Software /
code /
prosody-modules
Comparison
mod_s2s_auth_dane/mod_s2s_auth_dane.lua @ 1367:103d685e2153
mod_s2s_auth_dane: Pause s2sin while doing SRV and TLSA lookups, fixes race condition (Can haz util.async plz)
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 20 Mar 2014 15:31:15 +0100 |
parent | 1362:920ac9a8480b |
child | 1368:5724008bbdb1 |
comparison
equal
deleted
inserted
replaced
1366:f581210093a7 | 1367:103d685e2153 |
---|---|
106 end | 106 end |
107 | 107 |
108 function module.add_host(module) | 108 function module.add_host(module) |
109 module:hook("s2s-stream-features", function(event) | 109 module:hook("s2s-stream-features", function(event) |
110 -- dane_lookup(origin, origin.from_host); | 110 -- dane_lookup(origin, origin.from_host); |
111 dane_lookup(event.origin); | 111 local host_session = event.origin; |
112 end, 1); | 112 host_session.log("debug", "Pausing connection until DANE lookup is completed"); |
113 host_session.conn:pause() | |
114 local function resume() | |
115 module:log("eebug", "Resuming connection"); | |
116 host_session.conn:resume() | |
117 end | |
118 if not dane_lookup(host_session, resume) then | |
119 resume(); | |
120 end | |
121 end, 10); | |
113 | 122 |
114 module:hook("s2s-authenticated", function(event) | 123 module:hook("s2s-authenticated", function(event) |
115 local session = event.session; | 124 local session = event.session; |
116 if session.dane and not session.secure then | 125 if session.dane and not session.secure then |
117 -- TLSA record but no TLS, not ok. | 126 -- TLSA record but no TLS, not ok. |