changeset 1354:93158d5758f3

mod_s2s_auth_dane: Skip TLSA lookups if SRV is insecure
author Kim Alvefur <zash@zash.se>
date Tue, 18 Mar 2014 15:54:08 +0100
parents a17c2c4043e5
children 7f68d950bdd6
files mod_s2s_auth_dane/mod_s2s_auth_dane.lua
diffstat 1 files changed, 4 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Tue Mar 18 15:36:23 2014 +0100
+++ b/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Tue Mar 18 15:54:08 2014 +0100
@@ -48,7 +48,10 @@
 		local name = idna_to_ascii(host_session.from_host);
 		if not name then return end
 		local handle = dns_lookup(function (answer)
-			if not answer.secure then return end
+			if not answer.secure then
+				if cb then return cb(a,b,c,e); end
+				return;
+			end
 			if #answer == 1 and answer[1].srv.target == '.' then return end
 			local srv_hosts = { answer = answer };
 			local dane = {};