Comparison

mod_s2s_auth_dane/mod_s2s_auth_dane.lua @ 1367:103d685e2153

mod_s2s_auth_dane: Pause s2sin while doing SRV and TLSA lookups, fixes race condition (Can haz util.async plz)
author Kim Alvefur <zash@zash.se>
date Thu, 20 Mar 2014 15:31:15 +0100
parent 1362:920ac9a8480b
child 1368:5724008bbdb1
comparison
equal deleted inserted replaced
1366:f581210093a7 1367:103d685e2153
106 end 106 end
107 107
108 function module.add_host(module) 108 function module.add_host(module)
109 module:hook("s2s-stream-features", function(event) 109 module:hook("s2s-stream-features", function(event)
110 -- dane_lookup(origin, origin.from_host); 110 -- dane_lookup(origin, origin.from_host);
111 dane_lookup(event.origin); 111 local host_session = event.origin;
112 end, 1); 112 host_session.log("debug", "Pausing connection until DANE lookup is completed");
113 host_session.conn:pause()
114 local function resume()
115 module:log("eebug", "Resuming connection");
116 host_session.conn:resume()
117 end
118 if not dane_lookup(host_session, resume) then
119 resume();
120 end
121 end, 10);
113 122
114 module:hook("s2s-authenticated", function(event) 123 module:hook("s2s-authenticated", function(event)
115 local session = event.session; 124 local session = event.session;
116 if session.dane and not session.secure then 125 if session.dane and not session.secure then
117 -- TLSA record but no TLS, not ok. 126 -- TLSA record but no TLS, not ok.