changeset 1361:b9213ddb860f

mod_s2s_auth_dnssec_srv: Don't break DANE
author Kim Alvefur <zash@zash.se>
date Wed, 19 Mar 2014 19:39:03 +0100
parents 6ee395396333
children 920ac9a8480b
files mod_s2s_auth_dnssec_srv/mod_s2s_auth_dnssec_srv.lua
diffstat 1 files changed, 1 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/mod_s2s_auth_dnssec_srv/mod_s2s_auth_dnssec_srv.lua	Wed Mar 19 19:19:46 2014 +0100
+++ b/mod_s2s_auth_dnssec_srv/mod_s2s_auth_dnssec_srv.lua	Wed Mar 19 19:39:03 2014 +0100
@@ -43,6 +43,7 @@
 		local name = to_ascii(host_session.from_host);
 		if not name then return end
 		dns_lookup(function (answer)
+			if host_session.dane ~= nil then return end
 			if not answer.secure or #answer == 1
 				and answer[1].srv.target == "." then return end
 			local srv_hosts = { answer = answer };