Software / code / prosody-modules
Changeset
1674:7f4c64cfed09
mod_s2s_auth_dane: Abort earlier for sessions from hosts that don't say who they are
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 13 Apr 2015 13:36:38 +0200 |
| parents | 1673:aac5e56615ce |
| children | 1675:116488cced16 |
| files | mod_s2s_auth_dane/mod_s2s_auth_dane.lua |
| diffstat | 1 files changed, 4 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_s2s_auth_dane/mod_s2s_auth_dane.lua Mon Apr 13 13:35:37 2015 +0200 +++ b/mod_s2s_auth_dane/mod_s2s_auth_dane.lua Mon Apr 13 13:36:38 2015 +0200 @@ -68,6 +68,10 @@ if host_session.dane ~= nil then return end -- Has already done a lookup if host_session.direction == "incoming" then + if not host_session.from_host then + module:log("debug", "Session doesn't have a 'from' host set"); + return; + end -- We don't know what hostname or port to use for Incoming connections -- so we do a SRV lookup and then request TLSA records for each SRV -- Most servers will probably use the same certificate on outgoing
