changeset 1962:2f32196586bb

mod_s2s_auth_dane: Keep DANE response around after the connection is established to aid in debugging
author Kim Alvefur <zash@zash.se>
date Thu, 10 Dec 2015 23:24:11 +0100
parents 6979ee1db9f8
children 98d757dc0771
files mod_s2s_auth_dane/mod_s2s_auth_dane.lua
diffstat 1 files changed, 2 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Thu Dec 10 23:23:07 2015 +0100
+++ b/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Thu Dec 10 23:24:11 2015 +0100
@@ -225,7 +225,6 @@
 			return false;
 		end
 		-- Cleanup
-		session.dane = nil;
 		session.srv_hosts = nil;
 	end);
 end
@@ -290,6 +289,7 @@
 							session.cert_chain_status = "valid";
 						end
 						match_found = true;
+						dane.matching = tlsa;
 						break;
 					end
 				-- DANE-TA or PKIX-CA
@@ -319,6 +319,7 @@
 								end
 							end
 							match_found = true;
+							dane.matching = tlsa;
 							break;
 						end
 					end