# HG changeset patch # User Kim Alvefur # Date 1449786187 -3600 # Node ID 6979ee1db9f83ecc9d548246e49382e0e6779ccf # Parent 5f68a892872206ca65bcb63837554837a9e99845 mod_s2s_auth_dane: Some more verbose debug logging diff -r 5f68a8928722 -r 6979ee1db9f8 mod_s2s_auth_dane/mod_s2s_auth_dane.lua --- a/mod_s2s_auth_dane/mod_s2s_auth_dane.lua Thu Dec 10 23:20:46 2015 +0100 +++ b/mod_s2s_auth_dane/mod_s2s_auth_dane.lua Thu Dec 10 23:23:07 2015 +0100 @@ -112,6 +112,7 @@ for _, record in ipairs(answer) do t_insert(srv_hosts, record.srv); dns_lookup(function(dane_answer) + host_session.log("debug", "Got answer for %s:%d", record.srv.target, record.srv.port); n = n - 1; -- There are three kinds of answers -- Insecure, Secure and Bogus @@ -129,10 +130,13 @@ if (dane_answer.bogus or dane_answer.secure) and not dane then -- The first answer we care about -- For services with only one SRV record, this will be the only one + host_session.log("debug", "First secure (or bogus) TLSA") dane = dane_answer; elseif dane_answer.bogus then + host_session.log("debug", "Got additional bogus TLSA") dane.bogus = dane_answer.bogus; elseif dane_answer.secure then + host_session.log("debug", "Got additional secure TLSA") for _, dane_record in ipairs(dane_answer) do t_insert(dane, dane_record); end