changeset 1415:8791fa8a18c8

mod_s2s_auth_dane: Fix potential traceback in logging if SRV target fails nameprep
author Kim Alvefur <zash@zash.se>
date Mon, 19 May 2014 17:00:12 +0200
parents 48141957f719
children 7ddb522d9b28
files mod_s2s_auth_dane/mod_s2s_auth_dane.lua
diffstat 1 files changed, 2 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Mon May 19 16:28:43 2014 +0200
+++ b/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Mon May 19 17:00:12 2014 +0200
@@ -243,8 +243,9 @@
 		and session.srv_hosts and session.srv_hosts.answer and session.srv_hosts.answer.secure then
 			local srv_hosts, srv_choice, srv_target = session.srv_hosts, session.srv_choice;
 			for i = srv_choice or 1, srv_choice or #srv_hosts do
-				srv_target = nameprep(idna_to_unicode(session.srv_hosts[i].target:gsub("%.?$","")));
+				srv_target = session.srv_hosts[i].target:gsub("%.?$","");
 				(session.log or module._log)("debug", "Comparing certificate with Secure SRV target %s", srv_target);
+				srv_target = nameprep(idna_to_unicode());
 				if srv_target and cert_verify_identity(srv_target, "xmpp-server", cert) then
 					(session.log or module._log)("info", "Certificate matches Secure SRV target %s", srv_target);
 					session.cert_identity_status = "valid";