choice or #srv_hosts do srv_target = session.srv_hosts[i].target:gsub("%.?$",""); - (session.log or module._log)("debug", "Comparing certificate with Secure SRV target %s", srv_target); + log("debug", "Comparing certificate with Secure SRV target %s", srv_target); srv_target = nameprep(idna_to_unicode()); if srv_target and cert_verify_identity(srv_target, "xmpp-server", cert) then - (session.log or module._log)("info", "Certificate matches Secure SRV target %s", srv_target); + log("info", "Certificate matches Secure SRV target %s", srv_target); session.cert_identity_status = "valid"; return; end